DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Comprehensive CompTIA CAS-003 Exam Practice Questions & Answers, CompTIA CASP+ Certification | SPOTO

Prepare comprehensively for the CompTIA CASP+ Certification exam with SPOTO's comprehensive collection of exam practice questions and answers! The CAS-003 exam is a crucial step in validating advanced-level cybersecurity skills and knowledge on an international scale. Our preparatory course, tailored to the CAS-003 exam, covers exam topics in detail, ensuring thorough preparation in areas such as risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security. Access our practice questions and answers to reinforce your understanding and boost your confidence. Trust SPOTO to provide you with top-quality exam preparation resources and strategies, guiding you towards success in achieving your CompTIA CASP+ Certification. Start your preparation with SPOTO today and take confident strides towards certification success!
Take other online exams

Question #1
At a meeting, the systems administrator states the security controls a company wishes to implement seem excessive, since all of the information on the company’s web servers can be obtained publicly and is not proprietary in any way. The next day the company’s website is defaced as part of an SQL injection attack, and the company receives press inquiries about the message the attackers displayed on the website. Which of the following is the FIRST action the company should take?
A. Refer to and follow procedures from the company’s incident response plan
B. Call a press conference to explain that the company has been hacked
C. Establish chain of custody for all systems to which the systems administrator has access
D. Conduct a detailed forensic analysis of the compromised system
E. Inform the communications and marketing department of the attack details
View answer
Correct Answer: A
Question #2
The government is concerned with remote military missions being negatively being impacted by the use of technology that may fail to protect operational security. To remediate this concern, a number of solutions have been implemented, including the following: End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that allow soldiers to securely communicate with families. Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allo
A. Malicious actors intercepting inbound and outbound communication to determine the scope of the mission
B. Family members posting geotagged images on social media that were received via email from soldiers
C. The effect of communication latency that may negatively impact real-time communication with mission control
D. The use of centrally managed military network and computers by soldiers when communicating with external parties
View answer
Correct Answer: A
Question #3
A consulting firm was hired to conduct assessment for a company. During the first stage, a penetration tester used a tool that provided the following output: TCP 80 open TCP 443 open TCP 1434 filtered The penetration tester then used a different tool to make the following requests: GET / script/login.php?token=45$MHT000MND876 GET / script/login.php?token=@#984DCSPQ%091DF Which of the following tools did the penetration tester use?
A. Protocol analyzer
B. Port scanner
C. Fuzzer
D. Brute forcer
E. Log analyzer
F. HTTP interceptor
View answer
Correct Answer: C
Question #4
A company has created a policy to allow employees to use their personally owned devices. The Chief Information Officer (CISO) is getting reports of company data appearing on unapproved forums and an increase in theft of personal electronic devices. Which of the following security controls would BEST reduce the risk of exposure?
A. Disk encryption on the local drive
B. Group policy to enforce failed login lockout
C. Multifactor authentication
D. Implementation of email digital signatures
View answer
Correct Answer: A
Question #5
A user asks a security practitioner for recommendations on securing a home network. The user recently purchased a connected home assistant and multiple IoT devices in an effort to automate the home. Some of the IoT devices are wearables, and other are installed in the user’s automobiles. The current home network is configured as a single flat network behind an ISP-supplied router. The router has a single IP address, and the router performs NAT on incoming traffic to route it to individual devices. Which of
A. Ensure all IoT devices are configured in a geofencing mode so the devices do not work when removed from the home network
B. Install a firewall capable of cryptographically separating network traffic require strong authentication to access all IoT devices, and restrict network access for the home assistant based on time-of-day restrictions
C. Segment the home network to separate network traffic from users and the IoT devices, ensure security settings on the home assistant support no or limited recording capability, and install firewall rules on the router to restrict traffic to the home assistant as much as possible
D. Change all default passwords on the IoT devices, disable Internet access for the IoT devices and the home assistant, obtain routable IP addresses for all devices, and implement IPv6 and IPSec protections on all network traffic
View answer
Correct Answer: B
Question #6
A newly hired security analyst has joined an established SOC team. Not long after going through corporate orientation, a new attack method on web-based applications was publicly revealed. The security analyst immediately brings this new information to the team lead, but the team lead is not concerned about it. Which of the following is the MOST likely reason for the team lead’s position?
