Download CompTIA Advanced Security Practitioner (CASP).Prepaway.CAS-003.2019-07-04.1e.131q.vcex

Download Exam

File Info

Exam CompTIA Advanced Security Practitioner (CASP)
Number CAS-003
File Name CompTIA Advanced Security Practitioner (CASP).Prepaway.CAS-003.2019-07-04.1e.131q.vcex
Size 2.83 Mb
Posted July 04, 2019
Downloads 21

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1
A penetration tester is conducting an assessment on and runs the following command from a coffee shop while connected to the public Internet:


Which of the following should the penetration tester conclude about the command output?

  • A: The public/private views on the DNS servers are misconfigured
  • B: is running an older mail server, which may be vulnerable to exploits
  • C: The DNS SPF records have not been updated for
  • D: is a backup mail server that may be more vulnerable to attack

Question 2
During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization’s reliance on VLANs to segment traffic is insufficient to provide segmentation based on regulatory standards. Which of the following should the organization consider implementing along with VLANs to provide a greater level of segmentation? 

  • A: Air gaps
  • B: Access control lists
  • C: Spanning tree protocol
  • D: Network virtualization
  • E: Elastic load balancing

Question 3
A security administrator was informed that a server unexpectedly rebooted. The administrator received an export of syslog entries for analysis:


Which of the following does the log sample indicate? (Choose two.) 

  • A: A root user performed an injection attack via kernel module
  • B: Encrypted payroll data was successfully decrypted by the attacker
  • C: Jsmith successfully used a privilege escalation attack
  • D: Payroll data was exfiltrated to an attacker-controlled host
  • E: Buffer overflow in memory paging caused a kernel panic
  • F: Syslog entries were lost due to the host being rebooted

Question 4
An organization has employed the services of an auditing firm to perform a gap assessment in preparation for an upcoming audit. As part of the gap assessment, the auditor supporting the assessment recommends the organization engage with other industry partners to share information about emerging attacks to organizations in the industry in which the organization functions. Which of the following types of information could be drawn from such participation?

  • A: Threat modeling
  • B: Risk assessment
  • C: Vulnerability data
  • D: Threat intelligence
  • E: Risk metrics
  • F: Exploit frameworks

Question 5
A recent penetration test identified that a web server has a major vulnerability. The web server hosts a critical shipping application for the company and requires 99.99% availability. Attempts to fix the vulnerability would likely break the application. The shipping application is due to be replaced in the next three months. 
Which of the following would BEST secure the web server until the replacement web server is ready? 

  • A: Patch management
  • B: Antivirus
  • C: Application firewall
  • D: Spam filters
  • E: HIDS

Question 6
To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200 vulnerabilities on production servers to be remediated. The security engineer must determine which vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the most dangerous risks. The CISO wants the security engineer to act in the same manner as would an external threat, while using vulnerability scan results to prioritize any actions. 
Which of the following approaches is described?

  • A: Blue team
  • B: Red team
  • C: Black box
  • D: White team

Question 7
An engineer is evaluating the control profile to assign to a system containing PII, financial, and proprietary data. 


Based on the data classification table above, which of the following BEST describes the overall classification?

  • A: High confidentiality, high availability
  • B: High confidentiality, medium availability
  • C: Low availability, low confidentiality
  • D: High integrity, low availability

Question 8
A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them. After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst is now recommending that developers and testers have a separate device profile allowing this, and that the rest of the organization’s users do not have the ability to manually download and install untrusted applications. Which of the following settings should be toggled to achieve the goal? (Choose two.)

  • A: OTA updates
  • B: Remote wiping
  • C: Side loading 
  • D: Sandboxing
  • E: Containerization
  • F: Signed applications

Question 9
The Chief Information Security Officer (CISO) for an organization wants to develop custom IDS rulesets faster, prior to new rules being released by IDS vendors. 
Which of the following BEST meets this objective?

  • A: Identify a third-party source for IDS rules and change the configuration on the applicable IDSs to pull in the new rulesets
  • B: Encourage cybersecurity analysts to review open-source intelligence products and threat database to generate new IDS rules based on those sources
  • C: Leverage the latest TCP- and UDP-related RFCs to arm sensors and IDSs with appropriate heuristics for anomaly detection
  • D: Use annual hacking conventions to document the latest attacks and threats, and then develop IDS rules to counter those threats

Question 10
A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:


Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)

  • A: Install HIPS
  • B: Enable DLP
  • C: Install EDR
  • D: Install HIDS
  • E: Enable application blacklisting
  • F: Improve patch management processes



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files