CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 31:

    A company's user community is being adversely affected by various types of emails whose authenticity cannot be trusted. The Chief Information Security Officer (CISO) must address the problem.

    Which of the following solutions would BEST support trustworthy communication solutions?

    A. Enabling spam filtering and DMARC.
    B. Using MFA when logging into email clients and the domain.
    C. Enforcing HTTPS everywhere so web traffic, including email, is secure.
    D. Enabling SPF and DKIM on company servers.
    E. Enforcing data classification labels before an email is sent to an outside party.

  • Question 32:

    A recent CRM upgrade at a branch office was completed after the desired deadline. Several technical issues were found during the upgrade and need to be discussed in depth before the next branch office is upgraded.

    Which of the following should be used to identify weak processes and other vulnerabilities?

    A. Gap analysis
    B. Benchmarks and baseline results
    C. Risk assessment
    D. Lessons learned report

  • Question 33:

    A medical device company is implementing a new COTS antivirus solution in its manufacturing plant. All validated machines and instruments must be retested for interoperability with the new software. Which of the following would BEST ensure the software and instruments are working as designed?

    A. System design documentation
    B. User acceptance testing
    C. Peer review
    D. Static code analysis testing
    E. Change control documentation

  • Question 34:

    ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone?

    A. Ensure hypervisor layer firewalling between all VM hosts regardless of security zone.
    B. Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s).
    C. Organize VM hosts into containers based on security zone and restrict access using an ACL.
    D. Require multi-factor authentication when accessing the console at the physical VM host.

  • Question 35:

    The audit team was only provided the physical and logical addresses of the network without any type of access credentials.

    Which of the following methods should the audit team use to gain initial access during the security assessment? (Choose two.)

    A. Tabletop exercise
    B. Social engineering
    C. Runtime debugging
    D. Reconnaissance
    E. Code review
    F. Remote access tool

  • Question 36:

    A senior network security engineer has been tasked to decrease the attack surface of the corporate network. Which of the following actions would protect the external network interfaces from external attackers performing network scanning?

    A. Remove contact details from the domain name registrar to prevent social engineering attacks.
    B. Test external interfaces to see how they function when they process fragmented IP packets.
    C. Enable a honeynet to capture and facilitate future analysis of malicious attack vectors.
    D. Filter all internal ICMP message traffic, forcing attackers to use full-blown TCP port scans against external network interfaces.

  • Question 37:

    Wireless users are reporting issues with the company's video conferencing and VoIP systems. The security administrator notices internal DoS attacks from infected PCs on the network causing the VoIP system to drop calls. The security administrator also notices that the SIP servers are unavailable during these attacks. Which of the following security controls will MOST likely mitigate the VoIP DoS attacks on the network? (Select TWO).

    A. Install a HIPS on the SIP servers
    B. Configure 802.1X on the network
    C. Update the corporate firewall to block attacking addresses
    D. Configure 802.11e on the network
    E. Configure 802.1q on the network

  • Question 38:

    A security controls assessor intends to perform a holistic configuration compliance test of networked assets. The assessor has been handed a package of definitions provided in XML format, and many of the files have two common tags within them: "" and "". Which of the following tools BEST supports the use of these definitions?

    A. HTTP interceptor
    B. Static code analyzer
    C. SCAP scanner
    D. XML fuzzer

  • Question 39:

    Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows:

    Delivered-To: [email protected]

    Received: by 10.14.120.205

    Mon, 1 Nov 2010 11:15:24 -0700 (PDT)

    Received: by 10.231.31.193

    Mon, 01 Nov 2010 11:15:23 -0700 (PDT)

    Return-Path:

    Received: from 127.0.0.1 for ; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from )

    Received: by smtpex.example.com (SMTP READY)

    with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500 Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500 From: Company To: "[email protected]" Date: Mon, 1 Nov 2010 13:15:11 -0500 Subject: New Insurance Application Thread-Topic: New Insurance Application Please download and install software from the site below to maintain full access to your account. www.examplesite.com

    Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11.

    The network's subnet is 192.168.2.0/25.

    Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).

    A. Identify the origination point for malicious activity on the unauthorized mail server.
    B. Block port 25 on the firewall for all unauthorized mail servers.
    C. Disable open relay functionality.
    D. Shut down the SMTP service on the unauthorized mail server.
    E. Enable STARTTLS on the spam filter.

  • Question 40:

    A hospital is deploying new imaging softwares that requires a web server for access to image for both local and remote users. The web server allows user authentication via secure LDAP. The information security officer wants to ensure the server does not allow unencrypted access to the imaging server by using Nmap to gather additional information. Given the following:

    1.

    The imaging server IP is 192.168.101.24

    2.

    The domain controller IP is 192.168.100.1

    3.

    The client machine IP is 192.168.200.37

    Which of the following should be used to confirm this is the only open post on the web server?

    A. nmap "p 80,443 192.168.101.24
    B. nmap "p 80,443,389,636 192.168.100.1
    C. nmap "p 80,389 192.168.200.37
    D. nmap "p" 192.168.101.24

  • Tips on How to Prepare for the Exams

    Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.