A. The organization has accepted the risks associated with web-based threats
B. The attack type does not meet the organization’s threat model
C. Web-based applications are on isolated network segments
D. Corporate policy states that NIPS signatures must be updated every hour
View answer
Correct Answer: A
Question #7
A company has gone through a round of phishing attacks. More than 200 users have had their workstation infected because they clicked on a link in an email. An incident analysis has determined an executable ran and compromised the administrator account on each workstation. Management is demanding the information security team prevent this from happening again. Which of the following would BEST prevent this from happening again?
A. Antivirus
B. Patch management
C. Log monitoring
D. Application whitelisting
E. Awareness training
View answer
Correct Answer: A
Question #8
A security engineer is working with a software development team. The engineer is tasked with ensuring all security requirements are adhered to by the developers. Which of the following BEST describes the contents of the supporting document the engineer is creating?
A. A series of ad-hoc tests that each verify security control functionality of the entire system at once
B. A series of discrete tasks that, when viewed in total, can be used to verify and document each individual constraint from the SRTM
C. A set of formal methods that apply to one or more of the programing languages used on the development project
D. A methodology to verify each security control in each unit of developed code prior to committing the code
View answer
Correct Answer: D
Question #9
A medical device company is implementing a new COTS antivirus solution in its manufacturing plant. All validated machines and instruments must be retested for interoperability with the new software. Which of the following would BEST ensure the software and instruments are working as designed?
A. System design documentation
B. User acceptance testing
C. Peer review
D. Static code analysis testing
E. Change control documentation
View answer
Correct Answer: A
Question #10
After several industry comnpetitors suffered data loss as a result of cyebrattacks, the Chief Operating Officer (COO) of a company reached out to the information security manager to review the organization’s security stance. As a result of the discussion, the COO wants the organization to meet the following criteria: Blocking of suspicious websites Prevention of attacks based on threat intelligence Reduction in spam Identity-based reporting to meet regulatory compliance Prevention of viruses based on signat
A. Reconfigure existing IPS resources
B. Implement a WAF
C. Deploy a SIEM solution
D. Deploy a UTM solution
E. Implement an EDR platform
View answer
Correct Answer: D
Question #11
A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwrite the disk with zeros. The company has also instituted a policy that requires users to erase files containing sensitive information when they are no longer needed. To ensure the process provides the intended results, an auditor reviews the following content from a randomly selected decommissioned hard disk: Which of the followin
A. The hard disk contains bad sectors
B. The disk has been degaussed
C. The data represents part of the disk BIOS
D. Sensitive data might still be present on the hard drives
View answer
Correct Answer: A
Question #12
A penetration test is being scoped for a set of web services with API endpoints. The APIs will be hosted on existing web application servers. Some of the new APIs will be available to unauthenticated users, but some will only be available to authenticated users. Which of the following tools or activities would the penetration tester MOST likely use or do during the engagement? (Select TWO.)
A. Static code analyzer
B. Intercepting proxy
C. Port scanner
D. Reverse engineering
E. Reconnaissance gathering
F. User acceptance testing
View answer
Correct Answer: BE
Question #13
As part of the development process for a new system, the organization plans to perform requirements analysis and risk assessment. The new system will replace a legacy system, which the organization has used to perform data analytics. Which of the following is MOST likely to be part of the activities conducted by management during this phase of the project?
A. Static code analysis and peer review of all application code
B. Validation of expectations relating to system performance and security
C. Load testing the system to ensure response times is acceptable to stakeholders
D. Design reviews and user acceptance testing to ensure the system has been deployed properly
E. Regression testing to evaluate interoperability with the legacy system during the deployment
View answer
Correct Answer: C
Question #14
The marketing department has developed a new marketing campaign involving significant social media outreach. The campaign includes allowing employees and customers to submit blog posts and pictures of their day-to-day experiences at the company. The information security manager has been asked to provide an informative letter to all participants regarding the security risks and how to avoid privacy and operational security issues. Which of the following is the MOST important information to reference in the
A. After-action reports from prior incidents
B. Social engineering techniques
C. Company policies and employee NDAs
D. Data classification processes
View answer
Correct Answer: C
Question #15
Engineers at a company believe a certain type of data should be protected from competitors, but the data owner insists the information is not sensitive. An information security engineer is implementing controls to secure the corporate SAN. The controls require dividing data into four groups: non-sensitive, sensitive but accessible, sensitive but export-controlled, and extremely sensitive. Which of the following actions should the engineer take regarding the data?
A. Label the data as extremely sensitive
B. Label the data as sensitive but accessible
C. Label the data as non-sensitive
D. Label the data as sensitive but export-controlled
View answer
Correct Answer: C
Question #16
An administrator is working with management to develop policies related to the use of the cloud-based resources that contain corporate data. Management plans to require some control over organizational data stored on personal devices, such as tablets. Which of the following controls would BEST support management’s policy?
