$0.00
CompTIA CAS-003 Exam Dumps
CompTIA Advanced Security Practitioner (CASP)
Total Questions : 683
Update Date : May 10, 2024
PDF + Test Engine
$65 $95
Test Engine
$55 $85
PDF Only
$45 $75
Money back Guarantee
When it comes about your bright future with career Examforsure takes it really serious as you do and for any valid reason that our provided CompTIA CAS-003 exam dumps haven't been helpful to you as, what we promise, you got full option to feel free claiming for refund.
100% Real Questions
Examforsure does verify that provided CompTIA CAS-003 question and answers PDFs are summed with 100% real question from a recent version of exam which you are about to perform in. So we are sure with our wide library of exam study materials such CompTIA exam and more.
Security & Privacy
Free downloadable CompTIA CAS-003 Demos are available for you to download and verify that what you would be getting from Examforsure. We have millions of visitor who had simply gone on with this process to buy CompTIA CAS-003 exam dumps right after checking out our free demos.
CAS-003 Exam Dumps
What makes Examforsure your best choice for preparation of CAS-003 exam?
Examforsure is totally committed to provide you CompTIA CAS-003 practice exam questions with answers with make motivate your confidence level while been at exam. If you want to get our question material, you need to sign up Examforsure, as there are tons of our customers all over the world are achieving high grades by using our CompTIA CAS-003 exam dumps, so can you also get a 100% passing grades you desired as our terms and conditions also includes money back guarantee.
Key to solution Preparation materials for CompTIA CAS-003 Exam
Examforsure has been known for its best services till now for its final tuition basis providng CompTIA CAS-003 exam Questions and answer PDF as we are always updated with accurate review exam assessments, which are updated and reviewed by our production team experts punctually. Provided study materials by Examforsure are verified from various well developed administration intellectuals and qualified individuals who had focused on CompTIA CAS-003 exam question and answer sections for you to benefit and get concept and pass the certification exam at best grades required for your career. CompTIA CAS-003 braindumps is the best way to prepare your exam in less time.
User Friendly & Easily Accessible
There are many user friendly platform providing CompTIA exam braindumps. But Examforsure aims to provide latest accurate material without any useless scrolling, as we always want to provide you the most updated and helpful study material as value your time to help students getting best to study and pass the CompTIA CAS-003 Exams. you can get access to our questions and answers, which are available in PDF format right after the purchase available for you to download. Examforsure is also mobile friendly which gives the cut to study anywhere as long you have access to the internet as our team works on its best to provide you user-friendly interference on every devices assessed.
Providing 100% verified CompTIA CAS-003 (CompTIA Advanced Security Practitioner (CASP)) Study Guide
CompTIA CAS-003 questions and answers provided by us are reviewed through highly qualified CompTIA professionals who had been with the field of CompTIA from a long time mostly are lecturers and even Programmers are also part of this platforms, so you can forget about the stress of failing in your exam and use our CompTIA CAS-003-CompTIA Advanced Security Practitioner (CASP) question and answer PDF and start practicing your skill on it as passing CompTIA CAS-003 isn’t easy to go on so Examforsure is here to provide you solution for this stress and get you confident for your coming exam with success garneted at first attempt. Free downloadable demos are provided for you to check on before making the purchase of investment in yourself for your success as our CompTIA CAS-003 exam questions with detailed answers explanations will be delivered to you.
CompTIA CAS-003 Sample Questions
Question # 1A security consultant is improving the physical security of a sensitive site and takespictures of the unbranded building to include in the report. Two weeks later, the securityconsultant misplaces the phone, which only has one hour of charge left on it. The personwho finds the phone removes the MicroSD card in an attempt to discover the owner to return it.The person extracts the following data from the phone and EXIF data from some files:DCIM Images folderAudio books folderTorrentzMy TAX.xlsConsultancy HR Manual.docCamera: SM-G950FExposure time: 1/60sLocation: 3500 Lacey Road USAWhich of the following BEST describes the security problem?
