1 / 11

2021 Free latest CompTIA CASP CAS-003 Exam Questions

Make sure you practice PassQuestion 2021 Free latest CompTIA CASP CAS-003 Exam Questions multiple times so that you will be able to achieve high score in your exam.

examquestionsonline
Download Presentation

2021 Free latest CompTIA CASP CAS-003 Exam Questions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CAS-003 Free Questions CAS-003 Free Questions CompTIA Advanced Security Practitioner CompTIA Advanced Security Practitioner (CASP) (CASP) https://www.passquestion.com/ https://www.passquestion.com/CAS-003 CAS-003.html .html

  2. Question 1 Question 1 A new database application was added to a company’s hosted VM environment. A new database application was added to a company’s hosted VM environment. Firewall ACLs were modified to allow database users to access the server remotely. The Firewall ACLs were modified to allow database users to access the server remotely. The company’s cloud security broker then identified abnormal from a database user on-site. company’s cloud security broker then identified abnormal from a database user on-site. Upon further investigation, the security team noticed the user ran code on a VM that Upon further investigation, the security team noticed the user ran code on a VM that provided access to the hypervisor directly and access to other sensitive data. provided access to the hypervisor directly and access to other sensitive data. Which of the following should the security do to help mitigate future attacks within the Which of the following should the security do to help mitigate future attacks within the VM environment? (Choose two.) VM environment? (Choose two.) A. Install the appropriate patches. A. Install the appropriate patches. B. Install perimeter NGFW. B. Install perimeter NGFW. C. Configure VM isolation. C. Configure VM isolation. D. Deprovision database VM. D. Deprovision database VM. E. Change the user’s access privileges. E. Change the user’s access privileges. F. Update virus definitions on all endpoints. F. Update virus definitions on all endpoints. Answer: C,E Answer: C,E

  3. Question 2 Question 2 Ann, a terminated employee, left personal photos on a company-issued laptop and no Ann, a terminated employee, left personal photos on a company-issued laptop and no longer has access to them. Ann emails her previous manager and asks to get her personal longer has access to them. Ann emails her previous manager and asks to get her personal photos back. photos back. Which of the following BEST describes how the manager should respond? Which of the following BEST describes how the manager should respond? A. Determine if the data still exists by inspecting to ascertain if the laptop has already been A. Determine if the data still exists by inspecting to ascertain if the laptop has already been wiped and if the storage team has recent backups. wiped and if the storage team has recent backups. B. Inform Ann that the laptop was for company data only and she should not have stored B. Inform Ann that the laptop was for company data only and she should not have stored personal photos on a company asset. personal photos on a company asset. C. Report the email because it may have been a spoofed request coming from an attacker C. Report the email because it may have been a spoofed request coming from an attacker who is trying to exfiltrate data from the company laptop. who is trying to exfiltrate data from the company laptop. D. Consult with the legal and/or human resources department and check company D. Consult with the legal and/or human resources department and check company policies around employment and termination procedures. policies around employment and termination procedures. Answer: D Answer: D

  4. Question 3 Question 3 A penetration test is being scoped for a set of web services with API endpoints. The APIs will be A penetration test is being scoped for a set of web services with API endpoints. The APIs will be hosted on existing web application servers. Some of the new APIs will be available hosted on existing web application servers. Some of the new APIs will be available to unauthenticated users, but some will only be available to authenticated users. to unauthenticated users, but some will only be available to authenticated users. Which of the following tools or activities would the penetration tester MOST likely use or do during Which of the following tools or activities would the penetration tester MOST likely use or do during the engagement? (Select TWO.) the engagement? (Select TWO.) A. Static code analyzer A. Static code analyzer B. Intercepting proxy B. Intercepting proxy C. Port scanner C. Port scanner D. Reverse engineering D. Reverse engineering E. Reconnaissance gathering E. Reconnaissance gathering F. User acceptance testing F. User acceptance testing Answer: B,E Answer: B,E

  5. Question 4 Question 4 A systems administrator receives an advisory email that a recently discovered exploit is being used in A systems administrator receives an advisory email that a recently discovered exploit is being used in another country and the financial institutions have ceased operations while they find a way to respond another country and the financial institutions have ceased operations while they find a way to respond to the attack. to the attack. Which of the following BEST describes where the administrator should look to find information on Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems? (Choose two.) the attack to determine if a response must be prepared for the systems? (Choose two.) A. Bug bounty websites A. Bug bounty websites B. Hacker forums B. Hacker forums C. Antivirus vendor websites C. Antivirus vendor websites D. Trade industry association websites D. Trade industry association websites E. CVE database E. CVE database F. Company’s legal department F. Company’s legal department Answer: B,D Answer: B,D

