1. Home
  2. CompTIA
  3. CAS-003

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-003
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :791 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Certifications CAS-003 Questions & Answers

  • Question 81:

    A hospital is deploying new imaging software that requires a web server for access to images for both local and remote users. The web server allows user authentication via secure LDAP. The information security officer wants to ensure the server does not allow unencrypted access to the imaging server by using Nmap to gather additional information. Given the following:

    1.

    The imaging server IP is 192.168.101.24.

    2.

    The domain controller IP is 192.168.100.1.

    3.

    The client machine IP is 192.168.200.37.

    Which of the following should be used to confirm this is the only open port on the web server?

    A. nmap -p 80,443 192.168.101.24

    B. nmap -p 80, 443,389,636 192.168.100.1

    C. nmap --p 80,389 192.168.200.37

    D. nmap -p- 192.168.101.24

  • Question 82:

    A system administrator recently conducted a vulnerability scan of the internet. Subsequently, the organization was successfully attacked by an adversary. Which of the following in the MOST likely explanation for why the organization network was compromised?

    A. There was a false positive since the network was fully patched.

    B. The system administrator did not perform a full system sun.

    C. The systems administrator performed a credentialed scan.

    D. The vulnerability database was not updated.

  • Question 83:

    A developer needs to provide feedback on a peer's work during the SDLC. While reviewing the code changes, the developers session ID tokens for a web application will be transmitted over an unsecure connection. Which of the following code snippets should the developer recommend implement to correct the vulnerability?

    A. Option A

    B. Option B

    C. Option C

    D. Option D

  • Question 84:

    A security analyst is comparing two virtual servers that were bum from the same image and patched at the same regular intervals Server A is used to host a public-facing website, and Server B runs accounting software inside the firewalled accounting network. The analyst runs the same command and obtains the following output from Server A and Server B. respectively:

    Which of the following will the analyst most likely use NEXT?

    A. Exploitation tools

    B. Hash cracking tools

    C. Malware analysis tools

    D. Log analysis tools

  • Question 85:

    A security analyst is attempting to identify code that is vulnerable to butler and integer overflow attacks. Which of the following code snippets is safe from these types of attacks?

    A. B. C. D.

    A. Option A

    B. Option B

    C. Option C

    D. Option D

  • Question 86:

    A security administrator is confirming specific ports and IP addresses that are monitored by the IPS- IDS system as well as the firewall placement on the perimeter network between the company and a new business partner Which of the following business documents defines the parameters the security administrator must confirm?

    A. BIA

    B. ISA

    C. NDA

    D. MOU

  • Question 87:

    An administrator wants to ensure hard drives cannot be removed from hosts and men installed into and read by unauthorized hosts Which of the following techniques would BEST support this?

    A. Access control lists

    B. TACACS+ server for AAA

    C. File-level encryption

    D. TPM with sealed storage

  • Question 88:

    Within change management, winch of the following ensures functions are earned out by multiple employees?

    A. Least privilege

    B. Mandatory vacation

    C. Separator of duties

    D. Job rotation

  • Question 89:

    An organization is creating requirements for new laptops that will be issued to staff One of the company's key security objectives is to ensure the laptops nave hardware-enforced data-at-rest protection tied to permanent hardware identities. The laptops must also provide attestation for secure boot processes To meet these demands, which of the following BEST represent the features that should be included in the requirements set? (Select TWO.)

    A. TPM2.0e

    B. Opal support

    C. MicroSD token authenticator

    D. TLS1.3

    E. Shim and GRUB

    F. ARMv7 with TrustZone

  • Question 90:

    The Chief Information Security Officer (CISO) of a new company is looking for a comprehensive assessment of the company's application services Which of the following would provide the MOST accurate number of weaknesses?

    A. White-box penetration test

    B. Internal vulnerability scanning

    C. Internal controls audit

    D. Third-party red-team engagement

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-003 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.