CompTIA CAS-003 CompTIA Advanced Security Practitioner (CASP) Online Training
CompTIA CAS-003 Online Training
The questions for CAS-003 were last updated at Mar 30,2025.
- Exam Code: CAS-003
- Exam Name: CompTIA Advanced Security Practitioner (CASP)
- Certification Provider: CompTIA
- Latest update: Mar 30,2025
An organization has established the following controls matrix:
The following control sets have been defined by the organization and are applied in aggregate fashion:
✑ Systems containing PII are protected with the minimum control set.
✑ Systems containing medical data are protected at the moderate level.
✑ Systems containing cardholder data are protected at the high level.
The organization is preparing to deploy a system that protects the confidentially of a database containing PII and medical data from clients.
Based on the controls classification, which of the following controls would BEST meet these requirements?
- A . Proximity card access to the server room, context-based authentication, UPS, and full-disk encryption for the database server.
- B . Cipher lock on the server room door, FDE, surge protector, and static analysis of all application code.
- C . Peer review of all application changes, static analysis of application code, UPS, and penetration testing of the complete system.
- D . Intrusion detection capabilities, network-based IPS, generator, and context-based authentication.
A medical facility wants to purchase mobile devices for doctors and nurses. To ensure accountability, each individual will be assigned a separate mobile device.
Additionally, to protect patients’ health information, management has identified the following requirements:
✑ Data must be encrypted at rest.
✑ The device must be disabled if it leaves the facility.
✑ The device must be disabled when tampered with.
Which of the following technologies would BEST support these requirements? (Select two.)
- A . eFuse
- B . NFC
- C . GPS
- D . Biometric
- E . USB 4.1
- F . MicroSD
A company’s chief cybersecurity architect wants to configure mutual authentication to access an internal payroll website. The architect has asked the administration team to determine the configuration that would provide the best defense against MITM attacks .
Which of the following implementation approaches would BEST support the architect’s goals?
- A . Utilize a challenge-response prompt as required input at username/password entry.
- B . Implement TLS and require the client to use its own certificate during handshake.
- C . Configure a web application proxy and institute monitoring of HTTPS transactions.
- D . Install a reverse proxy in the corporate DMZ configured to decrypt TLS sessions.
A company recently migrated to a SaaS-based email solution.
The solution is configured as follows.
• Passwords are synced to the cloud to allow for SSO
• Cloud-based antivirus is enabled
• Cloud-based anti-spam is enabled
• Subscription-based blacklist is enabled
Although the above controls are enabled, the company’s security administrator is unable to detect an account compromise caused by phishing attacks in a timely fashion because email logs are not immediately available to review .
Which of the following would allow the company to gam additional visibility and reduce additional costs? (Select TWO)
- A . Migrate the email antivirus and anti-spam on-premises
- B . Implement a third-party CASB solution.
- C . Disable the current SSO model and enable federation
- D . Feed the attacker IPs from the company IDS into the email blacklist
- E . Install a virtual SIEM within the email cloud provider
- F . Add email servers to NOC monitoring
Two new technical SMB security settings have been enforced and have also become policies that increase secure communications.
Network Client: Digitally sign communication
Network Server: Digitally sign communication
A storage administrator in a remote location with a legacy storage array, which contains time-sensitive data, reports employees can no longer connect to their department shares .
Which of the following mitigation strategies should an information security manager recommend to the data owner?
- A . Accept the risk, reverse the settings for the remote location, and have the remote location file a risk exception until the legacy storage device can be upgraded
- B . Accept the risk for the remote location, and reverse the settings indefinitely since the legacy storage device will not be upgraded
- C . Mitigate the risk for the remote location by suggesting a move to a cloud service provider. Have the remote location request an indefinite risk exception for the use of cloud storage
- D . Avoid the risk, leave the settings alone, and decommission the legacy storage device
A security incident responder discovers an attacker has gained access to a network and has overwritten key system files with backdoor software. The server was reimaged and patched offline.
Which of the following tools should be implemented to detect similar attacks?
- A . Vulnerability scanner
- B . TPM
- C . Host-based firewall
- D . File integrity monitor
- E . NIPS
A DevOps team wants to move production data into the QA environment for testing. This data contains credit card numbers and expiration dates that are not tied to any individuals. The security analyst wants to reduce risk .
Which of the following will lower the risk before moving the data”
- A . Redacting all but the last four numbers of the cards
- B . Hashing the card numbers
- C . Scrambling card and expiration data
- D . Encrypting card and expiration numbers
Several recent ransomware outbreaks at a company have cost a significant amount of lost revenue.
The security team needs to find a technical control mechanism that will meet the following requirements and aid in preventing these outbreaks:
✑ Stop malicious software that does not match a signature
✑ Report on instances of suspicious behavior
✑ Protect from previously unknown threats
✑ Augment existing security capabilities
Which of the following tools would BEST meet these requirements?
- A . Host-based firewall
- B . EDR
- C . HIPS
- D . Patch management
A company’s human resources department recently had its own shadow IT department spin up ten VMs that host a mixture of differently labeled data types (confidential and restricted) on the same VMs.
Which of the following cloud and visualization considerations would BEST address the issue presented in this scenario?
- A . Vulnerabilities associated with a single platform hosting multiple data types on VMs should have been considered
- B . Vulnerabilities associated with a single server hosting multiple data types should have been considered.
- C . Type 1vs Type 2 hypervisor approaches should have been considered
- D . Vulnerabilities associated with shared hosting services provided by the IT department should have been considered.
A Chief Information Security Officer (CISO is reviewing and revising system configuration and hardening guides that were developed internally and have been used several years to secure the organization’s systems. The CISO knows improvements can be made to the guides.
Which of the following would be the BEST source of reference during the revision process?
- A . CVE database
- B . Internal security assessment reports
- C . Industry-accepted standards
- D . External vulnerability scan reports
- E . Vendor-specific implementation guides
Latest CAS-003 Dumps Valid Version with 509 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
ddd
nnn