CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 141:

    A DevOps team wants to move production data into the QA environment for testing. This data contains credit card numbers and expiration dates that are not tied to any individuals The security analyst wants to reduce risk. Which of the following will lower the risk before moving the data?

    A. Redacting all but the last four numbers of the cards
    B. Hashing the card numbers
    C. Scrambling card and expiration data
    D. Encrypting card and expiration numbers

  • Question 142:

    A company runs a well ttended, on-premises fitness club for its employees, about 200 of them each day. Employees want to sync center's login and attendance program with their smartphones. Human resources, which manages the contract for the fitness center, has asked the security architecture to help draft security and privacy requirements.

    Which of the following would BEST address these privacy concerns?

    A. Use biometric authentication.
    B. Utilize geolocation/geofencing.
    C. Block unauthorized domain bridging.
    D. Implement containerization

  • Question 143:

    A company recently experienced a period of rapid growth, and it now needs to move to a more scalable cloud-based solution. Historically, salespeople have maintained separate systems for information on competing customers to prevent the inadvertent disclosure of one customer's information to another customer.

    Which of the following would be the BEST method to provide secure data separation?

    A. Use a CRM tool to separate data stores
    B. Migrate to a single-tenancy cloud infrastructure.
    C. Employ network segmentation to provide isolation among salespeople
    D. Implement an open-source public cloud CRM

  • Question 144:

    Management is reviewing the results of a recent risk assessment of the organization's policies and procedures. During the risk assessment it is determined that procedures associated with background checks have not been effectively implemented. In response to this risk, the organization elects to revise policies and procedures related to background checks and use a third-party to perform background checks on all new employees.

    Which of the following risk management strategies has the organization employed?

    A. Transfer
    B. Mitigate
    C. Accept
    D. Avoid
    E. Reject

  • Question 145:

    An organization, which handles large volumes of PII, allows mobile devices that can process, store, and transmit PII and other sensitive data to be issued to employees. Security assessors can demonstrate recovery and decryption of remnant sensitive data from device storage after MDM issues a successful wipe command. Assuming availability of the controls, which of the following would BEST protect against the loss of sensitive data in the future?

    A. Implement a container that wraps PII data and stores keying material directly in the container's encrypted application space.
    B. Use encryption keys for sensitive data stored in an eF use-backed memory space that is blown during remote wipe.
    C. Issue devices that employ a stronger algorithm for the authentication of sensitive data stored on them.
    D. Procure devices that remove the bootloader binaries upon receipt of an MDM-issued remote wipe command.

  • Question 146:

    After investigating virus outbreaks that have cost the company $1000 per incident, the company's Chief Information Security Officer (CISO) has been researching new antivirus software solutions to use and be fully supported for the next two years. The CISO has narrowed down the potential solutions to four candidates that meet all the company's performance and capability requirements:

    Using the table above, which of the following would be the BEST business-driven choice among five possible solutions?

    A. Product A
    B. Product B
    C. Product C
    D. Product D
    E. Product E

  • Question 147:

    A large, multinational company currently has two separate databases One is used for ERP while the second is used for CRM To consolidate services and infrastructure, it is proposed to combine the databases The company's compliance manager is asked to review the proposal and is concerned about this integration Which of the following would pose the MOST concern to the compliance manager?

    A. The attack surface of the combined database is lower than the previous separate systems, so there likely are wasted resources on additional security controls that will not be needed
    B. There are specific regulatory requirements the company might be violating by combining these two types of services into one shared platform.
    C. By consolidating services in this manner, there is an increased risk posed to the organization due to the number of resources required to manage the larger data pool.
    D. Auditing the combined database structure will require more short-term resources, as the new system will need to be learned by the auditing team to ensure all security controls are in

  • Question 148:

    Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim's privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?

    A. Integer overflow
    B. Click-jacking
    C. Race condition
    D. SQL injection
    E. Use after free
    F. Input validation

  • Question 149:

    Joe, a penetration tester, is assessing the security of an application binary provided to him by his client. Which of the following methods would be the MOST effective in reaching this objective?

    A. Employ a fuzzing utility
    B. Use a static code analyzer
    C. Run the binary in an application sandbox
    D. Manually review the binary in a text editor

  • Question 150:

    A systems administrator establishes a CIFS share on a UNIX device to share data to Windows systems. The security authentication on the Windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the UNIX share. Which of the following settings on the UNIX server would correct this problem?

    A. Refuse LM and only accept NTLMv2
    B. Accept only LM
    C. Refuse NTLMv2 and accept LM
    D. Accept only NTLM

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.