Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. CompTIA
  3. CompTIA CASP
  4. CAS-003 - CompTIA Advanced Security Practitioner (CASP) Exam
Note! Following CAS-003 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is CAS-004

CAS-003 Exam Dumps - CompTIA Advanced Security Practitioner (CASP) Exam

Go to page:
Question # 41

A regional transportation and logistics company recently hired its first Chief Information Security Officer (CISO). The CISO’s first project after onboarding involved performing a vulnerability assessment against the company’s public facing network. The completed scan found a legacy collaboration platform application with a critically rated vulnerability. While discussing this issue with the line of business, the CISO learns the vulnerable application cannot be updated without the company incurring significant losses due to downtime or new software purchases.

Which of the following BEST addresses these concerns?

A.

The company should plan future maintenance windows such legacy application can be updated as needed.

B.

The CISO must accept the risk of the legacy application, as the cost of replacing the application greatly exceeds the risk to the company.

C.

The company should implement a WAF in front of the vulnerable application to filter out any traffic attempting to exploit the vulnerability.

D.

The company should build a parallel system and perform a cutover from the old application to the new application, with less downtime than an upgrade.

Full Access
Question # 42

Given the following:

Which of the following vulnerabilities is present in the above code snippet?

A.

Disclosure of database credential

B.

SQL-based string concatenation

C.

DOM-based injection

D.

Information disclosure in comments

Full Access
Question # 43

Which of the following attacks can be used to exploit a vulnerability that was created by untrained users?

A.

A spear-phishing email with a file attachment

B.

A DoS using IoT devices

C.

An evil twin wireless access point

D.

A domain hijacking of a bank website

Full Access
Question # 44

The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more

than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?

A.

Updating the playbook with better decision points

B.

Dividing the network into trusted and untrusted zones

C.

Providing additional end-user training on acceptable use

D.

Implementing manual quarantining of infected hosts

Full Access
Question # 45

Following a recent disaster a business activates its DRP. The business is operational again within 60 minutes. The business has multiple geographically dispersed locations that have similar equipment and operational capabilities. Which of the following strategies has the business implemented?

A.

Cold site

B.

Reciprocal agreement

C.

Recovery point objective

D.

Internal redundancy

Full Access
Question # 46

Over the last 90 days, many storage services has been exposed in the cloud services environments, and the security team does not have the ability to see is creating these instance. Shadow IT is creating data services and instances faster than the small security team can keep up with them. The Chief information security Officer (CIASO) has asked the security officer (CISO) has asked the security lead architect to architect to recommend solutions to this problem.

Which of the following BEST addresses the problem best address the problem with the least amount of administrative effort?

A.

Compile a list of firewall requests and compare than against interesting cloud services.

B.

Implement a CASB solution and track cloud service use cases for greater visibility.

C.

Implement a user-behavior system to associate user events and cloud service creation events.

D.

Capture all log and feed then to a SIEM and then for cloud service events

Full Access
Question # 47

A security analyst is reviewing the security of a company's public-facing servers After some research the analyst discovers the following on a public pastebin website.

Which of the following should the analyst do NEXT?

A.

Review the system logs

B.

Scan *.company com for vulnerabilities.

C.

Begin a root cause analysis.

D.

Change the password to the MySQL database

Full Access
Question # 48

A Chief Information Security Officer (CISO) wants to obtain data from other organizations in the same industry related to recent attacks against industry targets A partner firm m the industry provides information that discloses the attack vector and the affected vulnerability that impacted other firms. The CISO then works with that firm's CERT to evaluate the organization for applicability associated with the intelligence provided. This activity is an example of:

A.

an emerging threat teed

B.

a risk analysis

C.

a zero-day vulnerably

D.

threat modeling

E.

machine learning

F.

Big Data

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps