1. Home
  2. CompTIA
  3. CAS-003

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Certifications CAS-003 Questions & Answers

  • Question 361:

    A systems administrator receives an advisory email that a recently discovered exploit is being used in another country and the financial institutions have ceased operations while they find a way to respond to the attack. Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems? (Choose two.)

    A. Bug bounty websites

    B. Hacker forums

    C. Antivirus vendor websites

    D. Trade industry association websites

    E. CVE database

    F. Company's legal department

  • Question 362:

    After the departure of a developer under unpleasant circumstances, the company is concerned about the security of the software to which the developer has access. Which of the following is the BEST way to ensure security of the code following the incident?

    A. Hire an external red tem to conduct black box testing

    B. Conduct a peer review and cross reference the SRTM

    C. Perform white-box testing on all impacted finished products

    D. Perform regression testing and search for suspicious code

  • Question 363:

    While attending a meeting with the human resources department, an organization's information security officer sees an employee using a username and password written on a memo pad to log into a specific service. When the information security officer inquires further as to why passwords are being written down, the response is that there are too many passwords to remember for all the different services the human resources department is required to use.

    Additionally, each password has specific complexity requirements and different expiration time frames. Which of the following would be the BEST solution for the information security officer to recommend?

    A. Utilizing MFA

    B. Implementing SSO

    C. Deploying 802.1X

    D. Pushing SAML adoption

    E. Implementing TACACS

  • Question 364:

    Following a merger, the number of remote sites for a company has doubled to 52. The company has decided to secure each remote site with an NGFW to provide web filtering, NIDS/NIPS, and network antivirus. The Chief Information Officer (CIO) has requested that the security engineer provide recommendations on sizing for the firewall with the requirements that it be easy to manage and provide capacity for growth.

    The tables below provide information on a subset of remote sites and the firewall options:

    Which of the following would be the BEST option to recommend to the CIO?

    A. Vendor C for small remote sites, and Vendor B for large sites.

    B. Vendor B for all remote sites

    C. Vendor C for all remote sites

    D. Vendor A for all remote sites

    E. Vendor D for all remote sites

  • Question 365:

    A recent assessment identified that several users' mobile devices are running outdated versions of endpoint security software that do not meet the company's security policy. Which of the following should be performed to ensure the users can access the network and meet the company's security requirements?

    A. Vulnerability assessment

    B. Risk assessment

    C. Patch management

    D. Device quarantine

    E. Incident management

  • Question 366:

    A cybersecurity analyst is conducting packet analysis on the following:

    Which of the following is occurring in the given packet capture?

    A. ARP spoofing B. Broadcast storm

    C. Smurf attack

    D. Network enurneration

    E. Zero-day exploit

  • Question 367:

    An organization has established the following controls matrix:

    The following control sets have been defined by the organization and are applied in aggregate fashion:

    Systems containing PII are protected with the minimum control set.

    Systems containing medical data are protected at the moderate level.

    Systems containing cardholder data are protected at the high level.

    The organization is preparing to deploy a system that protects the confidentially of a database containing PII and medical data from clients. Based on the controls classification, which of the following controls would BEST meet these

    requirements?

    A. Proximity card access to the server room, context-based authentication, UPS, and full-disk encryption for the database server.

    B. Cipher lock on the server room door, FDE, surge protector, and static analysis of all application code.

    C. Peer review of all application changes, static analysis of application code, UPS, and penetration testing of the complete system.

    D. Intrusion detection capabilities, network-based IPS, generator, and context-based authentication.

  • Question 368:

    An administrator has noticed mobile devices from an adjacent company on the corporate wireless network. Malicious activity is being reported from those devices. To add another layer of security in an enterprise environment, an administrator wants to add contextual authentication to allow users to access enterprise resources only while present in corporate buildings. Which of the following technologies would accomplish this?

    A. Port security

    B. Rogue device detection

    C. Bluetooth

    D. GPS

  • Question 369:

    A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them. After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst is now recommending that developers and testers have a separate device profile allowing this, and that the rest of the organization's users do not have the ability to manually download and install untrusted applications. Which of the following settings should be toggled to achieve the goal? (Choose two.)

    A. OTA updates

    B. Remote wiping

    C. Side loading

    D. Sandboxing

    E. Containerization

    F. Signed applications

  • Question 370:

    Given the following output from a local PC:

    Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?

    A. Allow 172.30.0.28:80 -> ANY

    B. Allow 172.30.0.28:80 -> 172.30.0.0/16

    C. Allow 172.30.0.28:80 -> 172.30.0.28:443

    D. Allow 172.30.0.28:80 -> 172.30.0.28:53

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.