CAS-003 Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-003 Online Questions & Answers

  • Question 81:

    A new cluster of virtual servers has been set up in a lab environment and must be audited before being allowed on the production network. The security manager needs to ensure unnecessary services are disabled and all system accounts are using strong credentials.

    Which of the following tools should be used? (Choose two.)

    A. Fuzzer
    B. SCAP scanner
    C. Packet analyzer
    D. Password cracker
    E. Network enumerator
    F. SIEM

  • Question 82:

    A company's security policy states any remote connections must be validated using two forms of network-based authentication. It also states local administrative accounts should not be used for any remote access. PKI currently is not configured within the network. RSA tokens have been provided to all employees, as well as a mobile application that can be used for 2FA authentication. A new NGFW has been installed within the network to provide security for external connections, and the company has decided to use it for VPN connections as well. Which of the following should be configured? (Choose two.)

    A. Certificate-based authentication
    B. TACACS+
    C. 802.1X
    D. RADIUS
    E. LDAP
    F. Local user database

  • Question 83:

    A hospital is using a functional magnetic resonance imaging (fMRI) scanner, which is controlled legacy desktop connected to the network. The manufacturer of the fMRI will not support patching of the legacy system. The legacy desktop needs to be network accessible on TCP port 445 A security administrator is concerned the legacy system will be vulnerable to exploits Which of the following would be the BEST strategy to reduce the risk of an outage while still providing for security?

    A. Install HIDS and disable unused services.
    B. Enable application whitelisting and disable SMB.
    C. Segment the network and configure a controlled interface
    D. Apply only critical security patches for known vulnerabilities.

  • Question 84:

    An information security officer is responsible for one secure network and one office network. Recent intelligence suggests there is an opportunity for attackers to gain access to the secure network due to similar login credentials across networks. To determine the users who should change their information, the information security officer uses a tool to scan a file with hashed values on both networks and receives the following data:

    Which of the following tools was used to gather this information from the hashed values in the file?

    A. Vulnerability scanner
    B. Fuzzer
    C. MD5 generator
    D. Password cracker
    E. Protocol analyzer

  • Question 85:

    The source workstation image for new accounting PCs has begun blue-screening. A technician notices that the date/time stamp of the image source appears to have changed. The desktop support director has asked the Information Security department to determine if any changes were made to the source image. Which of the following methods would BEST help with this process? (Select TWO).

    A. Retrieve source system image from backup and run file comparison analysis on the two images.
    B. Parse all images to determine if extra data is hidden using steganography.
    C. Calculate a new hash and compare it with the previously captured image hash.
    D. Ask desktop support if any changes to the images were made.
    E. Check key system files to see if date/time stamp is in the past six months.

  • Question 86:

    Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range.

    Instructions: Click on the simulation button to refer to the Network Diagram for Company A.

    Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.

    Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.

    Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.

    Hot Area:

  • Question 87:

    A company is transitioning to a new VDI environment, and a system engineer is responsible for developing a sustainable security strategy for the VDIs.

    Which of the following is the MOST appropriate order of steps to be taken?

    A. Firmware update, OS patching, HIDS, antivirus, baseline, monitoring agent
    B. OS patching, baseline, HIDS, antivirus, monitoring agent, firmware update
    C. Firmware update, OS patching, HIDS, antivirus, monitoring agent, baseline
    D. Baseline, antivirus, OS patching, monitoring agent, HIDS, firmware update

  • Question 88:

    A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this policy. One system will be upgraded in six months, and two are not expected to be upgraded or removed from the network. Which of the following processes should be followed?

    A. Establish a risk matrix
    B. Inherit the risk for six months
    C. Provide a business justification to avoid the risk
    D. Provide a business justification for a risk exception

  • Question 89:

    A Chief Information Security Officer (CISO) is running a test to evaluate the security of the corporate network and attached devices. Which of the following components should be executed by an outside vendor?

    A. Penetration tests
    B. Vulnerability assessment
    C. Tabletop exercises
    D. Blue-team operations

  • Question 90:

    A security engineer is troubleshooting an issue in which an employee is getting an IP address in the range on the wired network. The engineer plus another PC into the same port, and that PC gets an IP address in the correct range. The engineer then puts the employee' PC on the wireless network and finds the PC still not get an IP address in the proper range. The PC is up to date on all software and antivirus definitions, and the IP address is not an APIPA address. Which of the following is MOST likely the problem?

    A. The company is using 802.1x for VLAN assignment, and the user or computer is in the wrong group.
    B. The DHCP server has a reservation for the PC's MAC address for the wired interface.
    C. The WiFi network is using WPA2 Enterprise, and the computer certificate has the wrong IP address in the SAN field.
    D. The DHCP server is unavailable, so no IP address is being sent back to the PC.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.