CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 731:

    First responders, who are part of a core incident response team, have been working to contain an outbreak of ransomware that also led to data loss in a rush to isolate the three hosts that were calling out to the NAS to encrypt whole

    directories, the hosts were shut down immediately without investigation and then isolated.

    Which of the following were missed? (Choose two.)

    A. CPU, process state tables, and main memory dumps
    B. Essential information needed to perform data restoration to a known clean state
    C. Temporary file system and swap space
    D. Indicators of compromise to determine ransomware encryption
    E. Chain of custody information needed for investigation

  • Question 732:

    After embracing a BYOD policy, a company is faced with new security challenges from unmanaged mobile devices and laptops. The company's IT department has seen a large number of the following incidents:

    Duplicate IP addresses Rogue network devices Infected systems probing the company's network

    Which of the following should be implemented to remediate the above issues? (Choose two.)

    A. Port security
    B. Route protection
    C. NAC
    D. HIPS
    E. NIDS

  • Question 733:

    Following the most recent patch deployment, a security engineer receives reports that the ERP application is no longer accessible The security engineer reviews the situation and determines a critical secunty patch that was applied to the ERP server is the cause. The patch is subsequently backed out.

    Which of the following security controls would be BEST to implement to mitigate the threat caused by the missing patch?

    A. Anti-malware
    B. Patch testing
    C. HIPS
    D. Vulnerability scanner

  • Question 734:

    A secure facility has a server room that currently is controlled by a simple lock and key. and several administrators have copies of the key. To maintain regulatory compliance, a second lock, which is controlled by an application on the administrators' smartphones, is purchased and installed. The application has various authentication methods that can be used. The criteria for choosing the most appropriate method are:

    1.

    It cannot be invasive to the end user

    2.

    It must be utilized as a second factor.

    3.

    Information sharing must be avoided

    4.

    It must have a low false acceptance rate Which of the following BEST meets the criteria?

    A. Facial recognition
    B. Swipe pattern
    C. Fingerprint scanning
    D. Complex passcode
    E. Token card

  • Question 735:

    A malware infection spread to numerous workstations within the marketing department. The workstations were quarantined and replaced with machines. Which of the following represents a FINAL step in the prediction of the malware?

    A. The workstations should be isolated from the network.
    B. The workstations should be donated for refuse.
    C. The workstations should be reimaged
    D. The workstations should be patched and scanned.

  • Question 736:

    A security administrator has noticed that an increased number of employees' workstations are becoming infected with malware. The company deploys an enterprise antivirus system as well as a web content filter, which blocks access to malicious web sites where malware files can be downloaded. Additionally, the company implements technical measures to disable external storage. Which of the following is a technical control that the security administrator should implement next to reduce malware infection?

    A. Implement an Acceptable Use Policy which addresses malware downloads.
    B. Deploy a network access control system with a persistent agent.
    C. Enforce mandatory security awareness training for all employees and contractors.
    D. Block cloud-based storage software on the company network.

  • Question 737:

    A security administrator adding a NAC requirement for all VPN users to ensure the connecting devices are compliant with company policy. Which of the following items provides the HIGHEST assurance to meet this requirement?

    A. Implement a permanent agent.
    B. Install antivirus software.
    C. Use an agentless implementation.
    D. Implement PKI.

  • Question 738:

    A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information. Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

    A. Hybrid IaaS solution in a single-tenancy cloud
    B. Pass solution in a multinency cloud
    C. SaaS solution in a community cloud
    D. Private SaaS solution in a single tenancy cloud.

  • Question 739:

    Ann. a user, brings her laptop to an analyst after noticing it has been operating very slowly. The security analyst examines the laptop and obtains the following output: Which of the following will the analyst most likely use NEXT?

    A. Process explorer
    B. Vulnerability scanner
    C. Antivirus
    D. Network enumerator

  • Question 740:

    A security engineer is analyzing an application during a security assessment to ensure it is configured to protect against common threats. Given the output below:

    Which of the following tools did the security engineer MOST likely use to generate this output?

    A. Application fingerprinter
    B. Fuzzer
    C. HTTP interceptor
    D. Vulnerability scanner

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.