Free CAS-003 Questions for CompTIA Advanced Security Practitioner (CASP) CAS-003 Exam as PDF & Practice Test Engine
A network administrator is concerned about a particular server that is attacked occasionally from hosts on the Internet. The server is not critical; however, the attacks impact the rest of the network. While the company's current ISP is cost effective, the ISP is slow to respond to reported issues. The administrator needs to be able to mitigate the effects of an attack immediately without opening a trouble ticket with the ISP. The ISP is willing to accept a very small network route advertised with a particular BGP community string. Which of the following is the BESRT way for the administrator to mitigate the effects of these attacks?
Correct Answer: B
Vote an answer
A security administrator is concerned about the increasing number of users who click on malicious links contained within phishing emails. Although the company has implemented a process to block these links at the network perimeter, many accounts are still becoming compromised. Which of the following should be implemented for further reduce the number of account compromises caused by remote users who click these links?
Correct Answer: A
Vote an answer
A company's existing forward proxies support software-based TLS decryption, but are currently at 60% load just dealing with AV scanning and content analysis for HTTP traffic. More than 70% outbound web traffic is currently encrypted. The switching and routing network infrastructure precludes adding capacity, preventing the installation of a dedicated TLS decryption system. The network firewall infrastructure is currently at 30% load and has software decryption modules that can be activated by purchasing additional license keys. An existing project is rolling out agent updates to end-user desktops as part of an endpoint security refresh.
Which of the following is the BEST way to address these issues and mitigate risks to the organization?
Which of the following is the BEST way to address these issues and mitigate risks to the organization?
Correct Answer: A
Vote an answer
Legal counsel has notified the information security manager of a legal matter that will require the preservation of electronic records for 2000 sales force employees. Source records will be email, PC, network shares, and applications.
After all restrictions have been lifted, which of the following should the information manager review?
After all restrictions have been lifted, which of the following should the information manager review?
Correct Answer: B
Vote an answer
After several industry comnpetitors suffered data loss as a result of cyebrattacks, the Chief Operating Officer (COO) of a company reached out to the information security manager to review the organization's security stance. As a result of the discussion, the COO wants the organization to meet the following criteria:
Blocking of suspicious websites
Prevention of attacks based on threat intelligence
Reduction in spam
Identity-based reporting to meet regulatory compliance
Prevention of viruses based on signature
Protect applications from web-based threats
Which of the following would be the BEST recommendation the information security manager could make?
Blocking of suspicious websites
Prevention of attacks based on threat intelligence
Reduction in spam
Identity-based reporting to meet regulatory compliance
Prevention of viruses based on signature
Protect applications from web-based threats
Which of the following would be the BEST recommendation the information security manager could make?
Correct Answer: D
Vote an answer
A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:

Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)

Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)
Correct Answer: A,C
Vote an answer
An organization is preparing to develop a business continuity plan. The organization is required to meet regulatory requirements relating to confidentiality and availability, which are well-defined. Management has expressed concern following initial meetings that the organization is not fully aware of the requirements associated with the regulations.
Which of the following would be MOST appropriate for the project manager to solicit additional resources for during this phase of the project?
Which of the following would be MOST appropriate for the project manager to solicit additional resources for during this phase of the project?
Correct Answer: E
Vote an answer
A secure facility has a server room that currently is controlled by a simple lock and key. and several administrators have copies of the key. To maintain regulatory compliance, a second lock, which is controlled by an application on the administrators' smartphones, is purchased and installed. The application has various authentication methods that can be used. The criteria for choosing the most appropriate method are:
* It cannot be invasive to the end user
* It must be utilized as a second factor.
* Information sharing must be avoided
* It must have a low false acceptance rate
Which of the following BEST meets the criteria?
* It cannot be invasive to the end user
* It must be utilized as a second factor.
* Information sharing must be avoided
* It must have a low false acceptance rate
Which of the following BEST meets the criteria?
Correct Answer: A
Vote an answer
A threat advisory alert was just emailed to the IT security staff. The alert references specific types of host operating systems that can allow an unauthorized person to access files on a system remotely. A fix was recently published, but it requires a recent endpoint protection engine to be installed prior to running the fix.
Which of the following MOST likely need to be configured to ensure the system are mitigated accordingly? (Select two.)
Which of the following MOST likely need to be configured to ensure the system are mitigated accordingly? (Select two.)
Correct Answer: A,C
Vote an answer
During the decommissioning phase of a hardware project, a security administrator is tasked with ensuring no sensitive data is released inadvertently. All paper records are scheduled to be shredded in a crosscut shredded, and the waste will be burned. The system drives and removable media have been removed prior to e-cycling the hardware.
Which of the following would ensure no data is recovered from the system droves once they are disposed of?
Which of the following would ensure no data is recovered from the system droves once they are disposed of?
Correct Answer: A
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
An investigation showed a worm was introduced from an engineer's laptop. It was determined the company does not provide engineers with company-owned laptops, which would be subject to a company policy and technical controls. Which of the following would be the MOST secure control implement?
Correct Answer: B
Vote an answer
Joe, a penetration tester, is assessing the security of an application binary provided to him by his client. Which of the following methods would be the MOST effective in reaching this objective?
Correct Answer: B
Vote an answer
An aircraft manufacturer is developing software that will perform automatic flight control (auto-pilot) Given the high safety criticality of the software the developer can BEST prove software correctness to a requirement's specification by employing:
Correct Answer: B
Vote an answer
A company's IT department currently performs traditional patching, and the servers have a significant longevity that may span over five years. A security architect is moving the company toward an immune server architecture in which servers are replaced rather than patched. Instead of having static servers for development, test, and production, the severs will move from environment to environment dynamically. Which of the following are required to move to this type of architecture? (Select Two.)
Correct Answer: B,E
Vote an answer
Which of the following is the MOST likely reason an organization would decide to use a BYOD policy?
Correct Answer: A
Vote an answer
0
0
0
10
