CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 171:

    Which of the following risks does expanding business into a foreign country carry?

    A. Data sovereignty laws could result in unexpected liability
    B. Export controls might decrease software costs
    C. Data ownership might revert to the regulatory entities in the new country
    D. Some security tools might be monitored by legal authorities

  • Question 172:

    A government contractor was the victim of a malicious attack that resulted in the theft of sensitive information. An analyst's subsequent investigation of sensitive systems led to the following discoveries:

    There was no indication of the data owner's or user's accounts being compromised.

    No database activity outside of previous baselines was discovered.

    All workstations and servers were fully patched for all known vulnerabilities at the time of the attack.

    It was likely not an insider threat, as all employees passed polygraph tests.

    Given this scenario, which of the following is the MOST likely attack that occurred?

    A. The attacker harvested the hashed credentials of an account within the database administrators group after dumping the memory of a compromised machine. With these credentials, the attacker was able to access the database containing sensitive information directly.
    B. An account, which belongs to an administrator of virtualization infrastructure, was compromised with a successful phishing attack. The attacker used these credentials to access the virtual machine manager and made a copy of the target virtual machine image. The attacker later accessed the image offline to obtain sensitive information.
    C. A shared workstation was physically accessible in a common area of the contractor's office space and was compromised by an attacker using a USB exploit, which resulted in gaining a local administrator account. Using the local administrator credentials, the attacker was able to move laterally to the server hosting the database with sensitive information.
    D. After successfully using a watering hole attack to deliver an exploit to a machine, which belongs to an employee of the contractor, an attacker gained access to a corporate laptop. With this access, the attacker then established a remote session over a VPN connection with the server hosting the database of sensitive information.

  • Question 173:

    A security administrator is concerned about employees connecting their personal devices to the company network. Doing so is against company policy. The network does not have a NAC solution. The company uses a GPO that disables the firewall on all company-owned devices while they are connected to the internal network Additionally, all company-owned devices implement a standard naming convention that uses the device's serial number. The security administrator wants to identify active personal devices and write a custom script to disconnect them from the network Which of the following should the script use to BEST accomplish this task?

    A. Recursive DNS logs
    B. DHCP logs
    C. AD authentication logs
    D. RADIUS logs
    E. Switch and router ARP tables

  • Question 174:

    The finance department for an online shopping website has discovered that a number of customers were able to purchase goods and services without any payments. Further analysis conducted by the security investigations team indicated that the website allowed customers to update a payment amount for shipping. A specially crafted value could be entered and cause a roll over, resulting in the shipping cost being subtracted from the balance and in some instances resulted in a negative balance. As a result, the system processed the negative balance as zero dollars. Which of the following BEST describes the application issue?

    A. Race condition
    B. Click-jacking
    C. Integer overflow
    D. Use after free
    E. SQL injection

  • Question 175:

    A vendor develops a mobile application for global customers. The mobile application supports advanced encryption of data between the source (the mobile device) and the destination (the organization's ERP system).

    As part of the vendor's compliance program, which of the following would be important to take into account?

    A. Mobile tokenization
    B. Export controls
    C. Device containerization
    D. Privacy policies

  • Question 176:

    A security engineer is working to secure an organization's VMs. While reviewing the workflow for creating VMs on demand, the engineer raises a concern about the integrity of the secure boot process of the VM guest.

    Which of the following would BEST address this concern?

    A. Configure file integrity monitoring of the guest OS.
    B. Enable the vTPM on a Type 2 hypervisor.
    C. Only deploy servers that are based on a hardened image.
    D. Protect the memory allocation of a Type 1 hypervisor.

  • Question 177:

    A network printer needs Internet access to function. Corporate policy states all devices allowed on the network must be authenticated. Which of the following is the MOST secure method to allow the printer on the network without violating policy?

    A. Request an exception to the corporate policy from the risk management committee
    B. Require anyone trying to use the printer to enter their username and password
    C. Have a help desk employee sign in to the printer every morning
    D. Issue a certificate to the printer and use certificate-based authentication

  • Question 178:

    Which of the following represents important technical controls for securing a SAN storage infrastructure? (Select TWO).

    A. Synchronous copy of data
    B. RAID configuration
    C. Data de-duplication
    D. Storage pool space allocation
    E. Port scanning
    F. LUN masking/mapping
    G. Port mapping

  • Question 179:

    A Chief Information Security Officer (CISO) is creating a security committee involving multiple business units of the corporation. Which of the following is the BEST justification to ensure collaboration across business units?

    A. A risk to one business unit is a risk avoided by all business units, and liberal BYOD policies create new and unexpected avenues for attackers to exploit enterprises.
    B. A single point of coordination is required to ensure cybersecurity issues are addressed in protected, compartmentalized groups.
    C. Without business unit collaboration, risks introduced by one unit that affect another unit may go without compensating controls.
    D. The CISO is uniquely positioned to control the flow of vulnerability information between business units.

  • Question 180:

    Company leadership believes employees are experiencing an increased number of cyber attacks; however, the metrics do not show this. Currently, the company uses "Number of successful phishing attacks" as a KRI, but it does not show an increase.

    Which of the following additional information should be the Chief Information Security Officer (CISO) include in the report?

    A. The ratio of phishing emails to non-phishing emails
    B. The number of phishing attacks per employee
    C. The number of unsuccessful phishing attacks
    D. The percent of successful phishing attacks

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.