Pass the CompTIA CASP CAS-003 exam. “CompTIA Advanced Security Practitioner (CASP)”: https://www.exam2pass.com/cas-003.html (Total Questions: 324 Q&As). I know you most want to get here for free CAS-003 dumps. The latest free CAS-003 exam practice questions and CAS-003 pdf help you improve your skills and exam experience!
Table of Contents:
- Latest CompTIA CASP CAS-003 pdf
- Test your CompTIA CASP CAS-003 exam level
- Watch the CompTIA CASP CAS-003 video tutorial online
- Related CAS-003 Popular Exam resources
- Get exam2pass Coupons (12% OFF)
- What are the advantages of exam2pass?
Latest CompTIA CASP CAS-003 pdf
[PDF] Free CompTIA CASP CAS-003 pdf dumps download from Google Drive: https://drive.google.com/open?id=1QZw_MPIYiI6w1CWtMK7AYYZcaO4XT6KY
(CASP+) Advanced Security Practitioner Certification: https://certification.comptia.org/certifications/comptia-advanced-security-practitioner
CompTIA CASP+ CAS-003 Certification Study Guide: https://certification.comptia.org/training/books/casp-cas-003-study-guide
About the exam
The CASP+ certification validates advanced-level competency in risk management; enterprise security operations and architecture; research and collaboration; and integration of enterprise security. Successful candidates will have the knowledge required to:
- Enterprise Security domain expanded to include operations and architecture concepts, techniques, and requirements
- More emphasis on analyzing risk through interpreting trend data and anticipating cyber-defense needs to meet business goals
- Expanding security control topics to include Mobile and small form factor devices, as well as software vulnerability
- Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture
- Inclusion of implementing cryptographic techniques, such as Blockchain- Cryptocurrency and Mobile device encryption
Test your CompTIA CASP CAS-003 exam level
QUESTION 1
An organization is in the process of integrating its operational technology and information technology areas. As part of
the integration, some of the cultural aspects it would like to see include more efficient use of resources during change
windows, better protection of critical infrastructure, and the ability to respond to incidents. The following observations
have been identified:
The ICS supplier has specified that any software installed will result in lack of support.
There is no documented trust boundary defined between the SCADA and corporate networks.
Operational technology staff have to manage the SCADA equipment via the engineering workstation.
There is a lack of understanding of what is within the SCADA network.
Which of the following capabilities would BEST improve the security position?
A. VNC, router, and HIPS
B. SIEM, VPN, and firewall
C. Proxy, VPN, and WAF
D. IDS, NAC, and log monitoring
Correct Answer: A
QUESTION 2
A Chief Information Security Officer (CISO) has been trying to eliminate some IT security risks for several months.
These risks are not high profile but still exist. Furthermore, many of these risks have been mitigated with innovative
solutions.
However, at this point in time, the budget is insufficient to deal with the risks.
Which of the following risk strategies should be used?
A. Transfer the risks
B. Avoid the risks
C. Accept the risks D. Mitigate the risks
Correct Answer: C
QUESTION 3
A network engineer wants to deploy user-based authentication across the company\\’s wired and wireless infrastructure
at layer 2 of the OSI model. Company policies require that users be centrally managed and authenticated and that each
user\\’s network access be controlled based on the user\\’s role within the company. Additionally, the central
authentication system must support hierarchical trust and the ability to natively authenticate mobile devices and
workstations. Which of the following are needed to implement these requirements? (Select TWO).
A. SAML
B. WAYF
C. LDAP
D. RADIUS
E. Shibboleth
F. PKI
Correct Answer: CD
RADIUS is commonly used for the authentication of WiFi connections. We can use LDAP and RADIUS for the
authentication of users and devices.
LDAP and RADIUS have something in common. They`re both mainly protocols (more than a database) which uses
attributes to carry information back and forth. They`re clearly defined in RFC documents so you can expect products
from different vendors to be able to function properly together.
RADIUS is NOT a database. It\\’s a protocol for asking intelligent questions to a user database. LDAP is just a
database. In recent offerings it contains a bit of intelligence (like Roles, Class of Service and so on) but it still is mainly
just a rather stupid database. RADIUS (actually RADIUS servers like FreeRADIUS) provide the administrator the tools
to not only perform user authentication but also to authorize users based on extremely complex checks and logic. For
instance you can allow access on a specific NAS only if the user belongs to a certain category, is a member of a specific
group and an outside script allows access. There\\’s no way to perform any type of such complex decisions in a user
database.
QUESTION 4
An administrator is unable to connect to a server via VNC.
