1. Home
  2. CompTIA
  3. CAS-003

CompTIA CAS-003 Online Practice Questions and Exam Preparation

CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 651:

    An organization is improving its web services to enable better customer engagement and self-service. The organization has a native mobile application and a rewards portal provided by a third party. The business wants to provide customers with the ability to log in once and have SSO between each of the applications. The integrity of the identity is important so it can be propagated through to back-end systems to maintain a consistent audit trail. Which of the following authentication and authorization types BEST meet the requirements? (Choose two.)

    A. SAML
    B. Social login
    C. OpenID connect
    D. XACML
    E. SPML
    F. OAuth

  • Question 652:

    A company's human resources department recently had its own shadow IT department spin up ten VMs that host a mixture of differently labeled data types (confidential and restricted) on the same VMs Which of the following cloud and visualization considerations would BEST address the issue presented in this scenario?

    A. Vulnerabilities associated with a single platform hosting multiple data types on VMs should have been considered
    B. Vulnerabilities associated with a single server hosting multiple data types should have been considered.
    C. Type 1vs Type 2 hypervisor approaches should have been considered
    D. Vulnerabilities associated with shared hosting services provided by the IT department should have been considered.

  • Question 653:

    One of the objectives of a bank is to instill a security awareness culture. Which of the following are techniques that could help to achieve this? (Choose two.)

    A. Blue teaming
    B. Phishing simulations
    C. Lunch-and-learn
    D. Random audits
    E. Continuous monitoring
    F. Separation of duties

  • Question 654:

    A small company needs to reduce its operating costs. vendors have proposed solutions, which all focus on management of the company's website and services. The Chief information Security Officer (CISO) insist all available resources in the proposal must be dedicated, but managing a private cloud is not an option. Which of the following is the BEST solution for this company?

    A. Community cloud service model
    B. Multinency SaaS
    C. Single-tenancy SaaS
    D. On-premises cloud service model

  • Question 655:

    A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?

    A. PCI DSS
    B. GDPR
    C. NIST
    D. ISO 31000

  • Question 656:

    A technician uses an old SSL server due to budget constraints and discovers performance degrades dramatically after enabling PFS The technician cannot determine why performance degraded so dramatically A newer version of the SSL server does not suffer the same performance degradation. Performance rather than security is the main priority for the technician.

    The system specifications and configuration of each system are listed below:

    Which of the following is MOST likely the cause of the degradation in performance and should be changed?

    A. Using ECC
    B. Using RSA
    C. Disk size
    D. Memory size
    E. Decryption chips
    F. Connection requests

  • Question 657:

    An organization is deploying IoT locks, sensors, and cameras, which operate over 802.11, to replace legacy building access control systems. These devices are capable of triggering physical access changes, including locking and unlocking doors and gates. Unfortunately, the devices have known vulnerabilities for which the vendor has yet to provide firmware updates.

    Which of the following would BEST mitigate this risk?

    A. Direct wire the IoT devices into physical switches and place them on an exclusive VLAN.
    B. Require sensors to sign all transmitted unlock control messages digitally.
    C. Associate the devices with an isolated wireless network configured for WPA2 and EAP-TLS.
    D. Implement an out-of-band monitoring solution to detect message injections and attempts.

  • Question 658:

    A network engineer is concerned about hosting web, SFTP. and email services in a single DMZ that is hosted in the same security zone This could potentially allow lateral movement within the environment. Which of the following should the engineer implement to mitigate the risk?

    A. Put all the services on a single host to reduce the number of servers.
    B. Create separate security zones for each service and use ACLs for segmentation.
    C. Keep the web server in the DMZ and move the other server services to the internal network.
    D. Deploy a switch and create VLANs for each service.

  • Question 659:

    Over the last 90 days, many private storage services have been exposed in the cloud services environments, and the security team does not have the ability to see who is creating these instances. Shadow IT is creating data services and instances faster than the email security team can keep up with them. The Chief Information Security Officer (CISO) has asked the security lead architect to recommend solutions to this problem.

    Which of the following BEST addresses the problem with the least amount of administrative effort?

    A. Compile a list of firewall requests and compare them against interesting cloud services
    B. Implement a CASB solution and track cloud service use cases for greater visibility
    C. Implement a user-behavior analytics system to associate user events with cloud service creation events
    D. Capture all logs and feed them to a SIEM. and then analyze for cloud service events.

  • Question 660:

    The Chief Executive Officer )CEO) of a small company decides to use cloud computing to host critical corporate data for protection from natural disasters. The recommended solution is to adopt the public cloud for its cost savings If the CEO insists on adopting the public cloud model, which of the following would be the BEST advice?

    A. Ensure the cloud provider supports a secure virtual desktop infrastructure
    B. Ensure the colocation facility implements a robust DRP to help with business continuity planning.
    C. Ensure the on-premises datacenter employs fault tolerance and load balancing capabilities.
    D. Ensure the ISP is using a standard help-desk ticketing system to respond to any system outages

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.