DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

CompTIA CAS-003 Practice Tests & Real Exam Dumps 2024 Updated, CompTIA CASP+ Certification | SPOTO

Achieve success in your CompTIA CAS-003 Certification with our meticulously crafted practice tests and study materials. Our platform offers a comprehensive array of resources, including free tests, exam questions and answers, sample questions, and mock exams, designed to enhance your exam preparation journey. Developed by industry experts, our practice tests delve into key topics such as risk management, enterprise security operations, architecture, research, collaboration, and integration of enterprise security, ensuring thorough preparation. Whether you seek online exam questions or an exam simulator, our platform provides the tools necessary for effective exam practice. Elevate your confidence and proficiency with our curated exam materials. Start your preparation today and pave your way to passing the CASP+ certification exam with ease.
Take other online exams

Question #1
Given the following information about a company’s internal network: User IP space: 192.168.1.0/24 Server IP space: 192.168.192.0/25 A security engineer has been told that there are rogue websites hosted outside of the proper server space, and those websites need to be identified. Which of the following should the engineer do?
A. Use a protocol analyzer on 192
B. Use a port scanner on 192
C. Use an HTTP interceptor on 192
D. Use a port scanner on 192
E. Use a protocol analyzer on 192
F. Use an HTTP interceptor on 192
View answer
Correct Answer: B
Question #2
An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user’s accounts is sensitive, and therefore, the organization wants to comply with the following requirements: Active full-device encryption Enabled remote-device wipe Blocking unsigned applications Containerization of email, calendar, and contacts Which of the following technical controls would BEST protect the data from attack or loss and meet the abo
A. Require frequent password changes and disable NFC
B. Enforce device encryption and activate MAM
C. Install a mobile antivirus application
D. Configure and monitor devices with an MDM
View answer
Correct Answer: B
Question #3
A company is developing requirements for a customized OS build that will be used in an embedded environment. The company procured hardware that is capable of reducing the likelihood of successful buffer overruns while executables are processing. Which of the following capabilities must be included for the OS to take advantage of this critical hardware-based countermeasure?
A. Application whitelisting
B. NX/XN bit
C. ASLR
D. TrustZone
E. SCP
View answer
Correct Answer: B
Question #4
A software development manager is running a project using agile development methods. The company cybersecurity engineer has noticed a high number of vulnerabilities have been making it into production code on the project. Which of the following methods could be used in addition to an integrated development environment to reduce the severity of the issue?
A. Conduct a penetration test on each function as it is developed
B. Develop a set of basic checks for common coding errors
C. Adopt a waterfall method of software development
D. Implement unit tests that incorporate static code analyzers
View answer
Correct Answer: D
Question #5
A company is acquiring incident response and forensic assistance from a managed security service provider in the event of a data breach. The company has selected a partner and must now provide required documents to be reviewed and evaluated. Which of the following documents would BEST protect the company and ensure timely assistance? (Choose two.)
A. RA
B. BIA
C. NDAD
E. RFQ
F. MSA
View answer
Correct Answer: CF
Question #6
Ann, a member of the finance department at a large corporation, has submitted a suspicious email she received to the information security team. The team was not expecting an email from Ann, and it contains a PDF file inside a ZIP compressed archive. The information security learn is not sure which files were opened. A security team member uses an air-gapped PC to open the ZIP and PDF, and it appears to be a social engineering attempt to deliver an exploit. Which of the following would provide greater insigh
A. Run an antivirus scan on the finance PC
B. Use a protocol analyzer on the air-gapped PC
C. Perform reverse engineering on the document
D. Analyze network logs for unusual traffic
E. Run a baseline analyzer against the user’s computer
View answer
Correct Answer: B
Question #7
A security researcher is gathering information about a recent spoke in the number of targeted attacks against multinational banks. The spike is on top of already sustained attacks against the banks. Some of the previous attacks have resulted in the loss of sensitive data, but as of yet the attackers have not successfully stolen any funds. Based on the information available to the researcher, which of the following is the MOST likely threat profile?
A. Nation-state-sponsored attackers conducting espionage for strategic gain
B. Insiders seeking to gain access to funds for illicit purposes
C. Opportunists seeking notoriety and fame for personal gain
D. Hacktivists seeking to make a political statement because of socio-economic factors
View answer
Correct Answer: D
Question #8
A SaaS-based email service provider often receives reports from legitimate customers that their IP netblocks are on blacklists and they cannot send email. The SaaS has confirmed that affected customers typically have IP addresses within broader network ranges and some abusive customers within the same IP ranges may have performed spam campaigns. Which of the following actions should the SaaS provider perform to minimize legitimate customer impact?
A. Inform the customer that the service provider does not have any control over third-party blacklist entries
B. Perform a takedown of any customer accounts that have entries on email blacklists because this is a strong indicator of hostile behavior
C. Work with the legal department and threaten legal action against the blacklist operator if the netblocks are not removed because this is affecting legitimate traffic
D. Establish relationship with a blacklist operators so broad entries can be replaced with more granular entries and incorrect entries can be quickly pruned
