CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 11:

    During a sprint, developers are responsible for ensuring the expected outcome of a change is thoroughly evaluated for any security impacts. Any impacts must be reported to the team lead. Before changes are made to the source code, which of the following MUST be performed to provide the required information to the team lead?

    A. Risk assessment
    B. Regression testing
    C. User story development
    D. Data abstraction E. Business impact assessment

  • Question 12:

    A new security policy states all wireless and wired authentication must include the use of certificates when connecting to internal resources within the enterprise LAN by all employees. Which of the following should be configured to comply with the new security policy? (Choose two.)

    A. SSO
    B. New pre-shared key
    C. 802.1X
    D. OAuth
    E. Push-based authentication
    F. PKI

  • Question 13:

    A network engineer wants to deploy user-based authentication across the company's wired and wireless infrastructure at layer 2 of the OSI model. Company policies require that users be centrally managed and authenticated and that each user's network access be controlled based on the user's role within the company. Additionally, the central authentication system must support hierarchical trust and the ability to natively authenticate mobile devices and workstations. Which of the following are needed to implement these requirements? (Select TWO).

    A. SAML
    B. WAYF
    C. LDAP
    D. RADIUS
    E. Shibboleth
    F. PKI

  • Question 14:

    The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company's contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select

    TWO).

    A. Block traffic from the ISP's networks destined for blacklisted IPs.
    B. Prevent the ISP's customers from querying DNS servers other than those hosted by the ISP.
    C. Scan the ISP's customer networks using an up-to-date vulnerability scanner.
    D. Notify customers when services they run are involved in an attack.
    E. Block traffic with an IP source not allocated to customers from exiting the ISP's network.

  • Question 15:

    A company recently implemented a new cloud storage solution and installed the required synchronization client on all company devices. A few months later, a breach of sensitive data was discovered. Root cause analysis shows the data breach happened from a lost personal mobile device.

    Which of the following controls can the organization implement to reduce the risk of similar breaches?

    A. Biometric authentication
    B. Cloud storage encryption
    C. Application containerization
    D. Hardware anti-tamper

  • Question 16:

    SIMULATION

    You are a security analyst tasked with interpreting an Nmap scan output from Company A's privileged network.

    The company's hardening guidelines indicate the following:

    1.

    There should be one primary server or service per device.

    2.

    Only default ports should be used.

    3.

    Non-secure protocols should be disabled.

    INSTRUCTIONS

    Using the Nmap output, identify the devices on the network and their roles, and any open ports that should be closed. For each device found, add a device entry to the Devices Discovered list, with the following information:

    1.

    The IP address of the device

    2.

    The primary server or service of the device

    3.

    The protocol(s) that should be disabled based on the hardening guidelines

    To select multiple protocols, use CTRL+CLICK.

    If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  • Question 17:

    During an audit, it was determined from a sample that four out of 20 former employees were still accessing their email accounts An information security analyst is reviewing the access to determine if the audit was valid Which of the following would assist with the validation and provide the necessary documentation to audit?

    A. Examining the termination notification process from human resources and employee account access logs
    B. Checking social media platforms for disclosure of company sensitive and proprietary information
    C. Sending a test email to the former employees to document an undeliverable email and review the ERP access
    D. Reviewing the email global account list and the collaboration platform for recent activity

  • Question 18:

    Ann, a retiring employee, cleaned out her desk. The next day, Ann's manager notices company equipment that was supposed to remain at her desk is now missing.

    Which of the following would reduce the risk of this occurring in the future?

    A. Regular auditing of the clean desk policy
    B. Employee awareness and training policies
    C. Proper employee separation procedures
    D. Implementation of an acceptable use policy

  • Question 19:

    A software development team has spent the last 18 months developing a new web-based front-end that will allow clients to check the status of their orders as they proceed through manufacturing. The marketing team schedules a launch party to present the new application to the client base in two weeks. Before the launch, the security team discovers numerous flaws that may introduce dangerous vulnerabilities, allowing direct access to a database used by manufacturing. The development team did not plan to remediate these vulnerabilities during development.

    Which of the following SDLC best practices should the development team have followed?

    A. Implementing regression testing
    B. Completing user acceptance testing
    C. Verifying system design documentation
    D. Using a SRTM

  • Question 20:

    An external red team member conducts a penetration test, attempting to gain physical access to a large organization's server room in a branch office. During reconnaissance, the red team member sees a clearly marked door to the server room, located next to the lobby, with a tumbler lock.

    Which of the following is BEST for the red team member to bring on site to open the locked door as quickly as possible without causing significant damage?

    A. Screwdriver set
    B. Bump key
    C. RFID duplicator
    D. Rake picking

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.