CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 161:

    A medical facility wants to purchase mobile devices for doctors and nurses. To ensure accountability, each individual will be assigned a separate mobile device. Additionally, to protect patients' health information, management has identified

    the following requirements:

    Data must be encrypted at rest.

    The device must be disabled if it leaves the facility.

    The device must be disabled when tampered with.

    Which of the following technologies would BEST support these requirements? (Select two.)

    A. eFuse
    B. NFC
    C. GPS
    D. Biometric
    E. USB 4.1
    F. MicroSD

  • Question 162:

    A security manager wants to standardize security settings, firmware, and software across a heterogeneous environment. Which of the following can be used in combination to meet these goals? (Choose three).

    A. Attestation services
    B. TPM
    C. HIPS software
    D. OOB management software
    E. Group Policy
    F. EDR software
    G. MDM software

  • Question 163:

    A security administrator wants to deploy a dedicated storage solution which is inexpensive, can natively integrate with AD, allows files to be selectively encrypted and is suitable for a small number of users at a satellite office. Which of the following would BEST meet the requirement?

    A. SAN
    B. NAS
    C. Virtual SAN
    D. Virtual storage

  • Question 164:

    As part of an organization's ongoing vulnerability assessment program, the Chief Information Security Officer (CISO) wants to evaluate the organization's systems, personnel, and facilities for various threats As part of the assessment the CISO plans to engage an independent cybersecurity assessment firm to perform social engineering and physical penetration testing against the organization's corporate offices and remote locations. Which of the following techniques would MOST likely be employed as part of this assessment? (Select THREE).

    A. Privilege escalation
    B. SQL injection
    C. TOC/TOU exploitation
    D. Rogue AP substitution
    E. Tailgating
    F. Vulnerability scanning
    G. Vishing
    H. Badge skimming

  • Question 165:

    A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected?

    A. The malware file's modify, access, change time properties.
    B. The timeline analysis of the file system.
    C. The time stamp of the malware in the swap file.
    D. The date/time stamp of the malware detection in the antivirus logs.

  • Question 166:

    A company wants to confirm sufficient executable space protection is in place for scenarios in which malware may be attempting buffer overflow attacks. Which of the following should the security engineer check?

    A. NX/XN
    B. ASLR
    C. strcpy
    D. ECC

  • Question 167:

    A security technician receives a copy of a report that was originally sent to the board of directors by the Chief Information Security Officer (CISO). The report outlines the following KPI/KRI data for the last 12 months: Which of the following BEST describes what could be interpreted from the above data?

    A. 1. AV coverage across the fleet improved 2. There is no correlation between infected systems and AV coverage. 3. There is no correlation between detected phishing attempts and infected systems 4. A correlation between threat landscape rating and infected systems appears to exist. 5. Effectiveness and performance of the security team appears to be degrading.
    B. 1. AV signature coverage has remained consistently high 2. AV coverage across the fleet improved 3. A correlation between phishing attempts and infected systems appears to exist 4. There is a correlation between the threat landscape rating and the security team's performance. 5. There is no correlation between detected phishing attempts and infected systems
    C. 1. There is no correlation between infected systems and AV coverage 2. AV coverage across the fleet improved 3. A correlation between phishing attempts and infected systems appears to exist 4. There is no correlation between the threat landscape rating and the security team's performance. 5. There is a correlation between detected phishing attempts and infected systems
    D. 1. AV coverage across the fleet declined 2. There is no correlation between infected systems and AV coverage. 3. A correlation between phishing attempts and infected systems appears to exist 4. There is no correlation between the threat landscape rating and the security team's performance 5. Effectiveness and performance of the security team appears to be degrading.

  • Question 168:

    A security administrator has been asked to select a cryptographic algorithm to meet the criteria of a new application. The application utilizes streaming video that can be viewed both on computers and mobile devices. The application designers have asked that the algorithm support the transport encryption with the lowest possible performance overhead. Which of the following recommendations would BEST meet the needs of the application designers? (Select TWO).

    A. Use AES in Electronic Codebook mode
    B. Use RC4 in Cipher Block Chaining mode
    C. Use RC4 with Fixed IV generation
    D. Use AES with cipher text padding
    E. Use RC4 with a nonce generated IV
    F. Use AES in Counter mode

  • Question 169:

    A school contracts with a vendor to devise a solution that will enable the school library to lend out tablet computers to students while on site. The tablets must adhere to string security and privacy practices. The school's key requirements are to:

    1.

    Maintain privacy of students in case of loss

    2.

    Have a theft detection control in place

    3.

    Be compliant with defined disability requirements

    4.

    Have a four-hour minimum battery life

    Which of the following should be configured to BEST meet the requirements? (Choose two.)

    A. Remote wiping
    B. Geofencing
    C. Antivirus software
    D. TPM
    E. FDE
    F. Tokenization

  • Question 170:

    A security manager is looking into the following vendor proposal for a cloud-based SIEM solution. The intention is that the cost of the SIEM solution will be justified by having reduced the number of incidents and therefore saving on the

    amount spent investigating incidents.

    Proposal:

    External cloud-based software as a service subscription costing $5,000 per month. Expected to reduce the number of current incidents per annum by 50%.

    The company currently has ten security incidents per annum at an average cost of $10,000 per incident. Which of the following is the ROI for this proposal after three years?

    A. -$30,000
    B. $120,000
    C. $150,000
    D. $180,000

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.