• Home
  • Articles
  • Practice CAS-003 Questions With Certification guide Q&A from Training Expert [Q154-Q177]

Practice CAS-003 Questions With Certification guide Q&A from Training Expert [Q154-Q177]

Share

Practice CAS-003 Questions With Certification guide Q&A from Training Expert Test4Cram

Free CompTIA CAS-003 Test Practice Test Questions Exam Dumps


Who should take the CAS-003 exam

The CompTIA Advanced Security Practitioner (CASP) CAS-003 Exam certification is an internationally-recognized validation that identifies persons who earn it as possessing skilled as a technical professional. If a candidate wants significant improvement in career growth needs enhanced knowledge, skills, and talents. The CompTIA Advanced Security Practitioner (CASP) CAS-003 Exam certification provides proof of this advanced knowledge and skill. If a candidate has knowledge of associated technologies and skills that are required to pass CompTIA Advanced Security Practitioner (CASP) CAS-003 Exam then he should take this exam.


Technical Integration of Enterprise Security: 23%

  • Integrating virtualization and Cloud technologies into secure enterprise architecture: this section covers the examinees’ skills in technical deployments models; security benefits and drawbacks of virtualization; Cloud augmented security service; data security consideration; resources provisioning & de-provisioning.
  • Integrating and troubleshooting advanced authorization and authentication technologies in supporting enterprise security objectives: the candidates should be able to demonstrate their knowledge of authentication, authorization, attestation, identity proofing, identity propagation, federation, and trust models.
  • Selecting relevant controls for security collaboration and communications solutions: the test takers must understand unified collaboration tools and remote access.
  • Implementing cryptographic techniques: this domain requires the understanding of techniques and implementations.
  • Integrating hosts, networks, applications, and storage into secure enterprise architectures: this objective will evaluate the learners’ skills in adapting data flow security to fulfill changing business requirements; standards; interoperability issues; resilience issues; data security considerations; resource provisioning & de-provisioning; designing consideration during demergers/divestitures, acquisitions, and mergers; logical deployment diagram & corresponding deployment diagram for appropriate devices; privacy and security considerations for storage integration.

 

NEW QUESTION 154
An internal staff member logs into an ERP platform and clicks on a record. The browser URL changes to:
URL: http://192.168.0.100/ERP/accountId=5&action=SELECT
Which of the following is the MOST likely vulnerability in this ERP platform?

  • A. SQL injection of ERP back end
  • B. Insecure direct object reference
  • C. Brute forcing of account credentials
  • D. Plan-text credentials transmitted over the Internet

Answer: B

 

NEW QUESTION 155
After a large organization has completed the acquisition of a smaller company, the smaller company must implement new host-based security controls to connect its employees' devices to the network. Given that the network requires 802.1X EAP-PEAP to identify and authenticate devices, which of the following should the security administrator do to integrate the new employees' devices into the network securely?

  • A. Distribute a NAC client and use the client to push the company's private key to all the new devices.
  • B. Install an 802.1X supplicant on all new devices and let each device generate a self-signed certificate to use for network access.
  • C. Install a self-signed SSL certificate on the company's RADIUS server and distribute the certificate's public key to all new client devices.
  • D. Distribute the device connection policy and a unique public/private key pair to each new employee's device.

Answer: B

 

NEW QUESTION 156
An organization is implementing a virtualized thin-client solution for normal user computing and access. During a review of the architecture, concerns were raised that an attacker could gain access to multiple user environments by simply gaining a foothold on a single one with malware. Which of the following reasons BEST explains this?

  • A. A worm on one virtual environment could spread to others by taking advantage of guest OS networking services vulnerabilities.
  • B. Malware on one virtual environment could enable pivoting to others by leveraging vulnerabilities in the hypervisor.
  • C. Malware on one virtual user environment could be copied to all others by the attached network storage controller.
  • D. One virtual environment may have one or more application-layer vulnerabilities, which could allow an attacker to escape that environment.

