DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

CompTIA CAS-003 Exam Questions & Study Materials, CompTIA CASP+ Certification | SPOTO

Prepare efficiently for the CompTIA CAS-003 exam with our comprehensive study materials and mock tests. Our platform offers a wide range of resources, including practice tests, exam questions and answers, sample questions, and mock exams, tailored to enhance your exam preparation experience. Developed by industry experts, our study materials cover key topics such as risk management, enterprise security operations, architecture, research, collaboration, and integration of enterprise security, ensuring thorough understanding and readiness. Whether you're looking for online exam questions or an exam simulator, our platform provides the necessary tools for effective exam practice. Elevate your confidence and proficiency with our curated exam materials. Start your preparation today and maximize your chances of success in obtaining the CASP+ certification with ease.
Take other online exams

Question #1
Which of the following is the GREATEST security concern with respect to BYOD?
A. The filtering of sensitive data out of data flows at geographic boundaries
B. Removing potential bottlenecks in data transmission paths
C. The transfer of corporate data onto mobile corporate devices
D. The migration of data into and out of the network in an uncontrolled manner
View answer
Correct Answer: D

View The Updated CAS-003 Exam Questions

SPOTO Provides 100% Real CAS-003 Exam Questions for You to Pass Your CAS-003 Exam!

Question #2
Company.org has requested a black-box security assessment be performed on key cyber terrain. On area of concern is the company’s SMTP services. The security assessor wants to run reconnaissance before taking any additional action and wishes to determine which SMTP server is Internet-facing. Which of the following commands should the assessor use to determine this information?
A. dnsrecon –d company
B. dig company
C. nc –v company
D. whois company
View answer
Correct Answer: A
Question #3
A managed service provider is designing a log aggregation service for customers who no longer want to manage an internal SIEM infrastructure. The provider expects that customers will send all types of logs to them, and that log files could contain very sensitive entries. Customers have indicated they want on-premises and cloud-based infrastructure logs to be stored in this new service. An engineer, who is designing the new service, is deciding how to segment customers. Which of the following is the BEST st
A. Single-tenancy is often more expensive and has less efficient resource utilization
B. The managed service provider should outsource security of the platform to an existing cloud company
C. Due to the likelihood of large log volumes, the service provider should use a multi-tenancy model for the data storage tier, enable data deduplication for storage cost efficiencies, and encrypt data at rest
D. The most secure design approach would be to give customers on-premises appliances, install agents on endpoints, and then remotely manage the service via a VPN
View answer
Correct Answer: A
Question #4
While attending a meeting with the human resources department, an organization’s information security officer sees an employee using a username and password written on a memo pad to log into a specific service. When the information security officer inquires further as to why passwords are being written down, the response is that there are too many passwords to remember for all the different services the human resources department is required to use. Additionally, each password has specific complexity requi
A. Utilizing MFA
B. Implementing SSO
C. Deploying 802
D. Pushing SAML adoption
E. Implementing TACACS
View answer
Correct Answer: B
Question #5
Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages: Which of the following represents the BEST solution for preventing future files?
A. Implement a secure text-messaging application for mobile devices and workstations
B. Write a policy requiring this information to be given over the phone only
C. Provide a courier service to deliver sealed documents containing public health informatics
D. Implement FTP services between clinics to transmit text documents with the information
E. Implement a system that will tokenize patient numbers
View answer
Correct Answer: A
Question #6
The director of sales asked the development team for some small changes to increase the usability of an application used by the sales team. Prior security reviews of the code showed no significant vulnerabilities, and since the changes were small, they were given a peer review and then pushed to the live environment. Subsequent vulnerability scans now show numerous flaws that were not present in the previous versions of the code. Which of the following is an SDLC best practice that should have been followed
A. Versioning
B. Regression testing
C. Continuous integration
D. Integration testing
View answer
Correct Answer: B
Question #7
During the deployment of a new system, the implementation team determines that APIs used to integrate the new system with a legacy system are not functioning properly. Further investigation shows there is a misconfigured encryption algorithm used to secure data transfers between systems. Which of the following should the project manager use to determine the source of the defined algorithm in use?
A. Code repositories
B. Security requirements traceability matrix
C. Software development lifecycle
D. Data design diagram
E. Roles matrix
F. Implementation guide
View answer
Correct Answer: F
Question #8
An information security manager is concerned that connectivity used to configure and troubleshoot critical network devices could be attacked. The manager has tasked a network security engineer with meeting the following requirements: Encrypt all traffic between the network engineer and critical devices. Segregate the different networking planes as much as possible. Do not let access ports impact configuration tasks. Which of the following would be the BEST recommendation for the network security engineer t
A. Deploy control plane protections
B. Use SSH over out-of-band management
C. Force only TACACS to be allowed
D. Require the use of certificates for AAA
View answer
Correct Answer: B
Question #9
A security engineer has been hired to design a device that will enable the exfiltration of data from within a well-defended network perimeter during an authorized test. The device must bypass all firewalls and NIDS in place, as well as allow for the upload of commands from a centralized command and control answer. The total cost of the device must be kept to a minimum in case the device is discovered during an assessment. Which of the following tools should the engineer load onto the device being designed?
