• Home
  • Articles
  • Verified CAS-003 dumps Q&As 100% Pass in First Attempt Guaranteed Updated Dump from TroytecDumps [Q147-Q163]

Verified CAS-003 dumps Q&As 100% Pass in First Attempt Guaranteed Updated Dump from TroytecDumps [Q147-Q163]

Share

Verified CAS-003 dumps Q&As 100% Pass in First Attempt Guaranteed Updated Dump from TroytecDumps

Pass CASP Recertification CAS-003 Exam With  574 Questions


What You Have to Learn for the Test?

For clearing CAS-003 exam easily, you need to know the objectives mentioned below:

  • Backing the IT governance in the organization by giving importance to managing risk, handling strategies for risk mitigation.
  • Utilizing research and investigation techniques to select the most up-to-date and appropriate tools and methods to protect the organization.
  • Applying security controls for mobile, host, and other devices as well as perform integration of security and network components.
  • Using virtualization, cloud, and on-premise technologies to integrate different hosts, networks, storage into a protected infrastructure.
  • Working on recovery as well as incident response and providing various security assessments.

In addition, the applicants have to learn how to enforce cryptographic practices, analyze risks by interpreting trend data, and more.


Enterprise Security Architecture: 25%

  • Analyzing scenarios to incorporate security controls for small form factor and mobile devices to fulfill security prerequisites: this domain will measure competence in enterprise mobility management; security implication and privacy concerns; wearable technology.
  • Analyzing scenarios and incorporating security and network components, architectures, and concepts to fulfill security prerequisites: the skills that will be measured in this topic include virtual and physical security and network devices; protocol-aware and application technologies; advanced network design; multifaceted network security solutions for the data flow; securing baselining and configuration of security and networking components; software-defined networking; network management & monitoring tools; advanced configuration of network devices, including routers and switches; security zones; network access control; network-enabled devices; critical infrastructure.
  • Selecting relevant security control according to given software vulnerability scenarios: this subject area requires the students’ understanding of application security design considerations; specific application problems; allocation sandboxing; client-side processing versus server-side processing; web application firewalls; database activity monitoring; secure encrypted enclaves; operating system vulnerability; firmware vulnerabilities.
  • Analyzing scenarios to incorporate security controls or the host devices to fulfill security prerequisites: the test takers will be required to demonstrate competence in Endpoint security software; host hardening; trusted OS; boot loader protections; terminal services and application delivery services; vulnerabilities connected with hardware.

NEW QUESTION 147
An architect was recently hired by a power utility to increase the security posture of the company's power generation and distribution sites. Upon review, the architect identifies legacy hardware with highly vulnerable and unsupported software driving critical operations. These systems must exchange data with each other, be highly synchronized, and pull from the Internet time sources. Which of the following architectural decisions would BEST reduce the likelihood of a successful attack without harming operational capability? (Choose two.)

  • A. Configure the systems to use government-hosted NTP servers
  • B. Isolate the systems on their own network
  • C. Employ own stratum-0 and stratum-1 NTP servers
  • D. Upgrade the software on critical systems
  • E. Install a firewall and IDS between systems and the LAN

Answer: A,E

 

NEW QUESTION 148
While an employee is on vacation, suspicion arises that the employee has been involved in malicious activity on the network. The security engineer is concerned the investigation may need to continue after the employee returns to work. Given this concern, which of the following should the security engineer recommend to maintain the integrity of the investigation?

  • A. Install a keylogger to capture the employee's communications and contacts
  • B. Create archival copies of all documents and communications related to the employee
  • C. Create an image file of the employee's network drives and store it with hashes
  • D. Create a forensic image of network infrastructure devices

Answer: A

 

NEW QUESTION 149
When implementing a penetration testing program, the Chief Information Security Officer (CISO) designates different organizational groups within the organization as having different responsibilities, attack vectors, and rules of engagement. First, the CISO designates a team to operate from within the corporate environment. This team is commonly referred to as:

  • A. the white team.
  • B. the blue team.
  • C. the red team.
  • D. the operations team.
  • E. the development team.

Answer: A

 

NEW QUESTION 150
A security administrator must configure the database server shown below to comply with the four requirements listed. Drag and drop the appropriate ACL that should be configured on the database server to its corresponding requirement. Answer options may be used once or not at all.

Answer:

Explanation:

 

NEW QUESTION 151
As part of the development process for a new system, the organization plans to perform requirements analysis and risk assessment. The new system will replace a legacy system, which the organization has used to perform data analytics. Which of the following is MOST likely to be part of the activities conducted by management during this phase of the project?

  • A. Designreviewsanduseracceptancetesting to ensure the systemhas beendeployedproperly
  • B. Validationofexpectationsrelatingto systemperformanceandsecurity
  • C. Loadtesting the systemtoensure response timesis acceptabletostakeholders
  • D. Regressiontesting to evaluate interoperabilitywiththe legacysystem duringthedeployment
  • E. Staticcodeanalysisandpeerreviewofallapplicationcode

Answer: C

 

NEW QUESTION 152
The finance department for an online shopping website has discovered that a number of customers were able to purchase goods and services without any payments. Further analysis conducted by the security investigations team indicated that the website allowed customers to update a payment amount for shipping. A specially crafted value could be entered and cause a roll over, resulting in the shipping cost being subtracted from the balance and in some instances resulted in a negative balance. As a result, the system processed the negative balance as zero dollars. Which of the following BEST describes the application issue?

  • A. SQL injection
  • B. Race condition
  • C. Integer overflow
  • D. Use after free
  • E. Click-jacking

Answer: C

Explanation:
Explanation
Integer overflow errors can occur when a program fails to account for the fact that an arithmetic operation can result in a quantity either greater than a data type's maximum value or less than its minimum value.

 

NEW QUESTION 153
A company is facing penalties for failing to effectively comply with e-discovery requests.
Which of the following could reduce the overall risk to the company from this issue?

  • A. Allow encryption only by tools that use public keys from the existing escrowed corporate PKI.
  • B. Require each user to log passwords used for file encryption to a decentralized repository.
  • C. Permit users to only encrypt individual files using their domain password and archive all old user passwords.
  • D. Establish a policy that only allows filesystem encryption and disallows the use of individual file encryption.

Answer: A

Explanation:
Electronic discovery (also called e-discovery) refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case. E-discovery can be carried out offline on a particular computer or it can be done in a network.
An e-discovery policy would define how data is archived and encrypted. If the data is archived in an insecure manor, a user could be able to delete data that the user does not want to be searched. Therefore, we need to find a way of securing the data in a way that only authorized people can access the data.
A public key infrastructure (PKI) supports the distribution and identification of public encryption keys for the encryption of data. The data can only be decrypted by the private key.
In this question, we have an escrowed corporate PKI. Escrow is an independent and licensed third party that holds something (money, sensitive data etc.) and releases it only when predefined conditions have been met. In this case, Escrow is holding the private key of the PKI.
By encrypting the e-discovery data by using the PKI public key, we can ensure that the data can only be decrypted by the private key held in Escrow and this will only happen when the predefined conditions are met.

 

NEW QUESTION 154
Using SSL, an administrator wishes to secure public facing server farms in three subdomains: dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the following is the number of wildcard SSL certificates that should be purchased?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: A

Explanation:
You would need three wildcard certificates:
*. east.company.com
*. central.company.com
*. west.company.com
The common domain in each of the domains is company.com. However, a wildcard covers only one level of subdomain. For example: *. company.com will cover
"<anything>.company.com" but it won't cover "<anything>.<anything>.company.com".
You can only have one wildcard in a domain. For example: *.company.com. You cannot have *.*.company.com. Only the leftmost wildcard (*) is counted.

 

NEW QUESTION 155
Drag and drop the cloud deployment model to the associated use-case scenario. Options may be used only once or not at all.

Answer:

Explanation:
Explanation

 

NEW QUESTION 156
A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?

  • A. Deploy new perimeter firewalls at all stores with UTM functionality.
  • B. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution.
  • C. Change antivirus vendors at the store and the corporate office.
  • D. Deploy a proxy server with content filtering at the corporate office and route all traffic through it.