A. MicroSD in not encrypted and also contains personal data.
B. MicroSD contains a mixture of personal and work data.
C. MicroSD in not encrypted and contains geotagging information.
D. MicroSD contains pirated software and is not encrypted.
Question # 2
A large, public university has recently been experiencing an increase in ransomwareattacks against computers connected to its network. Security engineers have discoveredvarious staff members receiving seemingly innocuous files in their email that are being run.Which of the following would BEST mitigate this attack method?
A. Improving organizations email filtering
B. Conducting user awareness training
C. Upgrading endpoint anti-malware software
D. Enabling application whitelisting
Question # 3
To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all1200 vulnerabilities on production servers to be remediated. The security engineer mustdetermine which vulnerabilities represent real threats that can be exploited so resourcescan be prioritized to migrate the most dangerous risks. The CISO wants the securityengineer to act in the same manner as would an external threat, while using vulnerabilityscan results to prioritize any actions.Which of the following approaches is described?
A. Blue team
B. Red team
C. Black box
D. White team
Question # 4
Company.org has requested a black-box security assessment be performed on key cyberterrain. On area of concern is the company’s SMTP services. The security assessor wantsto run reconnaissance before taking any additional action and wishes to determine whichSMTP server is Internet-facing.Which of the following commands should the assessor use to determine this information?
A. dnsrecon –d company.org –t SOA
B. dig company.org mx
C. nc –v company.org
D. whois company.org
Question # 5
A recent penetration test identified that a web server has a major vulnerability. The webserver hosts a critical shipping application for the company and requires 99.99%availability. Attempts to fix the vulnerability would likely break the application. The shippingapplication is due to be replaced in the next three months. Which of the following wouldBEST secure the web server until the replacement web server is ready?
A. Patch management
B. Antivirus
C. Application firewall
D. Spam filters
E. HIDS
Question # 6
A company that has been breached multiple times is looking to protect cardholder data.The previous undetected attacks all mimicked normal administrative-type behavior. Thecompany must deploy a host solution to meet the following requirements:Detect administrative actionsBlock unwanted MD5 hashesProvide alertsStop exfiltration of cardholder dataWhich of the following solutions would BEST meet these requirements? (Choose two.)
A. AV
B. EDR
C. HIDS
D. DLP
E. HIPS
F. EFS
Question # 7
A company relies on an ICS to perform equipment monitoring functions that are federallymandated for operation of the facility. Fines for non-compliance could be costly. The ICShas known vulnerabilities and can no longer be patched or updated. Cyber-liabilityinsurance cannot be obtained because insurance companies will not insure this equipment.Which of the following would be the BEST option to manage this risk to the company'sproduction environment?
A. Avoid the risk by removing the ICS from production
B. Transfer the risk associated with the ICS vulnerabilities
C. Mitigate the risk by restricting access to the ICS
D. Accept the risk and upgrade the ICS when possible
Question # 8
A Chief Information Security Officer (CISO) requests the following external hosted servicesbe scanned for malware, unsecured PII, and healthcare data:Corporate intranet siteOnline storage applicationEmail and collaboration suiteSecurity policy also is updated to allow the security team to scan and detect any bulkdownloads of corporate data from the company’s intranet and online storage site. Which ofthe following is needed to comply with the corporate security policy and the CISO’s request?
A. Port scanner
B. CASB
C. DLP agent
D. Application sandbox
E. SCAP scanner
Question # 9
The director of sales asked the development team for some small changes to increase theusability of an application used by the sales team. Prior security reviews of the codeshowed no significant vulnerabilities, and since the changes were small, they were given apeer review and then pushed to the live environment. Subsequent vulnerability scans nowshow numerous flaws that were not present in the previous versions of the code. Which ofthe following is an SDLC best practice that should have been followed?