View answer
Correct Answer: D
Question #9
A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BEST mitigate the identified vulnerability?
A. Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME
B. Federate with an existing PKI provider, and reject all non-signed emails
C. Implement two-factor email authentication, and require users to hash all email messages upon receipt
D. Provide digital certificates to all systems, and eliminate the user group or shared mailboxes
View answer
Correct Answer: A
Question #10
A security architect is determining the best solution for a new project. The project is developing a new intranet with advanced authentication capabilities, SSO for users, and automated provisioning to streamline Day 1 access to systems. The security architect has identified the following requirements: 1. Information should be sourced from the trusted master data source. 2. There must be future requirements for identity proofing of devices and users. 3. A generic identity connector that can be reused must b
A. LDAP, multifactor authentication, oAuth, XACML
B. AD, certificate-based authentication, Kerberos, SPML
C. SAML, context-aware authentication, oAuth, WAYF
D. NAC, radius, 802
View answer
Correct Answer: A
Question #11
An organization is considering the use of a thin client architecture as it moves to a cloud-hosted environment. A security analyst is asked to provide thoughts on the security advantages of using thin clients and virtual workstations. Which of the following are security advantages of the use of this combination of thin clients and virtual workstations?
A. Malicious insiders will not have the opportunity to tamper with data at rest and affect the integrity of the system
B. Thin client workstations require much less security because they lack storage and peripherals that can be easily compromised, and the virtual workstations are protected in the cloud where security is outsourced
C. All thin clients use TPM for core protection, and virtual workstations use vTPM for core protection with both equally ensuring a greater security advantage for a cloud-hosted environment
D. Malicious users will have reduced opportunities for data extractions from their physical thin client workstations, this reducing the effectiveness of local attacks
View answer
Correct Answer: B
Question #12
A security engineer is embedded with a development team to ensure security is built into products being developed. The security engineer wants to ensure developers are not blocked by a large number of security requirements applied at specific schedule points. Which of the following solutions BEST meets the engineer’s goal?
A. Schedule weekly reviews of al unit test results with the entire development team and follow up between meetings with surprise code inspections
B. Develop and implement a set of automated security tests to be installed on each development team leader’s workstation
C. Enforce code quality and reuse standards into the requirements definition phase of the waterfall development process
D. Deploy an integrated software tool that builds and tests each portion of code committed by developers and provides feedback
View answer
Correct Answer: C
Question #13
An organization has established the following controls matrix: The following control sets have been defined by the organization and are applied in aggregate fashion: Systems containing PII are protected with the minimum control set. Systems containing medical data are protected at the moderate level. Systems containing cardholder data are protected at the high level. The organization is preparing to deploy a system that protects the confidentially of a database containing PII and medical data from clients.
A. Proximity card access to the server room, context-based authentication, UPS, and full-disk encryption for the database server
B. Cipher lock on the server room door, FDE, surge protector, and static analysis of all application code
C. Peer review of all application changes, static analysis of application code, UPS, and penetration testing of the complete system
D. Intrusion detection capabilities, network-based IPS, generator, and context-based authentication
View answer
Correct Answer: D
Question #14
Which of the following BEST represents a risk associated with merging two enterprises during an acquisition?
A. The consolidation of two different IT enterprises increases the likelihood of the data loss because there are now two backup systems
B. Integrating two different IT systems might result in a successful data breach if threat intelligence is not shared between the two enterprises
C. Merging two enterprise networks could result in an expanded attack surface and could cause outages if trust and permission issues are not handled carefully
D. Expanding the set of data owners requires an in-depth review of all data classification decisions, impacting availability during the review
View answer
Correct Answer: C
Question #15
A security technician is incorporating the following requirements in an RFP for a new SIEM: New security notifications must be dynamically implemented by the SIEM engine The SIEM must be able to identify traffic baseline anomalies Anonymous attack data from all customers must augment attack detection and risk scoring Based on the above requirements, which of the following should the SIEM support? (Choose two.)
A. Autoscaling search capability
B. Machine learning
C. Multisensor deployment
D. Big Data analytics
E. Cloud-based management
F. Centralized log aggregation
View answer
Correct Answer: BD
Question #16
A security engineer is working with a software development team. The engineer is tasked with ensuring all security requirements are adhered to by the developers. Which of the following BEST describes the contents of the supporting document the engineer is creating?
A. A series of ad-hoc tests that each verify security control functionality of the entire system at once
B. A series of discrete tasks that, when viewed in total, can be used to verify and document each individual constraint from the SRTM
C. A set of formal methods that apply to one or more of the programing languages used on the development project
D. A methodology to verify each security control in each unit of developed code prior to committing the code
View answer
Correct Answer: D

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: