CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 181:

    A small company is implementing a new technology that promises greater performance but does not abide by accepted RFCs.

    Which of the following should the company do to ensure the risks associated with implementing the standard-violating technology are addressed?

    A. Document the technology's differences in a system security plan.
    B. Require the vendor to provide justification for the product's deviation.
    C. Increase the frequency of vulnerability scanning of all systems using the technology.
    D. Block the use of non-standard ports or protocols to and from the system.

  • Question 182:

    The IT Security Analyst for a small organization is working on a customer's system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion?

    A. Contact the local authorities so an investigation can be started as quickly as possible.
    B. Shut down the production network interfaces on the server and change all of the DBMS account passwords.
    C. Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed.
    D. Refer the issue to management for handling according to the incident response process.

  • Question 183:

    A security analyst works for a defense contractor that produces classified research on drones. The contractor faces nearly constant attacks from sophisticated nation-state actors and other APIs.

    Which of the following would help protect the confidentiality of the research data?

    A. Use diverse components in layers throughout the architecture
    B. Implement non-heterogeneous components at the network perimeter
    C. Purge all data remnants from client devices' volatile memory at regularly scheduled intervals
    D. Use only in-house developed applications that adhere to strict SDLC security requirements

  • Question 184:

    SIMULATION

    An administrator wants to install a patch to an application.

    INSTRUCTIONS

    Given the scenario, download, verify, and install the patch in the most secure manner.

    The last install that is completed will be the final submission.

    If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  • Question 185:

    The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a list of enhancements to the company's cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices. Which of the following industry references is appropriate to accomplish this?

    A. OSSM
    B. NIST
    C. PCI
    D. OWASP

  • Question 186:

    A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?

    A. Deploy new perimeter firewalls at all stores with UTM functionality.
    B. Change antivirus vendors at the store and the corporate office.
    C. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution.
    D. Deploy a proxy server with content filtering at the corporate office and route all traffic through it.

  • Question 187:

    An analyst is investigating behavior on a corporate-owned, corporate-managed mobile device with application whitelisting enabled, based on a name string. The employee to whom the device is assigned reports the approved email client is displaying warning messages that can launch browser windows and is adding unrecognized email addresses to the "compose" window.

    Which of the following would provide the analyst the BEST chance of understanding and characterizing the malicious behavior?

    A. Reverse engineer the application binary.
    B. Perform static code analysis on the source code.
    C. Analyze the device firmware via the JTAG interface.
    D. Change to a whitelist that uses cryptographic hashing.
    E. Penetration test the mobile application.

  • Question 188:

    A company's internet connection is commonly saturated during business hours, affecting internet availability. The company requires all Internet traffic to be business related After analyzing the traffic over a period of a few hours, the security administrator observes the following:

    The majority of the IP addresses associated with the TCP/SSL traffic resolve to CDNs

    Which of the following should the administrator recommend for the CDN traffic to meet the corporate security requirements?

    A. Block outbound SSL traffic to prevent data exfiltration.
    B. Confirm the use of the CDN by monitoring NetFlow data.
    C. Further investigate the traffic using a sanctioned MITM proxy.
    D. Implement an IPS to drop packets associated with the CDN.

  • Question 189:

    A security analyst is comparing two virtual servers that were bum from the same image and patched at the same regular intervals Server A is used to host a public-facing website, and Server B runs accounting software inside the firewalled accounting network. The analyst runs the same command and obtains the following output from Server A and Server B. respectively:

    Which of the following will the analyst most likely use NEXT?

    A. Exploitation tools
    B. Hash cracking tools
    C. Malware analysis tools
    D. Log analysis tools

  • Question 190:

    A company has completed the implementation of technical and management controls as required by its adopted security, ponies and standards. The implementation took two years and consumed s the budget approved to security projects. The board has denied any further requests for additional budget. Which of the following should the company do to address the residual risk?

    A. Transfer the risk
    B. Baseline the risk.
    C. Accept the risk
    D. Remove the risk

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.