A. Versioning
B. Regression testing
C. Continuous integration
D. Integration testing
Question # 10
A regional business is expecting a severe winter storm next week. The IT staff has beenreviewing corporate policies on how to handle various situations and found some aremissing or incomplete. After reporting this gap in documentation to the information securitymanager, a document is immediately drafted to move various personnel to other locationsto avoid downtime in operations. This is an example of:
A. a disaster recovery plan
B. an incident response plan
C. a business continuity plan
D. a risk avoidance plan
Question # 11
An organization is in the process of integrating its operational technology and informationtechnology areas. As part of the integration, some of the cultural aspects it would like tosee include more efficient use of resources during change windows, better protection ofcritical infrastructure, and the ability to respond to incidents. The following observationshave been identified:The ICS supplier has specified that any software installed will result in lack of support.There is no documented trust boundary defined between the SCADA andcorporate networks.Operational technology staff have to manage the SCADA equipment via theengineering workstation.There is a lack of understanding of what is within the SCADA network.Which of the following capabilities would BEST improve the security position?
A. VNC, router, and HIPS
B. SIEM, VPN, and firewall
C. Proxy, VPN, and WAF
D. IDS, NAC, and log monitoring
Question # 12
A security engineer is working to secure an organization’s VMs. While reviewing theworkflow for creating VMs on demand, the engineer raises a concern about the integrity ofthe secure boot process of the VM guest.Which of the following would BEST address this concern?
A. Configure file integrity monitoring of the guest OS.
B. Enable the vTPM on a Type 2 hypervisor.
C. Only deploy servers that are based on a hardened image.
D. Protect the memory allocation of a Type 1 hypervisor.
Question # 13
The audit team was only provided the physical and logical addresses of the networkwithout any type of access credentials.Which of the following methods should the audit team use to gain initial access during thesecurity assessment? (Choose two.)
A. Tabletop exercise
B. Social engineering
C. Runtime debugging
D. Reconnaissance
E. Code review
F. Remote access tool
Question # 14
A security analyst is inspecting pseudocode of the following multithreaded application:1. perform daily ETL of data1.1 validate that yesterday’s data model file exists1.2 validate that today’s data model file does not exist1.2 extract yesterday’s data model1.3 transform the format1.4 load the transformed data into today’s data model file1.5 exitWhich of the following security concerns is evident in the above pseudocode?
A. Time of check/time of use
B. Resource exhaustion
C. Improper storage of sensitive data
D. Privilege escalation
Question # 15
An organization is attempting to harden its web servers and reduce the information thatmight be disclosed by potential attackers. A security anal... reviewing vulnerability scanresult from a recent web server scan.Portions of the scan results are shown below:Finding# 5144322First time detected 10 nov 2015 09:00 GMT_0600Last time detected 10 nov 2015 09:00 GMT_0600CVSS base: 5Access path: http://myorg.com/mailinglist.htmRequest: GET http://mailinglist.aspx?content=volunteerResponse: C:\Docments\MarySmith\malinglist.pdfWhich of the following lines indicates information disclosure about the host that needs to beremediated?
A. Response: C:\Docments\marysmith\malinglist.pdf
B. Finding#5144322
C. First Time detected 10 nov 2015 09:00 GMT_0600
D. Access path: http//myorg.com/mailinglist.htm
E. Request: GET http://myorg.come/mailinglist.aspx?content=volunteer
Question # 16
A security engineer is assessing a new IoT product. The product interfaces with the ODBII port of a vehicle and uses a Bluetooth connection to relay data to an onboard data logger located in the vehicle. The data logger can only transfer data over a custom USB cable. The engineer suspects a relay attack is possible against the cryptographic implementation used to secure messages between segments of the system. Which of the following tools should the engineer use to confirm the analysis?
A. Binary decompiler
B. Wireless protocol analyzer
C. Log analysis and reduction tools
D. Network-based fuzzer
Question # 17
A product manager is concerned about the unintentional sharing of the company’s intellectual property through employees’ use of social media. Which of the following would BEST mitigate this risk?
