comptia cas-003 online test
CompTIA Advanced Security Practitioner (CASP) CAS-003
What students need to know about the cas-003 exam
- Total 493 Questions & Answers
Question 1
A new employee is plugged into the network on a BYOD machine but cannot access the network. Which of the following
must be configured so the employee can connect to the network?
- A. Port security
- B. Firewall
- C. Remote access
- D. VPN
Answer:
A
Question 2
A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to
access corporate resources. However, the MDM enrollment process continually fails. The administrator asks a security team
member to look into the issue. Which of the following is the MOST likely reason the MDM is not allowing enrollment?
- A. The OS version is not compatible
- B. The OEM is prohibited
- C. The device does not support FDE
- D. The device is rooted
Answer:
D
Question 3
Following a recent outage, a systems administrator is conducting a study to determine a suitable bench stock on server hard
drives.
Which of the following metrics is MOST valuable to the administrator in determining how many hard drives to keep-on hand?
- A. TTR
- B. ALE
- C. MTBF
- D. SLE
- E. RPO
Answer:
C
Question 4
A security program was allocated $2 million in funding for the year. The cybersecurity team identified the following potential
projects to deliver:
Which of the following solutions should the cybersecurity team prioritize to obtain the BEST risk reduction within the
allocated budget?
- A. 1. Insider threat UEBA 2. APT threat hunting 3. Blockchain decentralized identityB. 1. Build SOC 2.0 2. Insider threat UEBA 3. ML/AI security analytics data lake
- B. 1. ML/AI security analytics data lake 2. Blockchain decentralized identity3. Build SOC 2.0
- C. 1. Blockchain decentralized identity 2. Build SOC 2.0 3. Insider threat UEBA
Answer:
A
Question 5
A security engineer is designing a system in which offshore, outsourced staff can push code from the development
environment to the production environment securely. The security engineer is concerned with data loss, while the business
does not want to slow down its development process. Which of the following solutions BEST balances security requirements
with business need?
- A. Set up a VDI environment that prevents copying and pasting to the local workstations of outsourced staff members
- B. Install a client-side VPN on the staff laptops and limit access to the development network
- C. Create an IPSec VPN tunnel from the development network to the office of the outsourced staff
- D. Use remote SaaS to provide administrative sharing in production
Answer:
B
Question 6
A security administrator adding a NAC requirement for all VPN users to ensure the connecting devices are compliant with
company policy. Which of the following items provides the HIGHEST assurance to meet this requirement?
- A. Implement a permanent agent.
- B. Install antivirus software.
- C. Use an agentless implementation.
- D. Implement PKI.
Answer:
D
Question 7
An organization has recently deployed an EDR solution across its laptops, desktops, and server infrastructure. The
organizations server infrastructure is deployed in an IaaS environment. A database within the non-production environment
has been misconfigured with a routable IP and is communicating with a command and control server. Which of the following
procedures should the security responder apply to the situation? (Choose two.)
- A. Contain the server.
- B. Initiate a legal hold.
- C. Perform a risk assessment.
- D. Determine the data handling standard.
- E. Disclose the breach to customers.
- F. Perform an IOC sweep to determine the impact.
Answer:
A F
Question 8
A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which of the following
activities would be MOST appropriate?
- A. Use a protocol analyzer against the site to see if data input can be replayed from the browser
- B. Scan the website through an interception proxy and identify areas for the code injection
- C. Scan the site with a port scanner to identify vulnerable services running on the web server
- D. Use network enumeration tools to identify if the server is running behind a load balancer
Answer:
C
Question 9
A security engineer successfully exploits an application during a penetration test. As proof of the exploit, the security
engineer takes screenshots of how data was compromised in the application. Given the information below from the
screenshot.
Which of the following tools was MOST likely used to exploit the application?
- A. The engineer captured the data with a protocol analyzer, and then utilized Python to edit the data
- B. The engineer queried the server and edited the data using an HTTP proxy interceptor
- C. The engineer used a cross-site script sent via curl to edit the data
- D. The engineer captured the HTTP headers, and then replaced the JSON data with a banner-grabbing tool
Answer:
B
Question 10
A company makes consumer health devices and needs to maintain strict confidentiality of unreleased product designs.
Recently, unauthorized photos of products still in development have been for sale on the dark web. The Chief Information
Security Officer (CISO) suspects an insider threat, but the team that uses the secret outdoor testing area has been vetted
many times, and nothing suspicious has been found. Which of the following is the MOST likely cause of the unauthorized
photos?
- A. The location of the testing facility was discovered by analyzing fitness device information the test engineers posted on a website.
- B. One of the test engineers is working for a competitor and covertly installed a RAT on the marketing department's servers.
- C. The company failed to implement least privilege on network devices, and a hacktivist published stolen public relations photos.
- D. Pre-release marketing materials for a single device were accidentally left in a public location.
Answer:
D