CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 221:

    A security administrator is updating a company's SCADA authentication system with a new application. To ensure interoperability between the legacy system and the new application, which of the following stakeholders should be involved in the configuration process before deployment? (Choose two.)

    A. Network engineer
    B. Service desk personnel
    C. Human resources administrator
    D. Incident response coordinator
    E. Facilities manager
    F. Compliance manager

  • Question 222:

    A company has created a policy to allow employees to use their personally owned devices. The Chief Information Officer (CISO) is getting reports of company data appearing on unapproved forums and an increase in theft of personal electronic devices. Which of the following security controls would BEST reduce the risk of exposure?

    A. Disk encryption on the local drive
    B. Group policy to enforce failed login lockout
    C. Multifactor authentication
    D. Implementation of email digital signatures

  • Question 223:

    A user asks a security practitioner for recommendations on securing a home network. The user recently purchased a connected home assistant and multiple IoT devices in an effort to automate the home. Some of the IoT devices are wearables, and other are installed in the user's automobiles. The current home network is configured as a single flat network behind an ISP-supplied router. The router has a single IP address, and the router performs NAT on incoming traffic to route it to individual devices.

    Which of the following security controls would address the user's privacy concerns and provide the BEST level of security for the home network?

    A. Ensure all IoT devices are configured in a geofencing mode so the devices do not work when removed from the home network. Disable the home assistant unless actively using it, and segment the network so each IoT device has its own segment.
    B. Install a firewall capable of cryptographically separating network traffic require strong authentication to access all IoT devices, and restrict network access for the home assistant based on time-of-day restrictions.
    C. Segment the home network to separate network traffic from users and the IoT devices, ensure security settings on the home assistant support no or limited recording capability, and install firewall rules on the router to restrict traffic to the home assistant as much as possible.
    D. Change all default passwords on the IoT devices, disable Internet access for the IoT devices and the home assistant, obtain routable IP addresses for all devices, and implement IPv6 and IPSec protections on all network traffic.

  • Question 224:

    Joe an application security engineer is performing an audit of an environmental control application He has implemented a robust SDLC process and is reviewing API calls available to the application During the review. Joe finds the following in a log file.

    Which of the following would BEST mitigate the issue Joe has found?

    A. Ensure the API uses SNMPv1.
    B. Perform authentication via a secure channel
    C. Verify the API uses HTTP GET instead of POST
    D. Deploy a WAF in front of the API and implement rate limiting

  • Question 225:

    A company recently migrated to a SaaS-based email solution. The solution is configured as follows:

    1.

    Passwords are synced to the cloud to allow for SSO

    2.

    Cloud-based antivirus is enabled

    3.

    Cloud-based anti-spam is enabled

    4.

    Subscription-based blacklist is enabled

    Although the above controls are enabled, the company's security administrator is unable to detect an account compromise caused by phishing attacks in a timely fashion because email logs are not immediately available to review. Which of the following would allow the company to gam additional visibility and reduce additional costs? (Select TWO)

    A. Migrate the email antivirus and anti-spam on-premises
    B. Implement a third-party CASB solution.
    C. Disable the current SSO model and enable federation
    D. Feed the attacker IPs from the company IDS into the email blacklist
    E. Install a virtual SIEM within the email cloud provider
    F. Add email servers to NOC monitoring

  • Question 226:

    While conducting online research about a company to prepare for an upcoming penetration test, a security analyst discovers detailed financial information on an investor website the company did not make public. The analyst shares this information with the Chief Financial Officer (CFO), who confirms the information is accurate, as it was recently discussed at a board of directors meeting. Many of the details are verbatim discussion comments captured by the board secretary for purposes of transcription on a mobile device. Which of the following would MOST likely prevent a similar breach in the future?

    A. Remote wipe
    B. FDE
    C. Geolocation
    D. eFuse
    E. VPN

  • Question 227:

    The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?

    A. Updating the playbook with better decision points
    B. Dividing the network into trusted and untrusted zones
    C. Providing additional end-user training on acceptable use
    D. Implementing manual quarantining of infected hosts

  • Question 228:

    A newly hired Chief Information Security Officer (CISO) is reviewing the organization's security budget from the previous year. The CISO notices $100,000 worth of fines were paid for not properly encrypting outbound email messages. The CISO expects next year's costs associated with fines to double and the volume of messages to increase by 100%. The organization sent out approximately 25,000 messages per year over the last three years. Given the table below:

    Which of the following would be BEST for the CISO to include in this year's budget?

    A. A budget line for DLP Vendor A
    B. A budget line for DLP Vendor B
    C. A budget line for DLP Vendor C
    D. A budget line for DLP Vendor D
    E. A budget line for paying future fines

  • Question 229:

    The Chief Information Security Officer (CISO) of a company that has highly sensitive corporate locations wants its security engineers to find a solution to growing concerns regarding mobile devices The CISO mandates the following requirements:

    1.

    The devices must be owned by the company for legal purposes.

    2.

    The device must be as fully functional as possible when off site.

    3.

    Corporate email must be maintained separately from personal email

    4.

    Employees must be able to install their own applications.

    Which of the following will BEST meet the CISO's mandate? (Select TWO).

    A. Disable the device's camera
    B. Allow only corporate resources in a container.
    C. Use an MDM to wipe the devices remotely
    D. Block all sideloading of applications on devices
    E. Use geofencmg on certain applications
    F. Deploy phones in a BYOD model

  • Question 230:

    An information security manager is concerned that connectivity used to configure and troubleshoot critical network devices could be attacked. The manager has tasked a network security engineer with meeting the following requirements:

    Encrypt all traffic between the network engineer and critical devices.

    Segregate the different networking planes as much as possible.

    Do not let access ports impact configuration tasks.

    Which of the following would be the BEST recommendation for the network security engineer to present?

    A. Deploy control plane protections.
    B. Use SSH over out-of-band management.
    C. Force only TACACS to be allowed.
    D. Require the use of certificates for AAA.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.