Upon investigating the host firewall configuration, the administrator sees the following lines: A INPUT -m state –state
NEW -m tcp -p tcp –dport 3389 -j DENY
A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j DENY
A INPUT -m state –state NEW -m tcp -p tcp –dport 10000 -j ACCEPT
A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j DENY
A INPUT -m state –state NEW -m tcp -p tcp –sport 3389 -j ACCEPT
Which of the following should occur to allow VNC access to the server?
A. DENY needs to be changed to ACCEPT on one line.
B. A line needs to be added.
C. A line needs to be removed.
Latest CAS-003 Dumps | CAS-003 Practice Test | CAS-003 Braindumps 3 / 9https://www.exam2pass.com/cas-003.html
2019 Latest exam2pass CAS-003 PDF and VCE dumps Download
D. Fix the typo in one line.
Correct Answer: B
QUESTION 5
During a routine network scan, a security administrator discovered an unidentified service running on a new embedded
and unmanaged HVAC controller, which is used to monitor the company\\’s datacenter
Port state
161/UDP open
162/UDP open
163/TCP open
The enterprise monitoring service requires SNMP and SNMPTRAP connectivity to operate. Which of the following
should the security administrator implement to harden the system?
A. Patch and restart the unknown services.
B. Segment and firewall the controller\\’s network
C. Disable the unidentified service on the controller.
D. Implement SNMPv3 to secure communication.
E. Disable TCP/UDP PORTS 161 THROUGH 163
Correct Answer: D
QUESTION 6
An administrator is troubleshooting availability issues on a FCoE based storage array that uses deduplication. An
administrator has access to the raw data from the SAN and wants to restore the data to different hardware. Which of the
following issues may potentially occur?
A. The existing SAN may be read-only.
B. The existing SAN used LUN masking.
C. The new SAN is not FCoE based.
D. The data may not be in a usable format.
Correct Answer: D
QUESTION 7
After implementing port security, restricting all network traffic into and out of a network, migrating to IPv6, installing
NIDS, firewalls, spam and application filters, a security administer is convinced that the network is secure. The
administrator now focuses on securing the hosts on the network, starting with the servers.
Which of the following is the MOST complete list of end-point security software the administrator could plan to
implement?
A. Anti-malware/virus/spyware/spam software, as well as a host based firewall and strong, two- factor authentication.
B. Anti-virus/spyware/spam software, as well as a host based IDS, firewall, and strong three- factor authentication.
C. Anti-malware/virus/spyware/spam software, as well as a host based firewall and biometric authentication.
D. Anti-malware/spam software, as well as a host based firewall and strong, three-factor authentication.
Correct Answer: A
QUESTION 8
A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company\\’s online
shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service
Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the
loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was
reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary
value earned during the first year of operation?
A. $60,000
B. $100,000
C. $140,000
D. $200,000
Correct Answer: A
ALE before implementing application caching: ALE = ARO x SLE ALE = 5 x $40,000 ALE = $200,000 ALE after
implementing application caching: ALE = ARO x SLE ALE = 1 x $40,000 ALE = $40,000 The monetary value earned
would be the sum of subtracting the ALE calculated after implementing application caching and the cost of the
countermeasures, from the ALE calculated before implementing application caching. Monetary value earned = $200,000
– $40,000 – $100,000 Monetary value earned = $60,000
QUESTION 9
The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The
network administrator reviews the tickets and compiles the following information for the security administrator:
Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0
Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0
Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0
All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router
interface\\’s MAC is 00-01-42-32-ab-1a —— The security administrator brings a laptop to the finance office, connects it
to
one of the wall jacks, starts up a network analyzer, and notices the following:
09:05:10.937590 arp reply 172.16.34.1 is-at 0:12:3f:f1:da:52 (0:12:3f:f1:da:52)
09:05:15.934840 arp reply 172.16.34.1 is-at 0:12:3f:f1:da:52 (0:12:3f:f1:da:52)
09:05:19.931482 arp reply 172.16.34.1 is-at 0:12:3f:f1:da:52 (0:12:3f:f1:da:52) Which of the following can the security
administrator determine from the above information?
A. A man in the middle attack is underway – implementing static ARP entries is a possible solution.
B. An ARP flood attack targeted at the router is causing intermittent communication implementing IPS is a possible
solution.
C. The default gateway is being spoofed – implementing static routing with MD5 is a possible solution.
D. The router is being advertised on a separate network – router reconfiguration is a possible solution.
Correct Answer: A
QUESTION 10
A software development manager is running a project using agile development methods. The company cybersecurity
engineer has noticed a high number of vulnerabilities have been making it into production code on the project. Which of
the following methods could be used in addition to an integrated development environment to reduce the severity of the
issue?
