DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Comprehensive CompTIA CAS-003 Exam Test Questions & Answers, CompTIA CASP+ Certification | SPOTO

Preparing for the CompTIA CASP+ Certification exam has never been easier with SPOTO's latest mock exams! The CAS-003 exam is a crucial step in validating advanced-level cybersecurity skills and knowledge. Our comprehensive resources cover exam topics in detail, ensuring thorough preparation in risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security. Whether you're a seasoned professional or just starting your cybersecurity journey, our practice tests and exam materials will help you excel. Access our mock exams to simulate real exam scenarios and boost your confidence. Trust SPOTO to provide you with the most effective exam preparation resources and strategies tailored to your CompTIA CASP+ Certification journey. Start your preparation with SPOTO today and pave your way to success in achieving your certification goals!
Take other online exams
Question #1
A company is transitioning to a new VDI environment, and a system engineer is responsible for developing a sustainable security strategy for the VDIs. Which of the following is the MOST appropriate order of steps to be taken?
A. Firmware update, OS patching, HIDS, antivirus, baseline, monitoring agent
B. OS patching, baseline, HIDS, antivirus, monitoring agent, firmware update
C. Firmware update, OS patching, HIDS, antivirus, monitoring agent, baseline
D. Baseline, antivirus, OS patching, monitoring agent, HIDS, firmware update
View answer
Correct Answer: A
Question #2
A consulting firm was hired to conduct assessment for a company. During the first stage, a penetration tester used a tool that provided the following output: TCP 80 open TCP 443 open TCP 1434 filtered The penetration tester then used a different tool to make the following requests: GET / script/login.php?token=45$MHT000MND876 GET / script/login.php?token=@#984DCSPQ%091DF Which of the following tools did the penetration tester use?
A. Protocol analyzer
B. Port scanner
C. Fuzzer
D. Brute forcer
E. Log analyzer
F. HTTP interceptor
View answer
Correct Answer: B
Question #3
A security engineer is attempting to increase the randomness of numbers used in key generation in a system. The goal of the effort is to strengthen the keys against predictive analysis attacks. Which of the following is the BEST solution?
A. Use an entropy-as-a-service vendor to leverage larger entropy pools
B. Loop multiple pseudo-random number generators in a series to produce larger numbers
C. Increase key length by two orders of magnitude to detect brute forcing
D. Shift key generation algorithms to ECC algorithm
View answer
Correct Answer: A
Question #4
After being notified of an issue with the online shopping cart, where customers are able to arbitrarily change the price of listed items, a programmer analyzes the following piece of code used by a web based shopping cart. SELECT ITEM FROM CART WHERE ITEM=ADDSLASHES($USERINPUT); The programmer found that every time a user adds an item to the cart, a temporary file is created on the web server /tmp directory. The temporary file has a name which is generated by concatenating the content of the $USERINPUT vari
A. Input validation
B. SQL injection
C. TOCTOU
D. Session hijacking
View answer
Correct Answer: B
Question #5
An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are: Each lab must be on a separate network segment. Labs must have access to the Internet, but not other lab networks. Student devices must have network access, not simple access to hosts on the lab networks. Students must have a private certificate installed before gaining access. Servers must have a private certificate i
A. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
B. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment
View answer
Correct Answer: AC
Question #6
A penetration tester is inspecting traffic on a new mobile banking application and sends the following web request: POST http://www.example.com/resources/NewBankAccount HTTP/1.1 Content-type: application/json { “account”: [ { “creditAccount”:”Credit Card Rewards account”} { “salesLeadRef”:”www.example.com/badcontent/explogtme.exe”} ], “customer”: [ { “name”:”Joe Citizen”} { “custRef”:”3153151”} ] } The banking website responds with: HTTP/1.1 200 OK { “newAccountDetails”: [ { “cardNumber”:”1234123412341234”}
A. Missing input validation on some fields
B. Vulnerable to SQL injection
C. Sensitive details communicated in clear-text
D. Vulnerable to XSS
E. Vulnerable to malware file uploads
F. JSON/REST is not as secure as XML
View answer
Correct Answer: B
Question #7
An application present on the majority of an organization’s 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve the issue?
A. Deploy custom HIPS signatures to detect and block the attacks
B. Validate and deploy the appropriate patch
C. Run the application in terminal services to reduce the threat landscape
D. Deploy custom NIPS signatures to detect and block the attack
View answer
Correct Answer: A
Question #8
Users have been reporting unusual automated phone calls, including names and phone numbers, that appear to come from devices internal to the company. Which of the following should the systems administrator do to BEST address this problem?
A. Add an ACL to the firewall to block VoIP
B. Change the settings on the phone system to use SIP-TLS
C. Have the phones download new configurations over TFTP
D. Enable QoS configuration on the phone VLA
View answer
Correct Answer: F
Question #9
There have been several explogts to critical devices within the network. However, there is currently no process to perform vulnerability analysis. Which the following should the security analyst implement during production hours to identify critical threats and vulnerabilities?
A. asset inventory of all critical devices
B. Vulnerability scanning frequency that does not interrupt workflow
C. Daily automated reports of explogted devices
D. Scanning of all types of data regardless of sensitivity levels
View answer
Correct Answer: D
Question #10
A company has decided to lower costs by conducting an internal assessment on specific devices and various internal and external subnets. The assessment will be done during regular office hours, but it must not affect any production servers. Which of the following would MOST likely be used to complete the assessment? (Select two.)
A. Agent-based vulnerability scan
B. Black-box penetration testing
C. Configuration review
D. Social engineering
E. Malware sandboxing
F. Tabletop exercise
View answer
Correct Answer: D

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.