Answer: A

Explanation:
A perimeter firewall is located between the local network and the Internet where it can screen network traffic flowing in and out of the organization. A firewall with unified threat management (UTM) functionalities includes anti-malware capabilities.
Incorrect Answers:
B: Antivirus applications prevent viruses, worms and Trojans but not other types of malware, such as spyware.
C: A virtual desktop infrastructure (VDI) solution refers to computer virtualization. It uses servers to provide desktop operating systems to a host machines. This reduces on-site support and improves centralized management. It does not mitigate against malware attacks.
D: Content filtering is used to control the types of email messages that flow in and out of an organization, and the types of web pages a user may access. It does not mitigate against malware attacks.
References:
Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley & Sons, Indianapolis, 2012, pp. 92, 124-127, 135-138

 

NEW QUESTION 157
A newly hired security analyst has joined an established SOC team. Not long after going through corporate orientation, a new attack method on web-based applications was publicly revealed. The security analyst immediately brings this new information to the team lead, but the team lead is not concerned about it.
Which of the following is the MOST likely reason for the team lead's position?

  • A. The attack type does not meet the organization's threat model.
  • B. Web-based applications are on isolated network segments.
  • C. Corporate policy states that NIPS signatures must be updated every hour.
  • D. The organization has accepted the risks associated with web-based threats.

Answer: D

 

NEW QUESTION 158
A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing confidential corporate information on a daily basis. Which of the following are the MOST effective security controls that can be implemented to stop the above problem? (Select TWO).

  • A. Security awareness compliance training for all employees
  • B. Implement NIDS on the desktop and DMZ networks
  • C. Implement DLP on the desktop, email gateway, and web proxies
  • D. Implement a URL filter to block the online forum
  • E. Review of security policies and procedures

Answer: A,C

Explanation:
Security awareness compliance training for all employees should be implemented to educate employees about corporate policies and procedures for working with information technology (IT). Data loss prevention (DLP) should be implemented to make sure that users do not send sensitive or critical information outside the corporate network.

 

NEW QUESTION 159
The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented?

  • A. Improper handling of client data, interoperability agreement issues and regulatory issues
  • B. Geographical regulation issues, loss of intellectual property and interoperability agreement issues
  • C. Cultural differences, increased cost of doing business and divestiture issues
  • D. Improper handling of customer data, loss of intellectual property and reputation damage

Answer: D

Explanation:
Explanation
The risk of security violations or compromised intellectual property (IP) rights is inherently elevated when working internationally. A key concern with outsourcing arrangements is making sure that there is sufficient protection and security in place for personal information being transferred and/or accessed under an outsourcing agreement.

 

NEW QUESTION 160
The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53?

  • A. NMAP
  • B. PING
  • C. NESSUS
  • D. NSLOOKUP

Answer: A

Explanation:
NMAP works as a port scanner and is used to check if the DNS server is listening on port
53.

 

NEW QUESTION 161
After an employee was terminated, the company discovered the employee still had access to emails and attached content that should have been destroyed during the off-boarding. The employee's laptop and cell phone were confiscated and accounts were disabled promptly.
Forensic investigation suggests the company's DLP was effective, and the content in QUESTION
5was not sent outside of work or transferred to removable media. Personality owned devices are not permitted to access company systems or information.
Which of the following would be the MOST efficient control to prevent this from occurring in the future?

  • A. Restrict access to company systems to expected times of day and geographic locations.
  • B. Perform unannounced insider threat testing on high-risk employees.
  • C. Prevent backup of mobile devices to personally owned computers.
  • D. Install application whitelist on mobile devices.
  • E. Disallow side loading of applications on mobile devices.

Answer: A

 

NEW QUESTION 162
An engineer wants to assess the OS security configurations on a company's servers. The engineer has downloaded some files to orchestrate configuration checks When the engineer opens a file in a text editor, the following excerpt appears:

Which of the following capabilities would a configuration compliance checker need to support to interpret this file?

  • A. Swagger file
  • B. Netcat
  • C. WSDL
  • D. SCAP
  • E. Nessus

Answer: D

 

NEW QUESTION 163
......

Pass CAS-003 Tests Engine pdf - All Free Dumps: https://www.troytecdumps.com/CAS-003-troytec-exam-dumps.html

Related Articles

more
CompTIA CAS-003 Certification Practice Exam

Copyright © 2026 TroytecDumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
TroytecDumps doesn't offer Real CompTIA Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
TroytecDumps material do not contain actual actual Oracle Exam Questions or material.
TroytecDumps doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
TroytecDumps Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
TroytecDumps.com does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. TroytecDumps does not own or claim any ownership on any of the brands.