Answer: B

 

NEW QUESTION 157
A software development company lost customers recently because of a large number of software issues. These issues were related to integrity and availability defects, including buffer overflows, pointer deferences, and others. Which of the following should the company implement to improve code quality? (Select two).

  • A. Development environment access controls
  • B. Static analysis tools
  • C. Application containerization
  • D. Code obfuscation
  • E. Code comments and documentation
  • F. Continuous integration

Answer: B,F

Explanation:
Code obfuscation just makes it hard to reverse engineer the source code but does little to solve the issue of fixing software bugs during the SDLC. From a security perspective, static analysis tools and Continuous Integration (CI) allows security analysis to be integrated into the SDLC, leading to more secure software.

 

NEW QUESTION 158
Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address.
The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and
192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range.
Instructions: Click on the simulation button to refer to the Network Diagram for Company A.
Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.
Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.
Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.



Answer:

Explanation:
Check the solution below.
Check the answer below
Screen Shot 2015-04-09 at 10
We have traffic coming from two rogue IP addresses: 192.10.3.204 and 192.10.3.254 (both in the
192.10.30.0/24 subnet) going to IPs in the corporate site subnet (192.10.1.0/24) and the remote site subnet (192.10.2.0/24). We need to Deny (block) this traffic at the firewall by ticking the following two checkboxes:

 

NEW QUESTION 159
An organization is attempting to harden its web servers and reduce the information that might be disclosed by potential attackers. A security anal... reviewing vulnerability scan result from a recent web server scan.
Portions of the scan results are shown below:
Finding# 5144322
First time detected 10 nov 2015 09:00 GMT_0600
Last time detected 10 nov 2015 09:00 GMT_0600
CVSS base: 5
Access
path: http://myorg.com/mailinglist.htm
Request:
GET http://mailinglist.aspx?content=volunteer
Response: C:\Docments\MarySmith\malinglist.pdf
Which of the following lines indicates information disclosure about the host that needs to be remediated?

  • A. Response: C:\Docments\marysmith\malinglist.pdf
  • B. First Time detected 10 nov 2015 09:00 GMT_0600
  • C. Finding#5144322
  • D. Access path: http//myorg.com/mailinglist.htm
  • E. Request:
    GET http://myorg.come/mailinglist.aspx?content=volunteer

Answer: A

 

NEW QUESTION 160
The Universal Research Association has just been acquired by the Association of Medical Business Researchers.
The new conglomerate has funds to upgrade or replace hardware as part of the acquisition, but cannot fund labor for major software projects.
Which of the following will MOST likely result in some IT resources not being integrated?

  • A. Corporate websites may be optimized for different web browsers.
  • B. One of the companies may use an outdated VDI.
  • C. Industry security standards and regulations may be in conflict.
  • D. Data loss prevention standards in one company may be less stringent.

Answer: C

 

NEW QUESTION 161
A Chief Information Security Officer (CISO) is developing a new BIA for the organization. The CISO wants to gather requirements to determine the appropriate RTO and RPO for the organization's ERP. Which of the following should the CISO interview as MOST qualified to provide RTO/RPO metrics?

  • A. Dataowner
  • B. ChiefExecutiveOfficer(CEO)
  • C. Businessunitdirector
  • D. Datacustodian
  • E. Securityanalyst

Answer: C

 

NEW QUESTION 162
An engineer needs to provide access to company resources for several offshore contractors.
The contractors require.
- Access to a number of applications, including internal websites
- Access to database data and the ability to manipulate it
- The ability to log into Linux and Windows servers remotely
Which of the following remote access technologies are the BEST choices to provide all of this access securely? (Select TWO)

  • A. VPN
  • B. VRRP
  • C. VTC
  • D. VLAN
  • E. VDI
  • F. Telnet

Answer: A,E

 

NEW QUESTION 163
The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a list of enhancements to the company's cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices. Which of the following industry references is appropriate to accomplish this?