A. Virtual desktop environment
B. Network segmentation
C. Web application firewall
D. Web content filter
Question # 18
A security administrator is updating a company’s SCADA authentication system with a new application. To ensure interoperability between the legacy system and the new application, which of the following stakeholders should be involved in the configuration process before deployment? (Choose two.)
A. Network engineer
B. Service desk personnel
C. Human resources administrator
D. Incident response coordinator
E. Facilities manager
F. Compliance manager
Question # 19
The Chief Information Security Officer (CISO) suspects that a database administrator has been tampering with financial data to the administrator’s advantage. Which of the following would allow a third-party consultant to conduct an on-site review of the administrator’s activity?
A. Separation of duties
B. Job rotation
C. Continuous monitoring
D. Mandatory vacation
Question # 20
During a recent incident, sensitive data was disclosed and subsequently destroyed through a properly secured, cloud-based storage platform. An incident response technician is working with management to develop an after action report that conveys critical metrics regarding the incident. Which of the following would be MOST important to senior leadership to determine the impact of the breach?
A. The likely per-record cost of the breach to the organization
B. The legal or regulatory exposure that exists due to the breach
C. The amount of downtime required to restore the data
D. The number of records compromised
Question # 21
Which of the following is the GREATEST security concern with respect to BYOD?
A. The filtering of sensitive data out of data flows at geographic boundaries.
B. Removing potential bottlenecks in data transmission paths.
C. The transfer of corporate data onto mobile corporate devices.
D. The migration of data into and out of the network in an uncontrolled manner.
Question # 22
A Chief Information Security Officer (CISO) is creating a security committee involvingmultiple business units of the corporation.Which of the following is the BEST justification to ensure collaboration across business units?
A. A risk to one business unit is a risk avoided by all business units, and liberal BYODpolicies create new and unexpected avenues for attackers to exploit enterprises.
B. A single point of coordination is required to ensure cybersecurity issues are addressedin protected, compartmentalized groups.
C. Without business unit collaboration, risks introduced by one unit that affect another unitmay go without compensating controls.
D. The CISO is uniquely positioned to control the flow of vulnerability information betweenbusiness units.
Question # 23
An insurance company has two million customers and is researching the top transactions on its customer portal. It identifies that the top transaction is currently password reset. Due to users not remembering their secret questions, a large number of calls are consequently routed to the contact center for manual password resets. The business wants to develop a mobile application to improve customer engagement in the future, continue with a single factor of authentication, minimize management overhead of the solution, remove passwords, and eliminate to the contact center.Which of the following techniques would BEST meet the requirements? (Choose two.)
A. Magic link sent to an email address
B. Customer ID sent via push notification
C. SMS with OTP sent to a mobile number
D. Third-party social login
E. Certificate sent to be installed on a device
F. Hardware tokens sent to customers
Question # 24
A recent security assessment revealed a web application may be vulnerable to clickjacking. According to the application developers, a fix may be months away. Which of the following should a security engineer configure on the web server to help mitigate the issue?
A. File upload size limits
B. HttpOnly cookie field
C. X-Frame-Options header
D. Input validation
Question # 25
A Chief Information Officer (CIO) publicly announces the implementation of a new financialsystem. As part of a security assessment that includes a social engineering task, which ofthe following tasks should be conducted to demonstrate the BEST means to gaininformation to use for a report on social vulnerability details about the financial system?
A. Call the CIO and ask for an interview, posing as a job seeker interested in an open position
B. Compromise the email server to obtain a list of attendees who responded to theinvitation who is on the IT staff
C. Notify the CIO that, through observation at events, malicious actors can identifyindividuals to befriend
D. Understand the CIO is a social drinker, and find the means to befriend the CIO atestablishments the CIO frequents
Question # 26
A technician is validating compliance with organizational policies. The user and machine accounts in the AD are not set to expire, which is non-compliant. Which of the following network tools would provide this type of information?
