CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 121:

    In a situation where data is to be recovered from an attacker's location, which of the following are the FIRST things to capture? (Select TWO).

    A. Removable media
    B. Passwords written on scrap paper
    C. Snapshots of data on the monitor
    D. Documents on the printer
    E. Volatile system memory
    F. System hard drive

  • Question 122:

    There have been several exploits to critical devices within the network. However, there is currently no process to perform vulnerability analysis. Which the following should the security analyst implement during production hours to identify critical threats and vulnerabilities?

    A. asset inventory of all critical devices
    B. Vulnerability scanning frequency that does not interrupt workflow
    C. Daily automated reports of exploited devices
    D. Scanning of all types of data regardless of sensitivity levels

  • Question 123:

    A security manager for a service provider has approved two vendors for connections to the service provider backbone. One vendor will be providing authentication services for its payment card service, and the other vendor will be providing maintenance to the service provider infrastructure sites. Which of the following business agreements is MOST relevant to the vendors and service provider's relationship?

    A. Memorandum of Agreement
    B. Interconnection Security Agreement
    C. Non-Disclosure Agreement
    D. Operating Level Agreement

  • Question 124:

    An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiations, there are a number of outstanding issues, including:

    1.

    Indemnity clauses have identified the maximum liability

    2.

    The data will be hosted and managed outside of the company's geographical location

    The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant on the project, which of the following should the project's security consultant recommend as the NEXT step?

    A. Develop a security exemption, as it does not meet the security policies
    B. Mitigate the risk by asking the vendor to accept the in-country privacy principles
    C. Require the solution owner to accept the identified risks and consequences
    D. Review the entire procurement process to determine the lessons learned

  • Question 125:

    A system owner has requested support from data owners to evaluate options for the disposal of equipment containing sensitive data. Regulatory requirements state the data must be rendered unrecoverable via logical means or physically destroyed. Which of the following factors is the regulation intended to address?

    A. Sovereignty
    B. E-waste
    C. Remanence
    D. Deduplication

  • Question 126:

    A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following:

    ls -l -a /usr/beinz/public; cat ./config/db.yml

    The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:

    system {"ls -l -a #(patch)"}

    Which of the following is an appropriate security control the company should implement?

    A. Restrict directory permission to read-only access.
    B. Use server-side processing to avoid XSS vulnerabilities in path input.
    C. Separate the items in the system call to prevent command injection.
    D. Parameterize a query in the path variable to prevent SQL injection.

  • Question 127:

    A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs, the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?

    A. Segmentation
    B. Firewall whitelisting
    C. Containment
    D. Isolation

  • Question 128:

    Which of the following attacks can be used to exploit a vulnerability that was created by untrained users?

    A. A spear-phishing email with a file attachment
    B. A DoS using IoT devices
    C. An evil twin wireless access point
    D. A domain hijacking of a bank website

  • Question 129:

    A threat analyst notices the following URL while going through the HTTP logs.

    Which of the following attack types is the threat analyst seeing?

    A. SQL injection
    B. CSRF
    C. Session hijacking
    D. XSS

  • Question 130:

    A Chief Information Security Officer (CISO) has launched an initiative to create a rebust BCP/DR plan for the entire company. As part of the initiative, the secunty team must gather data supporting operational importance for the applications

    used by the business and determine the order in which the applications must be brought back online.

    Which of the following should be the FIRST step taken by the team?

    A. Perform a review of all policies and procedures related to BCP and DR and create an educational module that can be assigned to all employees to provide training on BCP/DR events.
    B. Create an SLA for each application that states when the application will come back online and distribute this information to the business units.
    C. Have each business unit conduct a BIA and categorize the applications according to the cumulative data gathered.
    D. Implement replication of all servers and application data to back up datacenters that are geographically dispersed from the central datacenter and release an updated BPA to all clients.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.