  • A. OWASP
  • B. PCI
  • C. NIST
  • D. OSSM

Answer: C

 

NEW QUESTION 164
A security analyst is reviewing the following company requirements prior to selecting the appropriate
technical control configuration and parameter:
RTO: 2 days
RPO: 36 hours
MTTR: 24 hours
MTBF: 60 days
Which of the following solutions will address the RPO requirements?

  • A. Backup solution that implements daily snapshots
  • B. Server farm behind a load balancer delivering five-nines uptime
  • C. Cloud environment distributed across geographic regions
  • D. Remote Syslog facility collecting real-time events

Answer: A

 

NEW QUESTION 165
A security administrator is updating a company's SCADA authentication system with a new application. To ensure interoperability between the legacy system and the new application, which of the following stakeholders should be involved in the configuration process before deployment?
(Choose two.)

  • A. Incident response coordinator
  • B. Facilities manager
  • C. Network engineer
  • D. Compliance manager
  • E. Human resources administrator
  • F. Service desk personnel

Answer: A,D

 

NEW QUESTION 166
The Chief Executive Officer (CEO) of a fast-growing company no longer knows all the employees and is concerned about the company's intellectual property being stolen by an employee. Employees are allowed to work remotely with flexible hours, creating unpredictable schedules. Roles are poorly defined due to frequent shifting needs across the company. Which of the following new initiatives by the information security team would BEST secure the company and mitigate the CEO's concerns?

  • A. Begin simulated phishing campaigns for employees and follow up with additional security awareness training.
  • B. Seed company fileshares and servers with text documents containing fake passwords and then monitor for their use.
  • C. Report data from a user-behavior monitoring tool and assign security analysts to review it daily
  • D. Implement DLP to monitor data transfer between employee accounts and external parties and services

Answer: D

 

NEW QUESTION 167
A security administrator must configure the database server shown below to comply with the four requirements listed. Drag and drop the appropriate ACL that should be configured on the database server to its corresponding requirement. Answer options may be used once or not at all.

Answer:

Explanation:

Explanation

 

NEW QUESTION 168
A security appliance vendor is reviewing an RFP that is requesting solutions for the defense of a set of web-based applications. This RFP is from a financial institution with very strict performance requirements.
The vendor would like to respond with its solutions.
Before responding, which of the following factors is MOST likely to have an adverse effect on the vendor's qualifications?

  • A. The solution employs threat information-sharing capabilities using a proprietary data model.
  • B. The RFP is issued by a financial institution that is headquartered outside of the vendor's own country.
  • C. The vendor's proposed solution operates below the KPPs indicated in the RFP.
  • D. The overall solution proposed by the vendor comes in less that the TCO parameter in the RFP.

Answer: C

 

NEW QUESTION 169
A SaaS-based email service provider often receives reports from legitimate customers that their IP netblocks are on blacklists and they cannot send email. The SaaS has confirmed that affected customers typically have IP addresses within broader network ranges and some abusive customers within the same IP ranges may have performed spam campaigns. Which of the following actions should the SaaS provider perform to minimize legitimate customer impact?

  • A. Perform a takedown of any customer accounts that have entries on email blacklists because this is a strong indicator of hostile behavior
  • B. Inform the customer that the service provider does not have any control over third-party blacklist entries. The customer should reach out to the blacklist operator directly
  • C. Work with the legal department and threaten legal action against the blacklist operator if the netblocks are not removed because this is affecting legitimate traffic
  • D. Establish relationship with a blacklist operators so broad entries can be replaced with more granular entries and incorrect entries can be quickly pruned

Answer: D

Explanation:
Section: (none)

 

NEW QUESTION 170
An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the following practices satisfy continuous monitoring of authorized information systems?

  • A. Independent verification and validation
  • B. Ongoing authorization
  • C. Security test and evaluation
  • D. Risk assessment

Answer: B

Explanation:
Ongoing assessment and authorization is often referred to as continuous monitoring. It is a process that determines whether the set of deployed security controls in an information system continue to be effective with regards to planned and unplanned changes that occur in the system and its environment over time.
Continuous monitoring allows organizations to evaluate the operating effectiveness of controls on or near a real-time basis. Continuous monitoring enables the enterprise to detect control failures quickly because it transpires immediately or closely after events in which the key controls are utilized.