  6. Question 5 Question 5 Which of the following is the GREATEST security concern with respect to BYOD? Which of the following is the GREATEST security concern with respect to BYOD? A. The filtering of sensitive data out of data flows at geographic boundaries. A. The filtering of sensitive data out of data flows at geographic boundaries. B. Removing potential bottlenecks in data transmission paths. B. Removing potential bottlenecks in data transmission paths. C. The transfer of corporate data onto mobile corporate devices. C. The transfer of corporate data onto mobile corporate devices. D. The migration of data into and out of the network in an uncontrolled manner. D. The migration of data into and out of the network in an uncontrolled manner. Answer: D Answer: D

  7. Question 6 Question 6 A security incident responder discovers an attacker has gained access to a network and has A security incident responder discovers an attacker has gained access to a network and has overwritten key system files with backdoor software. The server was reimaged and patched offline. overwritten key system files with backdoor software. The server was reimaged and patched offline. Which of the following tools should be implemented to detect similar attacks? Which of the following tools should be implemented to detect similar attacks? A. Vulnerability scanner A. Vulnerability scanner B. TPM B. TPM C. Host-based firewall C. Host-based firewall D. File integrity monitor D. File integrity monitor E. NIPS E. NIPS Answer: D Answer: D

  8. Question 7 Question 7 A system administrator recently conducted a vulnerability scan of the internet. Subsequently, the A system administrator recently conducted a vulnerability scan of the internet. Subsequently, the organization was successfully attacked by an adversary. organization was successfully attacked by an adversary. Which of the following in the MOST likely explanation for why the organization network was Which of the following in the MOST likely explanation for why the organization network was compromised? compromised? A. There was a false positive since the network was fully patched. A. There was a false positive since the network was fully patched. B. The system administrator did not perform a full system sun. B. The system administrator did not perform a full system sun. C. The systems administrator performed a credentialed scan. C. The systems administrator performed a credentialed scan. D. The vulnerability database was not updated. D. The vulnerability database was not updated. Answer: C Answer: C

  9. Question 8 Question 8 A network printer needs Internet access to function. Corporate policy states all devices allowed on A network printer needs Internet access to function. Corporate policy states all devices allowed on the network must be authenticated. the network must be authenticated. Which of the following is the MOST secure method to allow the printer on the network without Which of the following is the MOST secure method to allow the printer on the network without violating policy? violating policy? A. Request an exception to the corporate policy from the risk management committee A. Request an exception to the corporate policy from the risk management committee B. Require anyone trying to use the printer to enter their username and password B. Require anyone trying to use the printer to enter their username and password C. Have a help desk employee sign in to the printer every morning C. Have a help desk employee sign in to the printer every morning D. Issue a certificate to the printer and use certificate-based authentication D. Issue a certificate to the printer and use certificate-based authentication Answer: D Answer: D

  10. Question 9 Question 9 A Chief Information Security Officer (CISO) has created a survey that will be distributed to managers A Chief Information Security Officer (CISO) has created a survey that will be distributed to managers of mission-critical functions across the organization. The survey requires the managers to determine of mission-critical functions across the organization. The survey requires the managers to determine how long their respective units can operate in the event of an extended IT outage before the how long their respective units can operate in the event of an extended IT outage before the organization suffers monetary losses from the outage To which of the following is the survey organization suffers monetary losses from the outage To which of the following is the survey question related? (Select TWO) question related? (Select TWO) A. Risk avoidance A. Risk avoidance B. Business impact B. Business impact C. Risk assessment C. Risk assessment D. Recovery point objective D. Recovery point objective E. Recovery time objective E. Recovery time objective F. Mean time between failures F. Mean time between failures Answer: B,D Answer: B,D

  11. Question 10 Question 10 A manufacturing company's security engineer is concerned a remote actor may be able to A manufacturing company's security engineer is concerned a remote actor may be able to access the ICS that is used to monitor the factory lines. The security engineer recently access the ICS that is used to monitor the factory lines. The security engineer recently proposed some techniques to reduce the attack surface of the ICS to the Chief proposed some techniques to reduce the attack surface of the ICS to the Chief Information Security Officer (CISO). Information Security Officer (CISO). Which of the following would BEST track the reductions to show the CISO the Which of the following would BEST track the reductions to show the CISO the engineer's plan is successful during each phase? engineer's plan is successful during each phase? A. Conducting tabletop exercises to evaluate system risk A. Conducting tabletop exercises to evaluate system risk B. Contracting a third-party auditor after the project is finished B. Contracting a third-party auditor after the project is finished C. Performing pre- and post-implementation penetration tests C. Performing pre- and post-implementation penetration tests D. Running frequent vulnerability scans during the project D. Running frequent vulnerability scans during the project Answer: A Answer: A

More Related