1. Home
  2. CompTIA
  3. CAS-003

CompTIA CAS-003 Online Practice Questions and Exam Preparation

CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 471:

    An organization's network security administrator has been using an SSH connection to manage switches and routers for several years. After attempting to connect to a router, an alert appears on the terminal emulation software, warning that the SSH key has changed.

    After confirming the administrator is using the typical workstation and the router has not been replaced, which of the following are the MOST likely explanations for the warning message? (Choose two.).

    A. The SSH keys were given to another department.
    B. A MITM attack is being performed by an APT.
    C. The terminal emulator does not support SHA-256.
    D. An incorrect username or password was entered.
    E. A key rotation has occurred as a result of an incident.
    F. The workstation is not syncing with the correct NTP server.

  • Question 472:

    While attending a meeting with the human resources department, an organization's information security officer sees an employee using a username and password written on a memo pad to log into a specific service. When the information security officer inquires further as to why passwords are being written down, the response is that there are too many passwords to remember for all the different services the human resources department is required to use.

    Additionally, each password has specific complexity requirements and different expiration time frames. Which of the following would be the BEST solution for the information security officer to recommend?

    A. Utilizing MFA
    B. Implementing SSO
    C. Deploying 802.1X
    D. Pushing SAML adoption
    E. Implementing TACACS

  • Question 473:

    Users have reported that an internally developed web application is acting erratically, and the response output is inconsistent. The issue began after a web application dependency patch was applied to improve security. Which of the following would be the MOST appropriate tool to help identify the issue?

    A. Fuzzer
    B. SCAP scanner
    C. Vulnerability scanner
    D. HTTP interceptor

  • Question 474:

    A security administrator wants to allow external organizations to cryptographically validate the company's domain name in email messages sent by employees. Which of the following should the security administrator implement?

    A. SPF
    B. S/MIME
    C. TLS
    D. DKIM

  • Question 475:

    An engineer needs to provide access to company resources for several offshore contractors. The contractors require:

    Access to a number of applications, including internal websites Access to database data and the ability to manipulate it The ability to log into Linux and Windows servers remotely

    Which of the following remote access technologies are the BEST choices to provide all of this access securely? (Choose two.)

    A. VTC
    B. VRRP
    C. VLAN
    D. VDI
    E. VPN
    F. Telnet

  • Question 476:

    The Chief Information Security Officer (CISO) of a small, local bank has a compliance requirement that a third-party penetration test of the core banking application must be conducted annually. Which of the following services would fulfill the compliance requirement with the LOWEST resource usage?

    A. Black-box testing
    B. Gray-box testing
    C. Red-team hunting
    D. White-box testing
    E. Blue-team exercises

  • Question 477:

    A PaaS provider deployed a new product using a DevOps methodology Because DevOps is used to support both development and production assets inherent separation of duties is limited To ensure compliance with security frameworks that require a specific set of controls relating to separation of duties the organization must design and implement an appropriate compensating control Which of the following would be MOST suitable in this scenario?

    A. Configuration of increased levels of logging, monitoring and alerting on production access
    B. Configuration of MFA and context-based login restrictions for all DevOps personnel
    C. Development of standard code libraries and usage of the WS-security module on all web servers
    D. Implementation of peer review, static code analysis and web application penetration testing against the staging environment

  • Question 478:

    A Chief Financial Officer (CFO) has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently funded a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation?

    A. The CFO is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.
    B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.
    C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the CFO.
    D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.

  • Question 479:

    An organization is currently working with a client to migrate data between a legacy ERP system and a cloud-based ERP tool using a global PaaS provider. As part of the engagement, the organization is performing data deduplication and sanitization of client data to ensure compliance with regulatory requirements. Which of the following is the MOST likely reason for the need to sanitize the client data? (Choose two.)

    A. Data aggregation
    B. Data sovereignty
    C. Data isolation
    D. Data volume
    E. Data analytics
    F. Data precision

  • Question 480:

    The risk manager at a small bank wants to use quantitative analysis to determine the ALE of running a business system at a location which is subject to fires during the year. A risk analyst reports to the risk manager that the asset value of the business system is $120,000 and, based on industry data, the exposure factor to fires is only 20% due to the fire suppression system installed at the site. Fires occur in the area on average every four years. Which of the following is the ALE?

    A. $6,000
    B. $24,000
    C. $30,000
    D. $96,000

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.