1. Home
  2. CompTIA
  3. CAS-003

CompTIA CAS-003 Online Practice Questions and Exam Preparation

CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 641:

    Company policy requires that all unsupported operating systems be removed from the network. The security administrator is using a combination of network based tools to identify such systems for the purpose of disconnecting them from the network. Which of the following tools, or outputs from the tools in use, can be used to help the security administrator make an approximate determination of the operating system in use on the local company network? (Select THREE).

    A. Passive banner grabbing
    B. Password cracker
    C. http://www.company.org/documents_private/index.php?search=string# andtopic=windowsandtcp=packet%20captureandcookie=wokdjwalkjcnie61lkasdf2aliser4
    D. 443/tcp open http
    E. dig host.company.com
    F. 09:18:16.262743 IP (tos 0x0, ttl 64, id 9870, offset 0, flags [none], proto TCP (6), length 40) 192.168.1.3.1051 > 10.46.3.7.80: Flags [none], cksum 0x1800 (correct), win 512, length 0
    G. Nmap

  • Question 642:

    A recent penetration test identified that a web server has a major vulnerability. The web server hosts a critical shipping application for the company and requires 99.99% availability. Attempts to fix the vulnerability would likely break the application. The shipping application is due to be replaced in the next three months. Which of the following would BEST secure the web server until the replacement web server is ready?

    A. Patch management
    B. Antivirus
    C. Application firewall
    D. Spam filters
    E. HIDS

  • Question 643:

    A Chief Information Security Officer (CISO) is reviewing the controls in place to support the organization's vulnerability management program. The CISO finds patching and vulnerability scanning policies and procedures are in place. However, the CISO is concerned the organization is siloed and is not maintaining awareness of new risks to the organization. The CISO determines systems administrators need to participate in industry security events. Which of the following is the CISO looking to improve?

    A. Vendor diversification
    B. System hardening standards
    C. Bounty programs
    D. Threat awareness
    E. Vulnerability signatures

  • Question 644:

    An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month. The new software product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per month and be more secure. How many years until there is a return on investment for this new package?

    A. 1
    B. 2
    C. 3
    D. 4

  • Question 645:

    A company relies on an ICS to perform equipment monitoring functions that are federally mandated for operation of the facility. Fines for non-compliance could be costly. The ICS has known vulnerabilities and can no longer be patched or

    updated. Cyber-liability insurance cannot be obtained because insurance companies will not insure this equipment.

    Which of the following would be the BEST option to manage this risk to the company's production environment?

    A. Avoid the risk by removing the ICS from production
    B. Transfer the risk associated with the ICS vulnerabilities
    C. Mitigate the risk by restricting access to the ICS
    D. Accept the risk and upgrade the ICS when possible

  • Question 646:

    A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them. After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst is now recommending that developers and testers have a separate device profile allowing this, and that the rest of the organization's users do not have the ability to manually download and install untrusted applications. Which of the following settings should be toggled to achieve the goal? (Choose two.)

    A. OTA updates
    B. Remote wiping
    C. Side loading
    D. Sandboxing
    E. Containerization
    F. Signed applications

  • Question 647:

    A popular commercial virtualization platform allows for the creation of virtual hardware. To virtual machines, this virtual hardware is indistinguishable from real hardware. By implementing virtualized TPMs, which of the following trusted system concepts can be implemented?

    A. Software-based root of trust
    B. Continuous chain of trust
    C. Chain of trust with a hardware root of trust
    D. Software-based trust anchor with no root of trust

  • Question 648:

    Which of the following is MOST likely to be included in a security services SLA with a third-party vendor?

    A. The standard of quality for anti-malware engines
    B. Parameters for applying critical patches
    C. The validity of program productions
    D. Minimum bit strength for encryption-in-transit.

  • Question 649:

    An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiation, there are a number of outstanding issues, including:

    1.

    Indemnity clauses have identified the maximum liability.

    2.

    The data will be hosted and managed outside of the company's geographical location.

    The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant of the project, which of the following should the project's security consultant recommend as the NEXT step?

    A. Develop a security exemption, as it does not meet the security policies.
    B. Require the solution owner to accept the identified risks and consequences.
    C. Mitigate the risk by asking the vendor to accept the in-country privacy principles.
    D. Review the procurement process to determine the lessons learned.

  • Question 650:

    security analyst is validating the MAC policy on a set of Android devices The policy was written to ensure non-cntical applications are unable to access certain resources. When reviewing dmesg, the analyst notes many entries, such as:

    avc: denied { open } for pid=1018 comm= "ire" path= "/dev/if0"dev= "tmpfs" scontext=u:r:irc:sO tcontext=u:object_r:default:s0tclass=chr_file permissive=l

    Despite the deny message, this action was still permitted Which of the following is the MOST likely fix for this issue?

    A. Add the objects of concern to the default context
    B. Set the devices to enforcing mode
    C. Create separate domain and context files for irc
    D. Rebuild the sepolicy, reinstall, and test

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.