1. Home
  2. CompTIA
  3. CAS-003

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Certifications CAS-003 Questions & Answers

  • Question 461:

    A recent CRM upgrade at a branch office was completed after the desired deadline. Several technical issues were found during the upgrade and need to be discussed in depth before the next branch office is upgraded.

    Which of the following should be used to identify weak processes and other vulnerabilities?

    A. Gap analysis

    B. Benchmarks and baseline results

    C. Risk assessment

    D. Lessons learned report

  • Question 462:

    A security manager recently categorized an information system. During the categorization effort, the manager determined the loss of integrity of a specific information type would impact business significantly. Based on this, the security manager recommends the implementation of several solutions. Which of the following, when combined, would BEST mitigate this risk? (Select TWO.)

    A. Access control

    B. Whitelisting

    C. Signing

    D. Validation

    E. Boot attestation

  • Question 463:

    A company has created a policy to allow employees to use their personally owned devices. The Chief Information Officer (CISO) is getting reports of company data appearing on unapproved forums and an increase in theft of personal electronic devices. Which of the following security controls would BEST reduce the risk of exposure?

    A. Disk encryption on the local drive

    B. Group policy to enforce failed login lockout

    C. Multifactor authentication

    D. Implementation of email digital signatures

  • Question 464:

    A company has hired an external security consultant to conduct a thorough review of all aspects of corporate security. The company is particularly concerned about unauthorized access to its physical offices resulting in network compromises. Which of the following should the consultant recommend be performed to evaluate potential risks?

    A. The consultant should attempt to gain access to physical offices through social engineering and then attempt data exfiltration

    B. The consultant should be granted access to all physical access control systems to review logs and evaluate the likelihood of the threat

    C. The company should conduct internal audits of access logs and employee social media feeds to identify potential insider threats

    D. The company should install a temporary CCTV system to detect unauthorized access to physical offices

  • Question 465:

    After investigating virus outbreaks that have cost the company $1000 per incident, the company's Chief Information Security Officer (CISO) has been researching new antivirus software solutions to use and be fully supported for the next two years. The CISO has narrowed down the potential solutions to four candidates that meet all the company's performance and capability requirements:

    Using the table above, which of the following would be the BEST business-driven choice among five possible solutions?

    A. Product A

    B. Product B

    C. Product C

    D. Product D

    E. Product E

  • Question 466:

    The Chief Information Officer (CIO) has been asked to develop a security dashboard with the relevant metrics. The board of directors will use the dashboard to monitor and track the overall security posture of the organization. The CIO produces a basic report containing both KPI and KRI data in two separate sections for the board to review.

    Which of the following BEST meets the needs of the board?

    A. KRI:- Compliance with regulations- Backlog of unresolved security investigations- Severity of threats and vulnerabilities reported by sensors- Time to patch critical issues on a monthly basisKPI:- Time to resolve open security items- % of suppliers with approved security control frameworks- EDR coverage across the fleet- Threat landscape rating

    B. KRI:- EDR coverage across the fleet- Backlog of unresolved security investigations- Time to patch critical issues on a monthly basis- Threat landscape ratingKPI:- Time to resolve open security items- Compliance with regulations- % of suppliers with approved security control frameworks- Severity of threats and vulnerabilities reported by sensors

    C. KRI:- EDR coverage across the fleet- % of suppliers with approved security control framework- Backlog of unresolved security investigations- Threat landscape ratingKPI:- Time to resolve open security items- Compliance with regulations-Time to patch critical issues on a monthly basis- Severity of threats and vulnerabilities reported by sensors

    D. KPI:- Compliance with regulations- % of suppliers with approved security control frameworks- Severity of threats and vulnerabilities reported by sensors- Threat landscape ratingKRI:- Time to resolve open security items- Backlog of unresolved security investigations- EDR coverage across the fleet- Time to patch critical issues on a monthly basis

  • Question 467:

    The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future. Which of the following are the MOST appropriate ordered steps to take to meet the CISO's request?

    A. 1. Perform the ongoing research of the best practices2. Determine current vulnerabilities and threats3. Apply Big Data techniques4. Use antivirus control

    B. 1. Apply artificial intelligence algorithms for detection2. Inform the CERT team3. Research threat intelligence and potential adversaries4. Utilize threat intelligence to apply Big Data techniques

    C. 1. Obtain the latest IOCs from the open source repositories2. Perform a sweep across the network to identify positive matches3. Sandbox any suspicious files4. Notify the CERT team to apply a future proof threat model

    D. 1. Analyze the current threat intelligence2. Utilize information sharing to obtain the latest industry IOCs3. Perform a sweep across the network to identify positive matches4. Apply machine learning algorithms

  • Question 468:

    The government is concerned with remote military missions being negatively being impacted by the use of technology that may fail to protect operational security. To remediate this concern, a number of solutions have been implemented, including the following:

    1.

    End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that allow soldiers to securely communicate with families.

    2.

    Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allow TCP port 80 and 443 and approved applications

    3.

    A host-based whitelist of approved websites and applications that only allow mission-related tools and sites

    4.

    The use of satellite communication to include multiple proxy servers to scramble the source IP address

    Which of the following is of MOST concern in this scenario?

    A. Malicious actors intercepting inbound and outbound communication to determine the scope of the mission

    B. Family members posting geotagged images on social media that were received via email from soldiers

    C. The effect of communication latency that may negatively impact real-time communication with mission control

    D. The use of centrally managed military network and computers by soldiers when communicating with external parties

  • Question 469:

    There have been several exploits to critical devices within the network. However, there is currently no process to perform vulnerability analysis. Which the following should the security analyst implement during production hours to identify critical threats and vulnerabilities?

    A. asset inventory of all critical devices

    B. Vulnerability scanning frequency that does not interrupt workflow

    C. Daily automated reports of exploited devices

    D. Scanning of all types of data regardless of sensitivity levels

  • Question 470:

    A database administrator is required to adhere to and implement privacy principles when executing daily tasks. A manager directs the administrator to reduce the number of unique instances of PII stored within an organization's systems to the greatest extent possible. Which of the following principles is being demonstrated?

    A. Administrator accountability

    B. PII security

    C. Record transparency

    D. Data minimization

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.