1. Home
  2. CompTIA
  3. CAS-003

CompTIA CAS-003 Online Practice Questions and Exam Preparation

CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 531:

    A company is moving all of its web applications to an SSO configuration using SAML. Some employees report that when signing in to an application, they get an error message on the login screen after entering their username and password, and are denied access. When they access another system that has been converted to the new SSO authentication model, they are able to authenticate successfully without being prompted for login.

    Which of the following is MOST likely the issue?

    A. The employees are using an old link that does not use the new SAML authentication.
    B. The XACML for the problematic application is not in the proper format or may be using an older schema.
    C. The web services methods and properties are missing the required WSDL to complete the request after displaying the login page.
    D. A threat actor is implementing an MITM attack to harvest credentials.

  • Question 532:

    A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following.

    1.

    Transactions being required by unauthorized individual

    2.

    Complete discretion regarding client names, account numbers, and investment information.

    3.

    Malicious attacker using email to distribute malware and ransom ware.

    4.

    Exfiltration of sensitivity company information.

    The cloud-based email solution will provide an6-malware, reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the board's concerns for this email migration?

    A. Data loss prevention
    B. Endpoint detection response
    C. SSL VPN
    D. Application whitelisting

  • Question 533:

    A security administrator is reviewing the following output from an offline password audit:

    Which of the following should the systems administrator implement to BEST address this audit finding? (Choose two.)

    A. Cryptoprocessor
    B. Bcrypt
    C. SHA-256
    D. PBKDF2
    E. Message authentication

  • Question 534:

    After significant vulnerabilities and misconfigurations were found in numerous production web applications, a security manager identified the need to implement better development controls. Which of the following controls should be verified? (Select two).

    A. Input validation routines are enforced on the server side.
    B. Operating systems do not permit null sessions.
    C. Systems administrators receive application security training.
    D. VPN connections are terminated after a defined period of time.
    E. Error-handling logic fails securely.
    F. OCSP calls are handled effectively.

  • Question 535:

    A Chief Information Officer (CIO) publicly announces the implementation of a new financial system. As part of a security assessment that includes a social engineering task, which of the following tasks should be conducted to demonstrate the BEST means to gain information to use for a report on social vulnerability details about the financial system?

    A. Call the CIO and ask for an interview, posing as a job seeker interested in an open position
    B. Compromise the email server to obtain a list of attendees who responded to the invitation who is on the IT staff
    C. Notify the CIO that, through observation at events, malicious actors can identify individuals to befriend
    D. Understand the CIO is a social drinker, and find the means to befriend the CIO at establishments the CIO frequents

  • Question 536:

    A forensic analyst suspects that a buffer overflow exists in a kernel module. The analyst executes the following command:

    dd if=/dev/ram of=/tmp/mem/dmp The analyst then reviews the associated output: ^34^#AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/bin/bash^21^03#45

    However, the analyst is unable to find any evidence of the running shell.

    Which of the following of the MOST likely reason the analyst cannot find a process ID for the shell?

    A. The NX bit is enabled
    B. The system uses ASLR
    C. The shell is obfuscated
    D. The code uses dynamic libraries

  • Question 537:

    A security engineer is assessing the controls that are in place to secure the corporate-Internet-facing DNS server. The engineer notices that security ACLs exist but are not being used properly. The DNS server should respond to any source but only provide information about domains it has authority over. Additionally, the DNS administrator have identified some problematic IP addresses that should not be able to make DNS requests. Given the ACLs below:

    Which of the following should the security administrator configure to meet the DNS security needs?

    A. Option A
    B. Option B
    C. Option C
    D. Option D

  • Question 538:

    An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:

    Each lab must be on a separate network segment.

    Labs must have access to the Internet, but not other lab networks.

    Student devices must have network access, not simple access to hosts on the lab networks.

    Students must have a private certificate installed before gaining access.

    Servers must have a private certificate installed locally to provide assurance to the students.

    All students must use the same VPN connection profile.

    Which of the following components should be used to achieve the design in conjunction with directory services?

    A. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
    B. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
    C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
    D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment

  • Question 539:

    After analyzing code, two developers al a company bring these samples to the security operations manager.

    Which of the following would BEST solve these coding problems?

    A. Use a privileged access management system
    B. Prompt the administrator for the password .
    C. Use salted hashes with PBKDF2.
    D. Increase the complexity and length of the password

  • Question 540:

    The risk subcommittee of a corporate board typically maintains a master register of the most prominent risks to the company. A centralized holistic view of risk is particularly important to the corporate Chief Information Security Officer (CISO) because:

    A. IT systems are maintained in silos to minimize interconnected risks and provide clear risk boundaries used to implement compensating controls
    B. risks introduced by a system in one business unit can affect other business units in ways in which the individual business units have no awareness
    C. corporate general counsel requires a single system boundary to determine overall corporate risk exposure
    D. major risks identified by the subcommittee merit the prioritized allocation of scare funding to address cybersecurity concerns

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.