 

NEW QUESTION 171
During a routine network scan, a security administrator discovered an unidentified service running on a new embedded and unmanaged HVAC controller, which is used to monitor the company's datacenter Port state
161/UDP open
162/UDP open
163/TCP open
The enterprise monitoring service requires SNMP and SNMPTRAP connectivity to operate.
Which of the following should the security administrator implement to harden the system?

  • A. Disable TCP/UDP PORTS 161 THROUGH 163
  • B. Segment and firewall the controller's network
  • C. Patch and restart the unknown services.
  • D. Disable the unidentified service on the controller.
  • E. Implement SNMPv3 to secure communication.

Answer: E

 

NEW QUESTION 172
A security consultant is considering authentication options for a financial institution. The following authentication options are available. Drag and drop the security mechanism to the appropriate use case. Options may be used once.

Answer:

Explanation:

Explanation:

 

NEW QUESTION 173
An organization just merged with an organization in another legal jurisdiction and must improve its network security posture in ways that do not require additional resources to implement data isolation. One recommendation is to block communication between endpoint PCs. Which of the following would be the BEST solution?

  • A. Implementing network segmentation
  • B. Installing HIDS
  • C. Configuring EDR
  • D. Configuring a host-based firewall

Answer: A

 

NEW QUESTION 174
A cybersecurity analyst receives a ticket that indicates a potential incident is occurring. There has been a large in log files generated by a generated by a website containing a ''Contact US'' form. The analyst must determine if the increase in website traffic is due to a recent marketing campaign of if this is a potential incident. Which of the following would BEST assist the analyst?

  • A. Running the website log files through a log reduction and analysis tool
  • B. Checking for new rules from the inbound network IPS vendor
  • C. Deploy a WAF in front of the public website
  • D. Ensuring proper input validation is configured on the ''Contact US'' form

Answer: A

 

NEW QUESTION 175
The Chief Information Security Officer (CISO) is preparing a requirements matrix scorecard for a new security tool the company plans to purchase Feedback from which of the following documents will provide input for the requirements matrix scorecard during the vendor selection process?

  • A. MSA
  • B. RFQ
  • C. RFP
  • D. RFI

Answer: C

 

NEW QUESTION 176
An organization is considering the use of a thin clientarchitecture as it moves to a cloud-hosted environment.
A security analyst is asked to provide thoughts on the security advantages of using thin clients and virtual workstations. Which of the following are security advantages of the use of this combinationof thin clients and virtual workstations?

  • A. All thin clients use TPM for core protection, and virtual workstations use vTPM for core protection with both equally ensuring a greater security advantage for a cloud-hosted environment.
  • B. Thin client workstations require much less security because they lack storage and peripherals that can be easily compromised, and the virtual workstations are protected in the cloud where security is outsourced.
  • C. Malicious users will have reduced opportunities for data extractions from their physical thin client workstations, this reducing the effectiveness of local attacks.
  • D. Malicious insiders will not have the opportunity to tamper with data at rest and affect the integrity of the system.

Answer: B

 

NEW QUESTION 177
......

Prepare Top CompTIA CAS-003 Exam Audio Study Guide Practice Questions Edition: https://www.test4cram.com/CAS-003_real-exam-dumps.html

Related Articles

more
CompTIA CAS-003 Certification Practice Exam

Contact Us

Our Working Time: ( GMT 0:00-15:00 )   From Monday to Saturday

Contact now

Test4cram provides latest and valid test questions and dumps which help people pass exam and get the certification they want. We serve every customer at our best and guarantee 100% pass with exam cram pdf.

Disclaimer:
Test4Cram doesn't offer Real Lenovo Exam Questions.
Test4Cram does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Test4Cram does not own or claim any ownership on any of the brands.

Copyright © 2026 Test4Cram NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy