CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 41:

    A Chief Information Security Officer (CISO) is developing a new BIA for the organization. The CISO wants to gather requirements to determine the appropriate RTO and RPO for the organization's ERP. Which of the following should the CISO interview as MOST qualified to provide RTO/RPO metrics?

    A. Data custodian
    B. Data owner
    C. Security analyst
    D. Business unit director
    E. Chief Executive Officer (CEO)

  • Question 42:

    An engineer is assisting with the design of a new virtualized environment that will house critical company services and reduce the datacenter's physical footprint. The company has expressed concern about the integrity of operating systems and wants to ensure a vulnerability exploited in one datacenter segment would not lead to the compromise of all others.

    Which of the following design objectives should the engineer complete to BEST mitigate the company's concerns? (Choose two.)

    A. Deploy virtual desktop infrastructure with an OOB management network
    B. Employ the use of vT PM with boot attestation
    C. Leverage separate physical hardware for sensitive services and data
    D. Use a community CSP with independently managed security services
    E. Deploy to a private cloud with hosted hypervisors on each physical machine

  • Question 43:

    The Chief Financial Officer (CFO) of a major hospital system has received a ransom letter that demands a large sum of cryptocurrency be transferred to an anonymous account. If the transfer does not take place within ten hours, the letter states that patient information will be released on the dark web. A partial listing of recent patients is included in the letter. This is the first indication that a breach took place. Which of the following steps should be done FIRST?

    A. Review audit logs to determine the extent of the breach
    B. Pay the hacker under the condition that all information is destroyed
    C. Engage a counter-hacking team to retrieve the data
    D. Notify the appropriate legal authorities and legal counsel

  • Question 44:

    Which of the following controls primarily detects abuse of privilege but does not prevent it?

    A. Off-boarding
    B. Separation of duties
    C. Least privilege
    D. Job rotation

  • Question 45:

    A recent security assessment revealed a web application may be vulnerable to clickjacking. According to the application developers, a fix may be months away. Which of the following should a security engineer configure on the web server to help mitigate the issue?

    A. File upload size limits
    B. HttpOnly cookie field
    C. X-Frame-Options header
    D. Input validation

  • Question 46:

    A company is migrating systems from an on-premises facility to a third-party managed datacenter. For continuity of operations and business agility, remote access to all hardware platforms must be available at all times. Access controls need to be very robust and provide an audit trail. Which of the following security controls will meet the company's objectives? (Select two.)

    A. Integrated platform management interfaces are configured to allow access only via SSH
    B. Access to hardware platforms is restricted to the systems administrator's IP address
    C. Access is captured in event logs that include source address, time stamp, and outcome
    D. The IP addresses of server management interfaces are located within the company's extranet
    E. Access is limited to interactive logins on the VDi
    F. Application logs are hashed cryptographically and sent to the SIEM

  • Question 47:

    A bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/JSON calls. The bank wants to ensure that the communication is stateless between the mobile application and the web services gateway. Which of the following controls MUST be implemented to enable stateless communication?

    A. Generate a one-time key as part of the device registration process.
    B. Require SSL between the mobile application and the web services gateway.
    C. The jsession cookie should be stored securely after authentication.
    D. Authentication assertion should be stored securely on the client.

  • Question 48:

    SIMULATION

    Compliance with company policy requires a quarterly review of firewall rules. You are asked to conduct a review on the internal firewall sitting between several internal networks. The intent of this firewall is to make traffic more secure. Given

    the following information perform the tasks listed below:

    Untrusted zone: 0.0.0.0/0

    User zone: USR 10.1.1.0/24

    User zone: USR2 10.1.2.0/24

    DB zone: 10.1.0/24

    Web application zone: 10.1.5.0/24

    Management zone: 10.1.10.0/24 Web server: 10.1.5.50 MS-SQL server: 10.1.4.70

    MGMT platform: 10.1.10.250

    Task 1) A rule was added to prevent the management platform from accessing the internet. This rule is not working. Identify the rule and correct this issue.

    Task 2) The firewall must be configured so that the SQL server can only receive requests from the web server.

    Task 3) The web server must be able to receive unencrypted requests from hosts inside and outside the corporate network.

    Task 4) Ensure the final rule is an explicit deny.

    Task 5) Currently the user zone can access internet websites over an unencrypted protocol. Modify a rule so that user access to websites is over secure protocols only.

    Instructions: To perform the necessary tasks, please modify the DST port, SRC zone, Protocol, Action, and/or Rule Order columns. Type ANY to include all ports. Firewall ACLs are read from the top down. Once you have met the simulation

    requirements, click Save. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

  • Question 49:

    Which of the following are the MOST likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company's final software releases? (Choose two.)

    A. Unsecure protocols
    B. Use of penetration-testing utilities
    C. Weak passwords
    D. Included third-party libraries
    E. Vendors/supply chain
    F. Outdated anti-malware software

  • Question 50:

    A SaaS-based email service provider often receives reports from legitimate customers that their IP netblocks are on blacklists and they cannot send email. The SaaS has confirmed that affected customers typically have IP addresses within broader network ranges and some abusive customers within the same IP ranges may have performed spam campaigns. Which of the following actions should the SaaS provider perform to minimize legitimate customer impact?

    A. Inform the customer that the service provider does not have any control over third-party blacklist entries. The customer should reach out to the blacklist operator directly
    B. Perform a takedown of any customer accounts that have entries on email blacklists because this is a strong indicator of hostile behavior
    C. Work with the legal department and threaten legal action against the blacklist operator if the netblocks are not removed because this is affecting legitimate traffic
    D. Establish relationship with a blacklist operators so broad entries can be replaced with more granular entries and incorrect entries can be quickly pruned

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.