Download CompTIA Advanced Security Practitioner (CASP).Prepaway.CAS-003.2019-07-04.1e.131q.vcex

Download Dump

File Info

Exam CompTIA Advanced Security Practitioner (CASP)
Number CAS-003
File Name CompTIA Advanced Security Practitioner (CASP).Prepaway.CAS-003.2019-07-04.1e.131q.vcex
Size 2.83 Mb
Posted July 04, 2019
Downloads 8



How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAMFILESCOM

Coupon: EXAMFILESCOM
With discount: 20%





Demo Questions

Question 1
A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet:

  

Which of the following should the penetration tester conclude about the command output?

  • A: The public/private views on the Comptia.org DNS servers are misconfigured
  • B: Comptia.org is running an older mail server, which may be vulnerable to exploits
  • C: The DNS SPF records have not been updated for Comptia.org
  • D: 192.168.102.67 is a backup mail server that may be more vulnerable to attack



Question 2
During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization’s reliance on VLANs to segment traffic is insufficient to provide segmentation based on regulatory standards. Which of the following should the organization consider implementing along with VLANs to provide a greater level of segmentation? 

  • A: Air gaps
  • B: Access control lists
  • C: Spanning tree protocol
  • D: Network virtualization
  • E: Elastic load balancing



Question 3
A security administrator was informed that a server unexpectedly rebooted. The administrator received an export of syslog entries for analysis:

  

Which of the following does the log sample indicate? (Choose two.) 

  • A: A root user performed an injection attack via kernel module
  • B: Encrypted payroll data was successfully decrypted by the attacker
  • C: Jsmith successfully used a privilege escalation attack
  • D: Payroll data was exfiltrated to an attacker-controlled host
  • E: Buffer overflow in memory paging caused a kernel panic
  • F: Syslog entries were lost due to the host being rebooted



Question 4
An organization has employed the services of an auditing firm to perform a gap assessment in preparation for an upcoming audit. As part of the gap assessment, the auditor supporting the assessment recommends the organization engage with other industry partners to share information about emerging attacks to organizations in the industry in which the organization functions. Which of the following types of information could be drawn from such participation?

  • A: Threat modeling
  • B: Risk assessment
  • C: Vulnerability data
  • D: Threat intelligence
  • E: Risk metrics
  • F: Exploit frameworks



Question 5
A recent penetration test identified that a web server has a major vulnerability. The web server hosts a critical shipping application for the company and requires 99.99% availability. Attempts to fix the vulnerability would likely break the application. The shipping application is due to be replaced in the next three months. 
Which of the following would BEST secure the web server until the replacement web server is ready? 

  • A: Patch management
  • B: Antivirus
  • C: Application firewall
  • D: Spam filters
  • E: HIDS



Question 6
To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200 vulnerabilities on production servers to be remediated. The security engineer must determine which vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the most dangerous risks. The CISO wants the security engineer to act in the same manner as would an external threat, while using vulnerability scan results to prioritize any actions. 
Which of the following approaches is described?

  • A: Blue team
  • B: Red team
  • C: Black box
  • D: White team



Question 7
An engineer is evaluating the control profile to assign to a system containing PII, financial, and proprietary data. 

  

Based on the data classification table above, which of the following BEST describes the overall classification?

  • A: High confidentiality, high availability
  • B: High confidentiality, medium availability
  • C: Low availability, low confidentiality
  • D: High integrity, low availability



Question 8
A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them. After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst is now recommending that developers and testers have a separate device profile allowing this, and that the rest of the organization’s users do not have the ability to manually download and install untrusted applications. Which of the following settings should be toggled to achieve the goal? (Choose two.)

  • A: OTA updates
  • B: Remote wiping
  • C: Side loading 
  • D: Sandboxing
  • E: Containerization
  • F: Signed applications



Question 9
The Chief Information Security Officer (CISO) for an organization wants to develop custom IDS rulesets faster, prior to new rules being released by IDS vendors. 
Which of the following BEST meets this objective?

  • A: Identify a third-party source for IDS rules and change the configuration on the applicable IDSs to pull in the new rulesets
  • B: Encourage cybersecurity analysts to review open-source intelligence products and threat database to generate new IDS rules based on those sources
  • C: Leverage the latest TCP- and UDP-related RFCs to arm sensors and IDSs with appropriate heuristics for anomaly detection
  • D: Use annual hacking conventions to document the latest attacks and threats, and then develop IDS rules to counter those threats



Question 10
A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:

  

Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)

  • A: Install HIPS
  • B: Enable DLP
  • C: Install EDR
  • D: Install HIDS
  • E: Enable application blacklisting
  • F: Improve patch management processes









CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset