[Jan-2022 Newly Released] CAS-003 Dumps for CASP Recertification Certified
Updated Verified CAS-003 dumps Q&As - 100% Pass
Conclusive Remarks
It is not so hard to complete the CompTIA CAS-003 exam if you possess the proper knowledge and you are learning from the correct source. This way, you can easily clear out the test without any difficulty. Hence, before opting for the CASP+ certification, you should understand the requirements and make sure you fulfill them, including working experience. But, you can boost your skills with the books mentioned above as they are providing the best guidance and give extra chances to ace the test in one go.
CompTIA CAS-003 is a qualifying exam for the CASP+ certification. This test is designed for the advanced-level cybersecurity practitioners who want to validate their skills and knowledge of risk management, research and collaboration, integration of enterprise security, and enterprise security architecture and operations. The associated certificate is approved by the U.S. DoD to fulfill directive 81.40/8570.01-M prerequisites and complaint with the ISO 17024 standards.
NEW QUESTION 339
select id, firstname, lastname from authors
User input= firstname= Hack;man
lastname=Johnson
Which of the following types of attacks is the user attempting?
- A. XML injection
- B. Cross-site scripting
- C. SQL injection
- D. Command injection
Answer: C
Explanation:
The code in the question is SQL code. The attack is a SQL injection attack.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
NEW QUESTION 340
A newly hired systems administrator is trying to connect a new and fully updated, but very customized,
Android device to access corporate resources. However, the MDM enrollment process continually fails.
The administrator asks a security team member to look into the issue. Which of the following is the MOST
likely reason the MDM is not allowing enrollment?
- A. The OEM is prohibited
- B. The device does not support FDE
- C. The OS version is not compatible
- D. The device is rooted
Answer: D
NEW QUESTION 341
A recent penetration test identified that a web server has a major vulnerability. The web server hosts a critical shipping application for the company and requires 99.99% availability. Attempts to fix the vulnerability would likely break the application. The shipping application is due to be replaced in the next three months. Which of the following would BEST secure the web server until the replacement web server is ready?
- A. Patch management
- B. Spam filters
- C. Antivirus
- D. Application firewall
- E. HIDS
Answer: E
NEW QUESTION 342
A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls.
Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?
- A. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution.
- B. Change antivirus vendors at the store and the corporate office.
- C. Deploy a proxy server with content filtering at the corporate office and route all traffic through it.
- D. Deploy new perimeter firewalls at all stores with UTM functionality.
Answer: D
Explanation:
A perimeter firewall is located between the local network and the Internet where it can screen network traffic flowing in and out of the organization. A firewall with unified threat management (UTM) functionalities includes anti-malware capabilities.
NEW QUESTION 343
A company has decided to replace all the T-1 uplinks at each regional office and move away from using the existing MPLS network. All regional sites will use high-speed connections and VPNs to connect back to the main campus. Which of the following devices would MOST likely be added at each location?
- A. IDS/IPS
- B. Firewall
- C. Proxyserver
- D. SIEM
- E. Router
Answer: B
NEW QUESTION 344
An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:
Each lab must be on a separate network segment.
Labs must have access to the Internet, but not other lab networks.
Student devices must have network access, not simple access to hosts on the lab networks.
Students must have a private certificate installed before gaining access.
Servers must have a private certificate installed locally to provide assurance to the students.
All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?
- A. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
- B. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment
- C. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
- D. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
Answer: A
Explanation:
Explanation
IPSec VPN with mutual authentication meets the certificates requirements.
RADIUS can be used with the directory service for the user authentication.
ACLs (access control lists) are the best solution for restricting access to network hosts.
NEW QUESTION 345
A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool has not been built to cater to a broader set of internal teams yet. The engineer has sought feedback from internal stakeholders, and a list of summarized requirements is as follows:
The tool needs to be responsive so service teams can query it, and then perform an automated
response action.
The tool needs to be resilient to outages so service teams can perform the user access review at any
point in time and meet their own SLAs.
The tool will become the system-of-record for approval, reapproval, and removal life cycles of group
memberships and must allow for data retrieval after failure.
Which of the following need specific attention to meet the requirements listed above? (Choose three.)
- A. Latency
- B. Availability
- C. Usability
- D. Recoverability
- E. Maintainability
- F. Scalability
Answer: A,B,D
NEW QUESTION 346
A government organization operates and maintains several ICS environments. The categorization of one of
the ICS environments led to a moderate baseline. The organization has complied a set of applicable
security controls based on this categorization.
Given that this is a unique environment, which of the following should the organization do NEXT to
determine if other security controls should be considered?
- A. Review enhancements within the current control set.
- B. Modify to a high-baseline set of controls.
- C. Perform continuous monitoring.
- D. Check for any relevant or required overlays.
Answer: B
NEW QUESTION 347
A remote user reports the inability to authenticate to the VPN concentrator. During troubleshooting, a security administrate captures an attempted authentication and discovers the following being presented by the user's VPN client:
Which of the following BEST describes the reason the user is unable to connect to the VPN service?
- A. The user's certificate was not created for VPN use
- B. The user's certificate was created using insecure encryption algorithms
- C. The user's certificate is not signed by the VPN service provider
- D. The user's certificate has been compromised and should be revoked.
