CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 21:

    A penetration tester is on an active engagement and has access to a remote system. The penetration tester wants to bypass the DLP, which is blocking emails that are encrypted or contain sensitive company information. Which of the following cryptographic techniques should the penetration tester use?

    A. GNU Privacy Guard
    B. UUencoding
    C. DNSCrypt
    D. Steganography

  • Question 22:

    A penetration testing manager is contributing to an RFP for the purchase of a new platform. The manager has provided the following requirements:

    1.

    Must be able to MITM web-based protocols

    2.

    Must be able to find common misconfigurations and security holes

    Which of the following types of testing should be included in the testing platform? (Choose two.)

    A. Reverse engineering tool
    B. HTTP intercepting proxy
    C. Vulnerability scanner
    D. File integrity monitor
    E. Password cracker
    F. Fuzzer

  • Question 23:

    Given the following output from a local PC:

    Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?

    A. Allow 172.30.0.28:80 -> ANY
    B. Allow 172.30.0.28:80 -> 172.30.0.0/16
    C. Allow 172.30.0.28:80 -> 172.30.0.28:443
    D. Allow 172.30.0.28:80 -> 172.30.0.28:53

  • Question 24:

    Following the successful response to a data-leakage incident, the incident team lead facilitates an exercise that focuses on continuous improvement of the organization's incident response capabilities. Which of the following activities has the incident team lead executed?

    A. Lessons learned review
    B. Root cause analysis
    C. Incident audit
    D. Corrective action exercise

  • Question 25:

    A corporation with a BYOD policy is very concerned about issues that may arise from data ownership. The corporation is investigating a new MDM solution and has gathered the following requirements as part of the requirements-gathering phase.

    1.

    Each device must be issued a secure token of trust from the corporate PKI.

    2.

    All corporate application and local data must be able to deleted from a central console.

    3.

    Cloud storage and backup applications must be restricted from the device.

    4.

    Devices must be on the latest OS version within three weeks of an OS release.

    Which of the following should be feature in the new MDM solution to meet these requirement? (Select TWO.)

    A. Application-based containerization
    B. Enforced full-device encryption
    C. Mandatory acceptance of SCEP system
    D. Side-loaded application prevention
    E. Biometric requirement to unlock device
    F. Over-the-air restriction

  • Question 26:

    A government entity is developing requirements for an RFP to acquire a biometric authentication system When developing these requirements, which of the following considerations is MOST critical to the verification and validation of the SRTM?

    A. Local and national laws and regulations
    B. Secure software development requirements
    C. Environmental constraint requirements
    D. Testability of requirements

  • Question 27:

    An internal penetration tester finds a legacy application that takes measurement input made in a text box and outputs a specific string of text related to industry requirements. There is no documentation about how this application works, and the source code has been lost. Which of the following would BEST allow the penetration tester to determine the input and output relationship?

    A. Running an automated fuzzer
    B. Constructing a known cipher text attack
    C. Attempting SQL injection commands
    D. Performing a full packet capture
    E. Using the application in a malware sandbox

  • Question 28:

    A university's help desk is receiving reports that Internet access on campus is not functioning. The network administrator looks at the management tools and sees the 1Gbps Internet is completely saturated with ingress traffic. The administrator sees the following output on the Internet router:

    The administrator calls the university's ISP for assistance, but it takes more than four hours to speak to a network engineer who can resolve the problem. Based on the information above, which of the following should the ISP engineer do to resolve the issue?

    A. The ISP engineer should null route traffic to the web server immediately to restore Internet connectivity. The university should implement a remotely triggered black hole with the ISP to resolve this more quickly in the future.
    B. A university web server is under increased load during enrollment. The ISP engineer should immediately increase bandwidth to 2Gbps to restore Internet connectivity. In the future, the university should pay for more bandwidth to handle spikes in web server traffic.
    C. The ISP engineer should immediately begin blocking IP addresses that are attacking the web server to restore Internet connectivity. In the future, the university should install a WAF to prevent this attack from happening again.
    D. The ISP engineer should begin refusing network connections to the web server immediately to restore Internet connectivity on campus. The university should purchase an IPS device to stop DDoS attacks in the future.

  • Question 29:

    A security analyst is inspecting pseudocode of the following multithreaded application:

    1. perform daily ETL of data

    1.1 validate that yesterday's data model file exists

    1.2 validate that today's data model file does not exist

    1.2 extract yesterday's data model

    1.3 transform the format

    1.4 load the transformed data into today's data model file

    1.5 exit

    Which of the following security concerns is evident in the above pseudocode?

    A. Time of check/time of use
    B. Resource exhaustion
    C. Improper storage of sensitive data
    D. Privilege escalation

  • Question 30:

    A company has received the contract to begin developing a new suite of software tools to replace an aging collaboration solution. The original collaboration solution has been in place for nine years, contains over a million lines of code, and took over two years to develop originally. The SDLC has been broken up into eight primary stages, with each stage requiring an in-depth risk analysis before moving on to the next phase. Which of the following software development methods is MOST applicable?

    A. Spiral model
    B. Incremental model
    C. Waterfall model
    D. Agile model

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.