A. MDM
B. Sandboxing
C. Mobile tokenization
D. FDE
E. MFA
View answer
Correct Answer: A
Question #17
An organization is engaged in international business operations and is required to comply with various legal frameworks. In addition to changes in legal frameworks, which of the following is a primary purpose of a compliance management program?
A. Following new requirements that result from contractual obligations
B. Answering requests from auditors that relate to e-discovery
C. Responding to changes in regulatory requirements
D. Developing organizational policies that relate to hiring and termination procedures
View answer
Correct Answer: C
Question #18
An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user’s accounts is sensitive, and therefore, the organization wants to comply with the following requirements: Active full-device encryption Enabled remote-device wipe Blocking unsigned applications Containerization of email, calendar, and contacts Which of the following technical controls would BEST protect the data from attack or loss and meet the ab
A. Require frequent password changes and disable NFC
B. Enforce device encryption and activate MAM
C. Install a mobile antivirus application
D. Configure and monitor devices with an MDM
View answer
Correct Answer: B
Question #19
An enterprise with global sites processes and exchanges highly sensitive information that is protected under several countries’ arms trafficking laws. There is new information that malicious nation-state-sponsored activities are targeting the use of encryption between the geographically disparate sites. The organization currently employs ECDSA and ECDH with P-384, SHA-384, and AES-256-GCM on VPNs between sites. Which of the following techniques would MOST likely improve the resilience of the enterprise to a
A. Add a second-layer VPN from a different vendor between sites
B. Upgrade the cipher suite to use an authenticated AES mode of operation
C. Use a stronger elliptic curve cryptography algorithm
D. Implement an IDS with sensors inside (clear-text) and outside (cipher-text) of each tunnel between sites
E. Ensure cryptography modules are kept up to date from vendor supplying them
View answer
Correct Answer: C
Question #20
During a security assessment, activities were divided into two phases; internal and external exploitation. The security assessment team set a hard time limit on external activities before moving to a compromised box within the enterprise perimeter. Which of the following methods is the assessment team most likely to employ NEXT?
A. Pivoting from the compromised, moving laterally through the enterprise, and trying to exfiltrate data and compromise devices
B. Conducting a social engineering attack attempt with the goal of accessing the compromised box physically
C. Exfiltrating network scans from the compromised box as a precursor to social media reconnaissance
D. Open-source intelligence gathering to identify the network perimeter and scope to enable further system compromises
View answer
Correct Answer: A
Question #21
In the past, the risk committee at Company A has shown an aversion to even minimal amounts of risk acceptance. A security engineer is preparing recommendations regarding the risk of a proposed introducing legacy ICS equipment. The project will introduce a minor vulnerability into the enterprise. This vulnerability does not significantly expose the enterprise to risk and would be expensive against. Which of the following strategies should the engineer recommended be approved FIRST?
A. Avoid
B. Mitigate
C. Transfer
D. Accept
View answer
Correct Answer: B
Question #22
Click on the exhibit buttons to view the four messages. A security architect is working with a project team to deliver an important service that stores and processes customer banking details. The project, internally known as ProjectX, is due to launch its first set of features publicly within a week, but the team has not been able to implement encryption-at-rest of the customer records. The security architect is drafting an escalation email to senior leadership. Which of the following BEST conveys the b
A. Message 1
B. Message 2
C. Message 3
D. Message 4
View answer
Correct Answer: D
Question #23
Providers at a healthcare system with many geographically dispersed clinics have been fined five times this year after an auditor received notice of the following SMS messages: Which of the following represents the BEST solution for preventing future fines?
A. Implement a secure text-messaging application for mobile devices and workstations
B. Write a policy requiring this information to be given over the phone only
C. Provide a courier service to deliver sealed documents containing public health informatics
D. Implement FTP services between clinics to transmit text documents with the information
E. Implement a system that will tokenize patient numbers
View answer
Correct Answer: A
Question #24
Given the following information about a company’s internal network: User IP space: 192.168.1.0/24 Server IP space: 192.168.192.0/25 A security engineer has been told that there are rogue websites hosted outside of the proper server space, and those websites need to be identified. Which of the following should the engineer do?
A. Use a protocol analyzer on 192
B. Use a port scanner on 192
C. Use an HTTP interceptor on 192
D. Use a port scanner on 192
E. Use a protocol analyzer on 192
F. Use an HTTP interceptor on 192
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: