1. Home
  2. CompTIA
  3. CAS-003

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Certifications CAS-003 Questions & Answers

  • Question 421:

    A security analyst is reviewing the following packet capture of communication between a host and a company's router:

    Which of the following actions should the security analyst take to remove this vulnerability?

    A. Update the router code

    B. Implement a router ACL

    C. Disconnect the host from the network

    D. Install the latest antivirus definitions

    E. Deploy a network-based IPS

  • Question 422:

    A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet: Which of the following should the penetration tester conclude about the command output?

    A. The public/private views on the Comptia.org DNS servers are misconfigured

    B. Comptia.org is running an older mail server, which may be vulnerable to exploits

    C. The DNS SPF records have not been updated for Comptia.org

    D. 192.168.102.67 is a backup mail server that may be more vulnerable to attack

  • Question 423:

    A user asks a security practitioner for recommendations on securing a home network. The user recently purchased a connected home assistant and multiple IoT devices in an effort to automate the home. Some of the IoT devices are wearables, and other are installed in the user's automobiles. The current home network is configured as a single flat network behind an ISP-supplied router. The router has a single IP address, and the router performs NAT on incoming traffic to route it to individual devices.

    Which of the following security controls would address the user's privacy concerns and provide the BEST level of security for the home network?

    A. Ensure all IoT devices are configured in a geofencing mode so the devices do not work when removed from the home network. Disable the home assistant unless actively using it, and segment the network so each IoT device has its own segment.

    B. Install a firewall capable of cryptographically separating network traffic require strong authentication to access all IoT devices, and restrict network access for the home assistant based on time-of-day restrictions.

    C. Segment the home network to separate network traffic from users and the IoT devices, ensure security settings on the home assistant support no or limited recording capability, and install firewall rules on the router to restrict traffic to the home assistant as much as possible.

    D. Change all default passwords on the IoT devices, disable Internet access for the IoT devices and the home assistant, obtain routable IP addresses for all devices, and implement IPv6 and IPSec protections on all network traffic.

  • Question 424:

    A systems security engineer is assisting an organization's market survey team in reviewing requirements for an upcoming acquisition of mobile devices. The engineer expresses concerns to the survey team about a particular class of devices that uses a separate SoC for baseband radio I/O. For which of the following reasons is the engineer concerned?

    A. These devices can communicate over networks older than HSPA+ and LTE standards, exposing device communications to poor encryptions routines

    B. The organization will be unable to restrict the use of NFC, electromagnetic induction, and Bluetooth technologies

    C. The associated firmware is more likely to remain out of date and potentially vulnerable

    D. The manufacturers of the baseband radios are unable to enforce mandatory access controls within their driver set

  • Question 425:

    A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:

    Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)

    A. Install HIPS

    B. Enable DLP

    C. Install EDR

    D. Install HIDS

    E. Enable application blacklisting

    F. Improve patch management processes

  • Question 426:

    After embracing a BYOD policy, a company is faced with new security challenges from unmanaged mobile devices and laptops. The company's IT department has seen a large number of the following incidents:

    Duplicate IP addresses Rogue network devices Infected systems probing the company's network

    Which of the following should be implemented to remediate the above issues? (Choose two.)

    A. Port security

    B. Route protection

    C. NAC

    D. HIPS

    E. NIDS

  • Question 427:

    To meet a SLA, which of the following documents should be drafted, defining the company's internal interdependent unit responsibilities and delivery timelines.

    A. BPA

    B. OLA

    C. MSA

    D. MOU

  • Question 428:

    Following a security assessment, the Chief Information Security Officer (CISO) is reviewing the results of the assessment and evaluating potential risk treatment strategies. As part of the CISO's evaluation, a judgment of potential impact based on the identified risk is performed. To prioritize response actions, the CISO uses past experience to take into account the exposure factor as well as the external accessibility of the weakness identified.

    Which of the following is the CISO performing?

    A. Documentation of lessons learned

    B. Quantitative risk assessment

    C. Qualitative assessment of risk

    D. Business impact scoring

    E. Threat modeling

  • Question 429:

    A company wants to extend its help desk availability beyond business hours. The Chief Information Officer (CIO) decides to augment the help desk with a third-party service that will answer calls and provide Tier 1 problem resolution, such as password resets and remote assistance. The security administrator implements the following firewall change:

    The administrator provides the appropriate path and credentials to the third-party company. Which of the following technologies is MOST likely being used to provide access to the third company?

    A. LDAP

    B. WAYF

    C. OpenID

    D. RADIUS

    E. SAML

  • Question 430:

    Company.org has requested a black-box security assessment be performed on key cyber terrain. On area of concern is the company's SMTP services. The security assessor wants to run reconnaissance before taking any additional action and wishes to determine which SMTP server is Internet-facing.

    Which of the following commands should the assessor use to determine this information?

    A. dnsrecon -d company.org -t SOA

    B. dig company.org mx

    C. nc -v company.org

    D. whois company.org

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.