1. Home
  2. CompTIA
  3. CAS-003

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Certifications CAS-003 Questions & Answers

  • Question 611:

    A network engineer is attempting to design-in resiliency characteristics for an enterprise network's VPN services.

    If the engineer wants to help ensure some resilience against zero-day vulnerabilities exploited against the VPN implementation, which of the following decisions would BEST support this objective?

    A. Implement a reverse proxy for VPN traffic that is defended and monitored by the organization's SOC with near-real-time alerting to administrators.

    B. Subscribe to a managed service provider capable of supporting the mitigation of advanced DDoS attacks on the enterprise's pool of VPN concentrators.

    C. Distribute the VPN concentrators across multiple systems at different physical sites to ensure some backup services are available in the event of primary site loss.

    D. Employ a second VPN layer concurrently where the other layer's cryptographic implementation is sourced from a different vendor.

  • Question 612:

    Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages:

    Which of the following represents the BEST solution for preventing future fines?

    A. Implement a secure text-messaging application for mobile devices and workstations.

    B. Write a policy requiring this information to be given over the phone only.

    C. Provide a courier service to deliver sealed documents containing public health informatics.

    D. Implement FTP services between clinics to transmit text documents with the information.

    E. Implement a system that will tokenize patient numbers.

  • Question 613:

    The risk subcommittee of a corporate board typically maintains a master register of the most prominent risks to the company. A centralized holistic view of risk is particularly important to the corporate Chief Information Security Officer (CISO) because:

    A. IT systems are maintained in silos to minimize interconnected risks and provide clear risk boundaries used to implement compensating controls

    B. risks introduced by a system in one business unit can affect other business units in ways in which the individual business units have no awareness

    C. corporate general counsel requires a single system boundary to determine overall corporate risk exposure

    D. major risks identified by the subcommittee merit the prioritized allocation of scare funding to address cybersecurity concerns

  • Question 614:

    A development team is testing an in-house-developed application for bugs. During the test, the application crashes several times due to null pointer exceptions. Which of the following tools, if integrated into an IDE during coding, would identify these bugs routinely?

    A. Issue tracker

    B. Static code analyzer

    C. Source code repository

    D. Fuzzing utility

  • Question 615:

    The Chief Executive Officer (CEO) of a small startup company has an urgent need for a security policy and assessment to address governance, risk management, and compliance. The company has a resource-constrained IT department, but has no information security staff. The CEO has asked for this to be completed in three months.

    Which of the following would be the MOST cost-effective solution to meet the company's needs?

    A. Select one of the IT personnel to obtain information security training, and then develop all necessary policies and documents in-house.

    B. Accept all risks associated with information security, and then bring up the issue again at next year's annual board meeting.

    C. Release an RFP to consultancy firms, and then select the most appropriate consultant who can fulfill the requirements.

    D. Hire an experienced, full-time information security team to run the startup company's information security department.

  • Question 616:

    A threat advisory alert was just emailed to the IT security staff. The alert references specific types of host operating systems that can allow an unauthorized person to access files on a system remotely. A fix was recently published, but it

    requires a recent endpoint protection engine to be installed prior to running the fix.

    Which of the following MOST likely need to be configured to ensure the system are mitigated accordingly? (Select two.)

    A. Antivirus

    B. HIPS

    C. Application whitelisting

    D. Patch management

    E. Group policy implementation

    F. Firmware updates

  • Question 617:

    A security engineer is performing an assessment again for a company. The security engineer examines the following output from the review:

    Which of the following tools is the engineer utilizing to perform this assessment?

    A. Vulnerability scanner

    B. SCAP scanner

    C. Port scanner

    D. Interception proxy

  • Question 618:

    An information security manager conducted a gap analysis, which revealed a 75% implementation of security controls for high-risk vulnerabilities, 90% for medium vulnerabilities, and 10% for low-risk vulnerabilities. To create a road map to close the identified gaps, the assurance team reviewed the likelihood of exploitation of each vulnerability and the business impact of each associated control. To determine which controls to implement, which of the following is the MOST important to consider?

    A. KPI

    B. KRI

    C. GRC

    D. BIA

  • Question 619:

    A systems administrator at a medical imaging company discovers protected health information (PHI) on a general purpose file server. Which of the following steps should the administrator take NEXT?

    A. Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2

    B. Immediately encrypt all PHI with AES 256

    C. Delete all PHI from the network until the legal department is consulted

    D. Consult the legal department to determine legal requirements

  • Question 620:

    A company's security policy states any remote connections must be validated using two forms of network-based authentication. It also states local administrative accounts should not be used for any remote access. PKI currently is not configured within the network. RSA tokens have been provided to all employees, as well as a mobile application that can be used for 2FA authentication. A new NGFW has been installed within the network to provide security for external connections, and the company has decided to use it for VPN connections as well. Which of the following should be configured? (Choose two.)

    A. Certificate-based authentication

    B. TACACS+

    C. 802.1X

    D. RADIUS

    E. LDAP

    F. Local user database

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.