CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 151:

    During a security assessment, activities were divided into two phases; internal and external exploitation. The security assessment team set a hard time limit on external activities before moving to a compromised box within the enterprise perimeter.

    Which of the following methods is the assessment team most likely to employ NEXT?

    A. Pivoting from the compromised, moving laterally through the enterprise, and trying to exfiltrate data and compromise devices.
    B. Conducting a social engineering attack attempt with the goal of accessing the compromised box physically.
    C. Exfiltrating network scans from the compromised box as a precursor to social media reconnaissance
    D. Open-source intelligence gathering to identify the network perimeter and scope to enable further system compromises.

  • Question 152:

    The marketing department has developed a new marketing campaign involving significant social media outreach. The campaign includes allowing employees and customers to submit blog posts and pictures of their day-to-day experiences at the company. The information security manager has been asked to provide an informative letter to all participants regarding the security risks and how to avoid privacy and operational security issues. Which of the following is the MOST important information to reference in the letter?

    A. After-action reports from prior incidents.
    B. Social engineering techniques
    C. Company policies and employee NDAs
    D. Data classification processes

  • Question 153:

    A security administrator is performing VDI traffic data collection on a virtual server which migrates from one host to another. While reviewing the data collected by the protocol analyzer, the security administrator notices that sensitive data is present in the packet capture. Which of the following should the security administrator recommend to ensure the confidentiality of sensitive information during live VM migration, while minimizing latency issues?

    A. A separate physical interface placed on a private VLAN should be configured for live host operations.
    B. Database record encryption should be used when storing sensitive information on virtual servers.
    C. Full disk encryption should be enabled across the enterprise to ensure the confidentiality of sensitive data.
    D. Sensitive data should be stored on a backend SAN which uses an isolated fiber channel network.

  • Question 154:

    A cybersecurity analyst created the following tables to help determine the maximum budget amount the business can justify spending on an improved email filtering system:

    Which of the following meets the budget needs of the business?

    A. Filter ABC
    B. Filter XYZ
    C. Filter GHI
    D. Filter TUV

  • Question 155:

    A financial services company has proprietary trading algorithms, which were created and are maintained by a team of developers on their private source code repository. If the details of this operation became known to competitors, the company's ability to profit from its trading would disappear immediately. Which of the following would the company MOST likely use to protect its trading algorithms?

    A. Single-tenancy cloud
    B. Managed security service providers
    C. Virtual desktop infrastructure
    D. Cloud security broker

  • Question 156:

    Two new technical SMB security settings have been enforced and have also become policies that increase secure communications.

    Network Client: Digitally sign communication Network Server: Digitally sign communication

    A storage administrator in a remote location with a legacy storage array, which contains time-sensitive data, reports employees can no longer connect to their department shares. Which of the following mitigation strategies should an information security manager recommend to the data owner?

    A. Accept the risk, reverse the settings for the remote location, and have the remote location file a risk exception until the legacy storage device can be upgraded
    B. Accept the risk for the remote location, and reverse the settings indefinitely since the legacy storage device will not be upgraded
    C. Mitigate the risk for the remote location by suggesting a move to a cloud service provider. Have the remote location request an indefinite risk exception for the use of cloud storage
    D. Avoid the risk, leave the settings alone, and decommission the legacy storage device

  • Question 157:

    During a criminal investigation, the prosecutor submitted the original hard drive from the suspect's computer as evidence. The defense objected during the trial proceedings, and the evidence was rejected. Which of the following practices should the prosecutor's forensics team have used to ensure the suspect's data would be admissible as evidence? (Select TWO.)

    A. Follow chain of custody best practices
    B. Create an identical image of the original hard drive, store the original securely, and then perform forensics only on the imaged drive.
    C. Use forensics software on the original hard drive and present generated reports as evidence
    D. Create a tape backup of the original hard drive and present the backup as evidence
    E. Create an exact image of the original hard drive for forensics purposes, and then place the original back in service

  • Question 158:

    A security engineer is assessing a new IoT product. The product interfaces with the ODBII port of a vehicle and uses a Bluetooth connection to relay data to an onboard data logger located in the vehicle. The data logger can only transfer data over a custom USB cable. The engineer suspects a relay attack is possible against the cryptographic implementation used to secure messages between segments of the system. Which of the following tools should the engineer use to confirm the analysis?

    A. Binary decompiler
    B. Wireless protocol analyzer
    C. Log analysis and reduction tools
    D. Network-based fuzzer

  • Question 159:

    The Chief Executive Officer (CEO) of a small start-up company wants to set up offices around the country for the sales staff to generate business. The company needs an effective communication solution to remain in constant contact with each other, while maintaining a secure business environment. A junior-level administrator suggests that the company and the sales staff stay connected via free social media. Which of the following decisions is BEST for the CEO to make?

    A. Social media is an effective solution because it is easily adaptable to new situations.
    B. Social media is an ineffective solution because the policy may not align with the business.
    C. Social media is an effective solution because it implements SSL encryption.
    D. Social media is an ineffective solution because it is not primarily intended for business applications.

  • Question 160:

    A company provides guest WiFi access to the Internet and physically separates the guest network from the company's internal WiFi. Due to a recent incident in which an attacker gained access to the company's internal WiFi, the company

    plans to configure WPA2 Enterprise in an EAP-TLS configuration.

    Which of the following must be installed on authorized hosts for this new configuration to work properly?

    A. Active Directory GPOs
    B. PKI certificates
    C. Host-based firewall
    D. NAC persistent agent

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.