A. Conduct a penetration test on each function as it is developed
B. Develop a set of basic checks for common coding errors
C. Adopt a waterfall method of software development
D. Implement unit tests that incorporate static code analyzers
Correct Answer: D
QUESTION 11
A systems administrator recently joined an organization and has been asked to perform a security assessment of
controls on the organization\\’s file servers, which contain client data from a number of sensitive systems. The
administrator needs to compare documented access requirements to the access implemented within the file system.
Which of the following is MOST likely to be reviewed during the assessment? (Select two.)
A. Access control list
B. Security requirements traceability matrix
C. Data owner matrix
D. Roles matrix
E. Data design document
F. Data access policies
Correct Answer: DF
QUESTION 12
An organization has decided to reduce labor costs by outsourcing back office processing of credit applications to a
provider located in another country. Data sovereignty and privacy concerns raised by the security team resulted in the
third-party provider only accessing and processing the data via remote desktop sessions. To facilitate communications
and improve productivity, staff at the third party has been provided with corporate email accounts that are only
accessible via the remote desktop sessions. Email forwarding is blocked and staff at the third party can only
communicate with staff within the organization. Which of the following additional controls should be implemented to
prevent data loss? (Select THREE).
A. Implement hashing of data in transit
B. Session recording and capture
C. Disable cross session cut and paste
D. Monitor approved credit accounts
E. User access audit reviews
F. Source IP whitelisting
Correct Answer: CEF
Data sovereignty is a legal concern where the data is governed by the laws of the country in which the data resides. In
this scenario the company does not want the data to fall under the law of the country of the organization to whom back
office process has be outsourced to. Therefore we must ensure that data can only be accessed on local servers and no
copies are held on computers of the outsource partner. It is important therefore to prevent cut and paste operations.
Privacy concerns can be addressed by ensuring the unauthorized users do not have access to the data. This can be
accomplished though user access auditing, which needs to be reviewed on an ongoing basis; and source IP whitelisting,
which is a list of IP addresses that are explicitly allowed access to the system.
QUESTION 13
A security administrator wants to calculate the ROI of a security design which includes the purchase of new equipment.
The equipment costs $50,000 and it will take 50 hours to install and configure the equipment. The administrator plans to
hire a contractor at a rate of $100/hour to do the installation. Given that the new design and equipment will allow the
company to increase revenue and make an additional $100,000 on the first year, which of the following is the ROI
expressed as a percentage for the first year?
A. -45 percent
B. 5.5 percent
C. 45 percent
D. 82 percent
Correct Answer: D
Return on investment = Net profit / Investment where:Net profit = gross profit ?expenses investment = stock + market
outstanding[when defined as?] + claims or Return on investment = (gain from investment ?cost of investment) / cost of
investment Thus (100 000 -55 000)/50 000 = 0,82 = 82 % References: Gregg, Michael, and Billy Haines, CASP
CompTIA Advanced Security Practitioner Study Guide, John Wiley and Sons, Indianapolis, 2012, p. 337
http://www.financeformulas.net/Return_on_Investment.html
Watch the CompTIA CASP CAS-003 video tutorial online
We offer more ways to make it easier for everyone to learn, and YouTube is the best tool in the video. Follow channels: https://www.youtube.com/channel/UCXg-xz6fddo6wo1Or9eHdIQ/videos get more useful exam content.
Related CAS-003 Popular Exam resources
title | youtube | (CASP+) Advanced Security Practitioner Certification | exam2pass | exam2pass Total Questions | |
---|---|---|---|---|---|
CompTIA CAS-003 | exam2pass CAS-003 dumps pdf | exam2pass CAS-003 youtube | (CASP+) Advanced Security Practitioner Certification | https://www.exam2pass.com/cas-003.html | 324 Q&A |
Get exam2pass Coupons(12% OFF)
What are the advantages of exam2pass?
We have a number of CompTIA, CompTIA, IBM, CompTIA, and other exam experts. We update exam data throughout the year.
Top exam pass rate! We have a large user base. We are an industry leader! Choose exam2pass to pass the exam with ease!
Summarize:
Free CompTIA CASP CAS-003 exam exercise questions and answers,
CAS-003 pdf and CAS-003 video practice questions. These will help you improve your exam experience. I know you want to easily get CAS-003 certification! It’s not hard! Experts recommend https://www.exam2pass.com/cas-003.html help you easily get certified.