1. Home
  2. CompTIA
  3. CAS-003

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Certifications CAS-003 Questions & Answers

  • Question 331:

    A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which of the following activities would be MOST appropriate?

    A. Use a protocol analyzer against the site to see if data input can be replayed from the browser

    B. Scan the website through an interception proxy and identify areas for the code injection

    C. Scan the site with a port scanner to identify vulnerable services running on the web server

    D. Use network enumeration tools to identify if the server is running behind a load balancer

  • Question 332:

    A security engineer must establish a method to assess compliance with company security policies as they apply to the unique configuration of individual endpoints, as well as to the shared configuration policies of common devices.

    Which of the following tools is the security engineer using to produce the above output?

    A. Vulnerability scanner

    B. SIEM

    C. Port scanner

    D. SCAP scanner

  • Question 333:

    An organization just merged with an organization in another legal jurisdiction and must improve its network security posture in ways that do not require additional resources to implement data isolation. One recommendation is to block communication between endpoint PCs. Which of the following would be the BEST solution?

    A. Installing HIDS

    B. Configuring a host-based firewall

    C. Configuring EDR

    D. Implementing network segmentation

  • Question 334:

    The Chief Information Security Officer (CISO) for an organization wants to develop custom IDS rulesets faster, prior to new rules being released by IDS vendors. Which of the following BEST meets this objective?

    A. Identify a third-party source for IDS rules and change the configuration on the applicable IDSs to pull in the new rulesets

    B. Encourage cybersecurity analysts to review open-source intelligence products and threat database to generate new IDS rules based on those sources

    C. Leverage the latest TCP- and UDP-related RFCs to arm sensors and IDSs with appropriate heuristics for anomaly detection

    D. Use annual hacking conventions to document the latest attacks and threats, and then develop IDS rules to counter those threats

  • Question 335:

    A security analyst is reviewing logs and discovers that a company-owned computer issued to an employee is generating many alerts and analyst continues to review the log events and discovers that a non-company-owned device from a different, unknown IP address is general same events. The analyst informs the manager of these finding, and the manager explains that these activities are already known and . . . ongoing simulation. Given this scenario, which of the following roles are the analyst, the employee, and the manager fillings?

    A. The analyst is red team The employee is blue team The manager is white team

    B. The analyst is white team The employee is red team The manager is blue team

    C. The analyst is red team The employee is white team The manager is blue team

    D. The analyst is blue team The employee is red team The manager is white team

  • Question 336:

    A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwrite the disk with zeros. The company has also instituted a policy that requires users to erase files containing sensitive information when they are no longer needed.

    To ensure the process provides the intended results, an auditor reviews the following content from a randomly selected decommissioned hard disk:

    Which of the following should be included in the auditor's report based in the above findings?

    A. The hard disk contains bad sectors

    B. The disk has been degaussed.

    C. The data represents part of the disk BIOS.

    D. Sensitive data might still be present on the hard drives.

  • Question 337:

    A Chief Information Officer (CIO) publicly announces the implementation of a new financial system. As part of a security assessment that includes a social engineering task, which of the following tasks should be conducted to demonstrate the BEST means to gain information to use for a report on social vulnerability details about the financial system?

    A. Call the CIO and ask for an interview, posing as a job seeker interested in an open position

    B. Compromise the email server to obtain a list of attendees who responded to the invitation who is on the IT staff

    C. Notify the CIO that, through observation at events, malicious actors can identify individuals to befriend

    D. Understand the CIO is a social drinker, and find the means to befriend the CIO at establishments the CIO frequents

  • Question 338:

    Which of the following is a feature of virtualization that can potentially create a single point of failure?

    A. Server consolidation

    B. Load balancing hypervisors

    C. Faster server provisioning

    D. Running multiple OS instances

  • Question 339:

    A pharmacy gives its clients online access to their records and the ability to review bills and make payments. A new SSL vulnerability on a special platform was discovered, allowing an attacker to capture the data between the end user and the web server providing these services. After invest the new vulnerability, it was determined that the web services providing are being impacted by this new threat. Which of the following data types a MOST likely at risk of exposure based on this new threat? (Select TWO)

    A. Cardholder data

    B. intellectual property

    C. Personal health information

    D. Employee records

    E. Corporate financial data

  • Question 340:

    An agency has implemented a data retention policy that requires tagging data according to type before storing it in the data repository. The policy requires all business emails be automatically deleted after two years. During an open records investigation, information was found on an employee's work computer concerning a conversation that occurred three years prior and proved damaging to the agency's reputation. Which of the following MOST likely caused the data leak?

    A. The employee manually changed the email client retention settings to prevent deletion of emails

    B. The file that contained the damaging information was mistagged and retained on the server for longer than it should have been

    C. The email was encrypted and an exception was put in place via the data classification application

    D. The employee saved a file on the computer's hard drive that contained archives of emails, which were more than two years old

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.