CAS-003 Questions Pass on Your First Attempt Dumps for CASP Recertification Certified [Q238-Q255]

CAS-003 Questions Pass on Your First Attempt Dumps for CASP Recertification Certified

CAS-003 Practice Test Pdf Exam Material

Career Opportunities

The job titles that the candidates who pass the CompTIA CAS-003 exam can take up include a Security Engineer, an Application Security Engineer, a Technical Lead Analyst, and a Security Architect, among others. The salary potential for these professionals is an average of $105,000 per annum. Depending on their level of experience, this figure may be even higher.

How to book the CAS-003 Exam

These are following steps for registering the CAS-003 exam. Step 1: Visit to CompTIA website Step 2: Purchase the CAS-003 exam Voucher Step 3: Login for the test Step 4: Find and select the testing location Step 5: Select Date, time and Schedule your test

 

NEW QUESTION 238
Two new technical SMB security settings have been enforced and have also become policies that increase secure communications.
Network Client: Digitally sign communication
Network Server: Digitally sign communication
A storage administrator in a remote location with a legacy storage array, which contains time-sensitive data, reports employees can no longer connect to their department shares. Which of the following mitigation strategies should an information security manager recommend to the data owner?

• A. Accepttheriskfor theremote location,andreverse the settingsindefinitely sincethe legacystorage device will not be upgraded
• B. Accepttherisk,reversethe settingsfor theremote location,andhave the remote location file arisk exception until the legacy storage device can be upgraded
• C. Avoidthe risk,leavethe settingsalone,anddecommission the legacystoragedevice
• D. Mitigatethe riskfor theremote location bysuggestinga move to a cloud service provider.Havethe remote location request an indefinite risk exception for the use of cloud storage

Answer: B

 

NEW QUESTION 239
An engineer maintains a corporate-owned mobility infrastructure, and the organization requires that all web browsing using corporate-owned resources be monitored. Which of the following would allow the organization to meet its requirement? (Choose two.)

• A. Implement a VDI solution and deploy supporting client apps to devices
• B. Restrict application permissions to establish only HTTPS connections outside of the enterprise boundary
• C. Configure the devices to use an always-on IPSec VPN
• D. Exempt mobile devices from the requirement, as this will lead to privacy violations
• E. Configure all management traffic to be tunneled into the enterprise via TLS

Answer: B,C

 

NEW QUESTION 240
A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool has not been built to cater to a broader set of internal teams yet. The engineer has sought feedback from internal stakeholders, and a list of summarized requirements is as follows:
The tool needs to be responsive so service teams can query it, and then perform an automated

response action.
The tool needs to be resilient to outages so service teams can perform the user access review at any

point in time and meet their own SLAs.
The tool will become the system-of-record for approval, reapproval, and removal life cycles of group

memberships and must allow for data retrieval after failure.
Which of the following need specific attention to meet the requirements listed above? (Choose three.)

• A. Availability
• B. Recoverability
• C. Usability
• D. Latency
• E. Scalability
• F. Maintainability

Answer: A,B,D

 

NEW QUESTION 241
A software company is releasing a new mobile application to a broad set of external customers. Because the software company is rapidly releasing new features, it has built in an over-the-air software update process that can automatically update the application at launch time. Which of the following security controls should be recommended by the company's security architect to protect the integrity of the update process? (Choose two.)

• A. Validate cryptographic signatures applied to software updates
• B. Require HTTPS connections for downloads of software updates
• C. Ensure there are multiple download mirrors for availability
• D. Enforce a click-through process with user opt-in for new features
• E. Perform certificate pinning of the associated code signing key

Answer: A,E

Explanation:
Explanation/Reference:

 

NEW QUESTION 242
A consulting firm was hired to conduct assessment for a company. During the first stage, a penetration tester used a tool that provided the following output:
TCP 80 open
TCP 443 open
TCP 1434 filtered
The penetration tester then used a different tool to make the following requests:
GET / script/login.php?token=45$MHT000MND876
GET / script/login.php?token=@#984DCSPQ%091DF
Which of the following tools did the penetration tester use? (Choose two)

• A. Log analyzer
• B. Port scanner
• C. HTTP interceptor
• D. Brute forcer
• E. Protocol analyzer
• F. Fuzzer

Answer: B,C

Explanation:
At first, the pentester used a port scanner (B) - something like a nmap. Then, the 2nd tool was a HTTP interceptor (F) - something like Burp Suite/ZAP.

 

NEW QUESTION 243
A user has a laptop configured with multiple operating system installations. The operating systems are all installed on a single SSD, but each has its own partition and logical volume. Which of the following is the BEST way to ensure confidentiality of individual operating system data?

• A. Encryption of each individual partition
• B. FDE of the entire SSD as a single disk
• C. FDE of each logical volume on the SSD
• D. Encryption of the SSD at the file level

Answer: A

Explanation:
Explanation
In this question, we have multiple operating system installations on a single disk. Some operating systems store their boot loader in the MBR of the disk. However, some operating systems install their boot loader outside the MBR especially when multiple operating systems are installed. We need to encrypt as much data as possible but we cannot encrypt the boot loaders. This would prevent the operating systems from loading.
Therefore, the solution is to encrypt each individual partition separately.

 

NEW QUESTION 244
A security analyst is reviewing logs and discovers that a company-owned computer issued to an employee is generating many alerts and analyst continues to review the log events and discovers that a non-company-owned device from a different, unknown IP address is general same events. The analyst informs the manager of these finding, and the manager explains that these activities are already known and . . . ongoing simulation. Given this scenario, which of the following roles are the analyst, the employee, and the manager fillings?

• A. The analyst is red team
  The employee is white team
  The manager is blue team
• B. The analyst is white team
  The employee is red team
  The manager is blue team
• C. The analyst is blue team
  The employee is red team
  The manager is white team
• D. The analyst is red team
  The employee is blue team
  The manager is white team

Answer: C

 

NEW QUESTION 245
A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which
of the following activities would be MOST appropriate?

• A. Scan the website through an interception proxy and identify areas for the code injection
• B. Use network enumeration tools to identify if the server is running behind a load balancer
• C. Use a protocol analyzer against the site to see if data input can be replayed from the browser
• D. Scan the site with a port scanner to identify vulnerable services running on the web server

Answer: D

 

NEW QUESTION 246
CORRECT TEXT
A security analyst is reviewing logs and discovers that a company-owned computer issued to an employee is generating many alerts and analyst continues to review the log events and discovers that a non-company-owned device from a different, unknown IP address is general same events. The analyst informs the manager of these finding, and the manager explains that these activities are already known and . . . ongoing simulation. Given this scenario, which of the following roles are the analyst, the employee, and the manager fillings?

• A. The analyst is red team
  The employee is white team
  The manager is blue team
• B. The analyst is white team
  The employee is red team
  The manager is blue team
• C. The analyst is blue team
  The employee is red team
  The manager is white team
• D. The analyst is red team
  The employee is blue team
  The manager is white team

Answer: C

 

NEW QUESTION 247
An infrastructure team within an energy organization is at the end of a procurement process and has selected a vendor's SaaS platform to deliver services. As part of the legal negotiation, there are a number of outstanding risks, including:
* There are clauses that confirm a data retention period in line with what is in the energy organization's security policy.
* The data will be hosted and managed outside of the energy organization's geographical location.
The number of users accessing the system will be small, and no sensitive data will be hosted in the SaaS platform. Which of the following should the project's security consultant recommend as the NEXT step?

• A. Mititgate the risks by asking the vendor to accept the in-country privacy principles and modify the retention period.
• B. Require a solution owner within the energy organization to accept the identified risks and consequences.
• C. Develop a security exemption, as the solution does not meet the security policies of the energy organization.
• D. Review the procurement process to determine the lessons learned in relation to discovering risks toward the end of the process.

Answer: B

 

NEW QUESTION 248
An organization is concerned that its hosted web servers are not running the most updated version of software.
Which of the following would work BEST to help identify potential vulnerabilities?

• A. nc -1 -v comptia.org -p 80
• B. nmap comptia.org -p 80 -sV
• C. nslookup -port=80 comptia.org
• D. hping3 -S comptia.org -p 80

Answer: B

 

NEW QUESTION 249
A cybersecurity consulting company supports a diverse customer base. Which of the following types of constraints is MOST important for the consultancy to consider when advising a regional healthcare provider versus a global conglomerate?

• A. Regulatory standards
• B. Insider threats
• C. Return on investment
• D. Pre-existing service agreements

Answer: A

 

NEW QUESTION 250
A remote user reports the inability to authenticate to the VPN concentrator. During troubleshooting, a security administrate captures an attempted authentication and discovers the following being presented by the user's VPN client:

Which of the following BEST describes the reason the user is unable to connect to the VPN service?

• A. The user's certificate was not created for VPN use
• B. The user's certificate was created using insecure encryption algorithms
• C. The user's certificate is not signed by the VPN service provider
• D. The user's certificate has been compromised and should be revoked.

Answer: B

 

NEW QUESTION 251
A software development company lost customers recently because of a large number of software issues.
These issues were related to integrity and availability defects, including buffer overflows, pointer dereferences, and others. Which of the following should the company implement to improve code quality? (Choose two.)

• A. Code obfuscation
• B. Code comments and documentation
• C. Continuous integration
• D. Static analysis tools
• E. Application containerization
• F. Development environment access controls

Answer: A,D

 

NEW QUESTION 252
A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital's guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and require two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital's system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO).

• A. Device encryption has not been enabled and will result in a greater likelihood of data loss.
• B. Privacy could be compromised as patient records can be viewed in uncontrolled areas.
• C. Malware may be on BYOD devices which can extract data via key logging and screen scrapes.
• D. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable.
• E. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data.

Answer: B,C

Explanation:
Explanation
Privacy could be compromised because patient records can be from a doctor's personal device. This can then be shown to persons not authorized to view this information. Similarly, the doctor's personal device could have malware on it.

 

NEW QUESTION 253
A forensic analyst suspects that a buffer overflow exists in a kernel module. The analyst executes the following command:
dd if=/dev/ram of=/tmp/mem/dmp
The analyst then reviews the associated output:
^34^#AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/bin/bash^21^03#45
However, the analyst is unable to find any evidence of the running shell. Which of the following of the MOST likely reason the analyst cannot find a process ID for the shell?

• A. The system uses ASLR
• B. The NX bit is enabled
• C. The code uses dynamic libraries
• D. The shell is obfuscated

Answer: A

Explanation:
"Address space layout randomization (ASLR) is an operating system technique that randomizes where components of a running process (the base executable, application programming interfaces [APIs], the heap, etc.) are placed in memory. This makes it more difficult for an attacker to aim a buffer overflow at specific points in the address space.
ASLR mechanisms can prevent intentional software crashes that could also lead to privilege escalation attacks. Most modern OSes provide code libraries that support ASLR use. For example, on Windows, you can integrate ASLR-enabled executables and dynamic link libraries (DLL) in your app. Keep in mind, however, that some attacks have proven effective against ASLR-so don't mistake it for a flawless countermeasure to memory-based threats."

 

NEW QUESTION 254
IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern.
Options may be used once or not at all.

Answer:

Explanation:
Explanation

Vendor may accidentally or maliciously make changes to the IT system - Allow view-only access.
With view-only access, the third party can view the desktop but cannot interact with it. In other words, they cannot control the keyboard or mouse to make any changes.
Desktop sharing traffic may be intercepted by network attackers - Use SSL for remote sessions.
SSL (Secure Sockets Layer) encrypts data in transit between computers. If an attacker intercepted the traffic, the data would be encrypted and therefore unreadable to the attacker.
No guarantees that shoulder surfing attacks are not occurring at the vendor - Identified control gap.
Shoulder surfing is where someone else gains information by looking at your computer screen. This should be identified as a risk. A control gap occurs when there are either insufficient or no actions taken to avoid or mitigate a significant risk.
Vendor may inadvertently see confidential material from the company such as email and IMs - Limit desktop session to certain windows.
The easiest way to prevent a third party from viewing your emails and IMs is to close the email and IM application windows for the duration of the desktop sharing session.

 

NEW QUESTION 255
......

CAS-003 [Jan-2022] Newly Released] Exam Questions For You To Pass: https://www.dumpsquestion.com/CAS-003-exam-dumps-collection.html