A. SIEM server
B. IDS appliance
C. SCAP scanner
D. HTTP interceptor
Question # 27
A network printer needs Internet access to function. Corporate policy states all devices allowed on the network must be authenticated. Which of the following is the MOST secure method to allow the printer on the network without violating policy?
A. Request an exception to the corporate policy from the risk management committee
B. Require anyone trying to use the printer to enter their username and password
C. Have a help desk employee sign in to the printer every morning
D. Issue a certificate to the printer and use certificate-based authentication
Question # 28
An organization has employed the services of an auditing firm to perform a gapassessment in preparation for an upcoming audit. As part of the gap assessment, theauditor supporting the assessment recommends the organization engage with otherindustry partners to share information about emerging attacks to organizations in theindustry in which the organization functions.Which of the following types of information could be drawn from such participation?
A. Threat modeling
B. Risk assessment
C. Vulnerability data
D. Threat intelligence
E. Risk metrics
F. Exploit frameworks
Question # 29
The Chief Executive Officers (CEOs) from two different companies are discussing thehighly sensitive prospect of merging their respective companies together. Both have invitedtheir Chief Information Officers (CIOs) to discern how they can securely and digitalycommunicate, and the following criteria are collectively determined:Must be encrypted on the email servers and clientsMust be OK to transmit over unsecure Internet connectionsWhich of the following communication methods would be BEST to recommend?
A. Force TLS between domains.
B. Enable STARTTLS on both domains.
C. Use PGP-encrypted emails.
D. Switch both domains to utilize DNSSEC.
Question # 30
A security analyst has been asked to create a list of external IT security concerns, whichare applicable to the organization. The intent is to show the different types of externalactors, their attack vectors, and the types of vulnerabilities that would cause businessimpact. The Chief Information Security Officer (CISO) will then present this list to the boardto request funding for controls in areas that have insufficient coverage.Which of the following exercise types should the analyst perform?
A. Summarize the most recently disclosed vulnerabilities.
B. Research industry best practices and latest RFCs.
C. Undertake an external vulnerability scan and penetration test.
D. Conduct a threat modeling exercise.
Question # 31
An organization is currently performing a market scan for managed security services and EDR capability. Which of the following business documents should be released to the prospective vendors in the first step of the process? (Select TWO).
A. MSA
B. RFP
C. NDA
D. RFI
E. MOU
F. RFQ
Question # 32
During a security event investigation, a junior analyst fails to create an image of a server’s hard drive before removing the drive and sending it to the forensics analyst. Later, the evidence from the analysis is not usable in the prosecution of the attackers due to the uncertainty of tampering. Which of the following should the junior analyst have followed?
A. Continuity of operations
B. Chain of custody
C. Order of volatility
D. Data recovery
Question # 33
Which of the following BEST represents a risk associated with merging two enterprisesduring an acquisition?
A. The consolidation of two different IT enterprises increases the likelihood of the data lossbecause there are now two backup systems
B. Integrating two different IT systems might result in a successful data breach if threatintelligence is not shared between the two enterprises
C. Merging two enterprise networks could result in an expanded attack surface and couldcause outages if trust and permission issues are not handled carefully
D. Expanding the set of data owners requires an in-depth review of all data classificationdecisions, impacting availability during the review
Question # 34
An organization is evaluating options related to moving organizational assets to a cloudbased environment using an IaaS provider. One engineer has suggested connecting a second cloud environment within the organization’s existing facilities to capitalize on available datacenter space and resources. Other project team members are concerned about such a commitment of organizational assets, and ask the Chief Security Officer (CSO) for input. The CSO explains that the project team should work with the engineer to evaluate the risks associated with using the datacenter to implement:
A. a hybrid cloud.
B. an on-premises private cloud.
C. a hosted hybrid cloud.
D. a private cloud.
Copyright © Examforsure. All rights reserved.