CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 71:

    The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?

    A. Capture process ID data and submit to anti-virus vendor for review.
    B. Reboot the Linux servers, check running processes, and install needed patches.
    C. Remove a single Linux server from production and place in quarantine.
    D. Notify upper management of a security breach.
    E. Conduct a bit level image, including RAM, of one or more of the Linux servers.

  • Question 72:

    An organization is attempting to harden its web servers and reduce the information that might be disclosed by potential attackers. A security anal... reviewing vulnerability scan result from a recent web server scan. Portions of the scan results are shown below: Finding# 5144322 First time detected 10 nov 2015 09:00 GMT_0600 Last time detected 10 nov 2015 09:00 GMT_0600 CVSS base: 5 Access path: http://myorg.com/mailinglist.htm Request: GET http://mailinglist.aspx?content=volunteer Response: C:\Docments\MarySmith\malinglist.pdf Which of the following lines indicates information disclosure about the host that needs to be remediated?

    A. Response: C:\Docments\marysmith\malinglist.pdf
    B. Finding#5144322
    C. First Time detected 10 nov 2015 09:00 GMT_0600
    D. Access path: http//myorg.com/mailinglist.htm
    E. Request: GET http://myorg.come/mailinglist.aspx?content=volunteer

  • Question 73:

    An organization wants to allow its employees to receive corporate email on their own smartphones. A security analyst is reviewing the following information contained within the file system of an employee's smartphone:

    1.

    FamilyPix.jpg

    2.

    Taxreturn.tax

    3.

    paystub.pdf

    4.

    employeesinfo.xls

    5.

    SoccerSchedule.doc

    6.

    RecruitmentPlan.xls

    Based on the above findings, which of the following should the organization implement to prevent further exposure? (Select two).

    A. Remote wiping
    B. Side loading
    C. VPN
    D. Containerization
    E. Rooting
    F. Geofencing
    G. Jailbreaking

  • Question 74:

    An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?

    A. File system information, swap files, network processes, system processes and raw disk blocks.
    B. Raw disk blocks, network processes, system processes, swap files and file system information.
    C. System processes, network processes, file system information, swap files and raw disk blocks.
    D. Raw disk blocks, swap files, network processes, system processes, and file system information.

  • Question 75:

    A product manager is concerned about the unintentional sharing of the company's intellectual property through employees' use of social media. Which of the following would BEST mitigate this risk?

    A. Virtual desktop environment
    B. Network segmentation
    C. Web application firewall
    D. Web content filter

  • Question 76:

    A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach to risk management?

    A. Subjective and based on an individual's experience.
    B. Requires a high degree of upfront work to gather environment details.
    C. Difficult to differentiate between high, medium, and low risks.
    D. Allows for cost and benefit analysis.
    E. Calculations can be extremely complex to manage.

  • Question 77:

    A consultant is planning an assessment of a customer-developed system. The system consists of a custom-engineered board with modified open-source drivers and a one-off management GUI The system relies on two- factor authentication for interactive sessions, employs strong certificate-based data-in-transit encryption, and randomly switches ports for each session. Which of the following would yield the MOST useful information?

    A. Password cracker
    B. Wireless network analyzer
    C. Fuzzing tools
    D. Reverse engineering principles

  • Question 78:

    The Chief Executive Officer (CEO) of a fast-growing company no longer knows all the employees and is concerned about the company's intellectual property being stolen by an employee. Employees are allowed to work remotely with flexible hours, creating unpredictable schedules. Roles are poorly defined due to frequent shifting needs across the company. Which of the following new initiatives by the information security team would BEST secure the company and mitigate the CEO's concerns?

    A. Begin simulated phishing campaigns for employees and follow up with additional security awareness training.
    B. Seed company fileshares and servers with text documents containing fake passwords and then monitor for their use.
    C. Implement DLP to monitor data transfer between employee accounts and external parties and services
    D. Report data from a user-behavior monitoring tool and assign security analysts to review it daily

  • Question 79:

    Given the code snippet below:

    Which of the following vulnerability types in the MOST concerning?

    A. Only short usernames are supported, which could result in brute forcing of credentials.
    B. Buffer overflow in the username parameter could lead to a memory corruption vulnerability.
    C. Hardcoded usernames with different code paths taken depend on which user is entered.
    D. Format string vulnerability is present for admin users but not for standard users.

  • Question 80:

    An organization is currently working with a client to migrate data between a legacy ERP system and a cloud-based ERP tool using a global PaaS provider. As part of the engagement, the organization is performing data deduplication and sanitization of client data to ensure compliance with regulatory requirements. Which of the following is the MOST likely reason for the need to sanitize the client data? (Choose two.)

    A. Data aggregation
    B. Data sovereignty
    C. Data isolation
    D. Data volume
    E. Data analytics
    F. Data precision

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.