Answer: D
NEW QUESTION 348
The risk subcommittee of a corporate board typically maintains a master register of the most prominent risks to the company. A centralized holistic view of risk is particularly important to the corporate Chief Information Security Officer (CISO) because:
- A. risks introduced by a system in one business unit can affect other business units in ways in which the individual business units have no awareness
- B. major risks identified by the subcommittee merit the prioritized allocation of scare funding to address cybersecurity concerns
- C. corporate general counsel requires a single system boundary to determine overall corporate risk exposure
- D. IT systems are maintained in silos to minimize interconnected risks and provide clear risk boundaries used to implement compensating controls
Answer: D
NEW QUESTION 349
A security administrator wants to implement controls to harden company-owned mobile devices. Company policy specifies the following requirements:
* Mandatory access control must be enforced by the OS.
* Devices must only use the mobile carrier data transport.
Which of the following controls should the security administrator implement? (Select three).
- A. Disable geotagging
- B. Disable Bluetooth
- C. Enable remote wipe
- D. Enable DLP
- E. Enable EDR
- F. Enable secure boot
- G. Disable 802.11
- H. Enable SEAndroid
Answer: B,G,H
NEW QUESTION 350
Legal counsel has notified the information security manager of a legal matter that will require the preservation of electronic records for 2000 sales force employees. Source records will be email, PC, network shares, and applications.
After all restrictions have been lifted, which of the following should the information manager review?
- A. Scope statement
- B. Data retention policy
- C. Legal hold
- D. Chain of custody
Answer: B
NEW QUESTION 351
As a security administrator, you are asked to harden a server running Red Hat Enterprise Server 5.5 64-bit.
This server is being used as a DNS and time server. It is not used as a database, web server, or print server. There are no wireless connections to the server, and it does not need to print.
The command window will be provided along with root access. You are connected via a secure shell with root access.
You may query help for a list of commands.
Instructions:
You need to disable and turn off unrelated services and processes.
It is possible to simulate a crash of your server session. The simulation can be reset, but the server cannot be rebooted. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
- A. In Order to deactivate web services, database services and print service, we can do following things
1) deactivate its services
/etc/init.d/apache2 stop
2) close ports for these services
Web Server
iptables -I INPUT -p tcp -m tcp --dport 631 -j REJECTservice iptables save
Database Server
iptables -I INPUT -p tcp -m tcp --dport <<port umber>> -j REJECTservice iptables save
3) Kill the process any running for the same
kill -9 <<process id>> - B. In Order to deactivate web services, database services and print service, we can do following things
1) deactivate its services
/etc/init.d/apache2 stop
/etc/init.d/mysqld stop
2) close ports for these services
Web Server
iptables -I INPUT -p tcp -m tcp --dport 443 -j REJECTservice iptables save
Print Server
iptables -I INPUT -p tcp -m tcp --dport 631 -j REJECTservice iptables save
Database Server
iptables -I INPUT -p tcp -m tcp --dport <<port umber>> -j REJECTservice iptables save
3) Kill the process any running for the same
ps -aef|grep mysql
kill -9 <<process id>>
Answer: B
NEW QUESTION 352
A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:
Whichof the following would BEST prevent the problem from reoccurring in the future? (Choose two.)
- A. Install HIPS
- B. Enable DLP
- C. Install EDR
- D. Enable application blacklisting
- E. Install HIDS
- F. Improve patch management processes
Answer: B,D
NEW QUESTION 353
A security administrator is investigating an incident involving suspicious word processing documents on an employee's computer, which was found powered off in the employee's office. Which of the following tools is BEST suited for extracting full or partial word processing documents from unallocated disk space?
- A. memdump
- B. nc
- C. dd
- D. forenoat
Answer: D
NEW QUESTION 354
While conducting a BIA for a proposed acquisition, the IT integration team found that both companies outsource CRM services to competing and incompatible third-party cloud services.
The decision has been made to bring the CRM service in-house, and the IT team has chosen a future solution. With which of the following should the Chief Information Security Officer (CISO) be MOST concerned? (Choose two.)
- A. Compatible services
- B. Data migration
- C. Sovereignty
- D. Data remnants
- E. Storage encryption
- F. Chain of custody
Answer: D,E
NEW QUESTION 355
A school contracts with a vendor to devise a solution that will enable the school library to lend out tablet computers to students while on site. The tablets must adhere to string security and privacy practices. The school's key requirements are to:
- Maintain privacy of students in case of loss
- Have a theft detection control in place
- Be compliant with defined disability requirements
- Have a four-hour minimum battery life
Which of the following should be configured to BEST meet the requirements? (Choose two.)
- A. FDE
- B. Remote wiping
- C. Antivirus software
- D. Geofencing
- E. Tokenization
- F. TPM
Answer: A,D
Explanation:
B would meet requirement "Have a theft detection control in place", when someone goes out of the library site.
E would meet requirement "Maintain privacy of students in case of loss", to avoid data of lost devices being recovered.
NEW QUESTION 356
A manufacturing company employs SCADA systems to drive assembly lines across geographically dispersed sites. Therefore, the company must use the Internet to transport control messages and responses. Which of the following architectural changes when integrated will BEST reduce the manufacturing control system's attack surface? (Select TWO)
- A. Implement a site-to-site VPN across sites
- B. Isolate control systems from enterprise systems.
- C. Implement supply chain security.
- D. Design a patch management capability for control systems.
- E. Integrate message authentication
- F. Add sensors and collectors at the Internet boundary.
Answer: B,D
NEW QUESTION 357
......
How much CAS-003 Exam Cost
The price of the CAS-003 exam is $439 USD.
Latest CAS-003 Exam Dumps CompTIA Exam from Training: https://pass4sure.testvalid.com/CAS-003-valid-exam-test.html