A. Custom firmware with rotating key generation
B. Automatic MITM proxy
C. TCP beacon broadcast software
D. Reverse shell endpoint listener
View answer
Correct Answer: B
Question #10
Legal counsel has notified the information security manager of a legal matter that will require the preservation of electronic records for 2000 sales force employees. Source records will be email, PC, network shares, and applications. After all restrictions have been lifted, which of the following should the information manager review?
A. Data retention policy
B. Legal hold
C. Chain of custody
D. Scope statement
View answer
Correct Answer: B
Question #11
A recent CRM upgrade at a branch office was completed after the desired deadline. Several technical issues were found during the upgrade and need to be discussed in depth before the next branch office is upgraded. Which of the following should be used to identify weak processes and other vulnerabilities?
A. Gap analysis
B. Benchmarks and baseline results
C. Risk assessment
D. Lessons learned report
View answer
Correct Answer: D
Question #12
A network engineer is attempting to design-in resiliency characteristics for an enterprise network’s VPN services. If the engineer wants to help ensure some resilience against zero-day vulnerabilities exploited against the VPN implementation, which of the following decisions would BEST support this objective?
A. Implement a reverse proxy for VPN traffic that is defended and monitored by the organization’s SOC with near-real-time alerting to administrators
B. Subscribe to a managed service provider capable of supporting the mitigation of advanced DDoS attacks on the enterprise’s pool of VPN concentrators
C. Distribute the VPN concentrators across multiple systems at different physical sites to ensure some backup services are available in the event of primary site loss
D. Employ a second VPN layer concurrently where the other layer’s cryptographic implementation is sourced from a different vendor
View answer
Correct Answer: D
Question #13
Given the following output from a security tool in Kali:
A. Log reduction
B. Network enumerator
C. Fuzzer
D. SCAP scanner
View answer
Correct Answer: D
Question #14
A security administrator wants to implement two-factor authentication for network switches and routers. The solution should integrate with the company’s RADIUS server, which is used for authentication to the network infrastructure devices. The security administrator implements the following: An HOTP service is installed on the RADIUS server. The RADIUS server is configured to require the HOTP service for authentication. The configuration is successfully tested using a software supplicant and enforced across
A. Replace the password requirement with the second factor
B. Configure the RADIUS server to accept the second factor appended to the password
C. Reconfigure network devices to prompt for username, password, and a token
D. Install a TOTP service on the RADIUS server in addition to the HOTP service
View answer
Correct Answer: B
Question #15
The Chief Executive Officer (CEO) of a small startup company has an urgent need for a security policy and assessment to address governance, risk management, and compliance. The company has a resource-constrained IT department, but has no information security staff. The CEO has asked for this to be completed in three months. Which of the following would be the MOST cost-effective solution to meet the company’s needs?
A. Select one of the IT personnel to obtain information security training, and then develop all necessary policies and documents in-house
B. Accept all risks associated with information security, and then bring up the issue again at next year’s annual board meeting
C. Release an RFP to consultancy firms, and then select the most appropriate consultant who can fulfill the requirements
D. Hire an experienced, full-time information security team to run the startup company’s information security department
View answer
Correct Answer: C
Question #16
A systems administrator recently joined an organization and has been asked to perform a security assessment of controls on the organization’s file servers, which contain client data from a number of sensitive systems. The administrator needs to compare documented access requirements to the access implemented within the file system. Which of the following is MOST likely to be reviewed during the assessment? (Select two.)
A. Access control list
B. Security requirements traceability matrix
C. Data owner matrix
D. Roles matrix
E. Data design document
F. Data access policies
View answer
Correct Answer: DF
Question #17
A company has gone through a round of phishing attacks. More than 200 users have had their workstation infected because they clicked on a link in an email. An incident analysis has determined an executable ran and compromised the administrator account on each workstation. Management is demanding the information security team prevent this from happening again. Which of the following would BEST prevent this from happening again?
A. Antivirus
B. Patch management
C. Log monitoring
D. Application whitelisting
E. Awareness training
View answer
Correct Answer: A
Question #18
Given the following code snippet: Which of the following failure modes would the code exhibit?
A. Open
B. Secure
C. Halt
D. Exception
View answer
Correct Answer: D
Question #19
A medical facility wants to purchase mobile devices for doctors and nurses. To ensure accountability, each individual will be assigned a separate mobile device. Additionally, to protect patients’ health information, management has identified the following requirements: Data must be encrypted at rest. The device must be disabled if it leaves the facility. The device must be disabled when tampered with. Which of the following technologies would BEST support these requirements? (Select two.)
A. eFuse
B. NFC
C. GPS
D. Biometric
E. USB 4
F. MicroSD
View answer
Correct Answer: CD
Question #20
Security policies that are in place at an organization prohibit USB drives from being utilized across the entire enterprise, with adequate technical controls in place to block them. As a way to still be able to work from various locations on different computing resources, several sales staff members have signed up for a web-based storage solution without the consent of the IT department. However, the operations department is required to use the same service to transmit certain business partner documents. Wh
A. Enabling AAA
B. Deploying a CASB
C. Configuring an NGFW
D. Installing a WAF
E. Utilizing a vTPM
View answer
Correct Answer: B

View The Updated CompTIA Exam Questions

SPOTO Provides 100% Real CompTIA Exam Questions for You to Pass Your CompTIA Exam!

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: