Download CompTIA Advanced Security Practitioner (CASP).PremDumps.CAS-003.2019-04-15.1e.305q.vcex

Download Dump

File Info

Exam CompTIA Advanced Security Practitioner (CASP)
Number CAS-003
File Name CompTIA Advanced Security Practitioner (CASP).PremDumps.CAS-003.2019-04-15.1e.305q.vcex
Size 2.19 Mb
Posted April 15, 2019
Downloads 103

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Coupon: EXAM_HUB

Discount: 20%


Demo Questions

Question 1
In a SPML exchange, Provisioning Service Target (PST), Provisioning Service Provider (PSP) and Request Authority (RA), which of the following BEST describes the three primary roles?

  • A: The PST entity makes the provisioning request, the PSP responds to the PST requests, and the PST performs the provisioning. 
  • B: The PSP entity makes the provisioning request, the PST responds to the PSP requests, and the PSP performs the provisioning. 
  • C: The RA entity makes the provisioning request, the PST responds to the RA requests, and the PSP performs the provisioning. 
  • D: The RA entity makes the provisioning request, the PSP responds to the RA requests, and the PST performs the provisioning.

Question 2
The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients. Which of the following is MOST likely the cause of this problem?

  • A: TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped. 
  • B: TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall. 
  • C: Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped. 
  • D: The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.

Question 3
Company XYZ has experienced a breach and has requested an internal investigation be conducted by the IT Department. Which of the following represents the correct order of the investigation process?

  • A: Collection, Identification, Preservation, Examination, Analysis, Presentation.
  • B: Identification, Preservation, Collection, Examination, Analysis, Presentation.
  • C: Collection, Preservation, Examination, Identification, Analysis, Presentation.
  • D: Identification, Examination, Preservation, Collection, Analysis, Presentation.

Question 4
A system administrator has a responsibility to maintain the security of the video teleconferencing system. During a self-audit of the video teleconferencing room, the administrator notices that speakers and microphones are hard-wired and wireless enabled. Which of the following security concerns should the system administrator have about the existing technology in the room?

  • A: Wired transmissions could be intercepted by remote users.
  • B: Bluetooth speakers could cause RF emanation concerns.
  • C: Bluetooth is an unsecure communication channel.
  • D: Wireless transmission causes interference with the video signal.

Question 5
A large organization that builds and configures every data center against distinct requirements loses efficiency, which results in slow response time to resolve issues. However, total uniformity presents other problems. Which of the following presents the GREATEST risk when consolidating to a single vendor or design solution?

  • A: Competitors gain an advantage by increasing their service offerings.
  • B: Vendor lock in may prevent negotiation of lower rates or prices.
  • C: Design constraints violate the principle of open design.
  • D: Lack of diversity increases the impact of specific events or attacks.

Question 6
A security engineer at a software development company has identified several vulnerabilities in a product late in the development cycle. This causes a huge delay for the release of the product.
Which of the following should the administrator do to prevent these issues from occurring in the future?

  • A: Recommend switching to an SDLC methodology and perform security testing during each maintenance iteration.
  • B: Recommend switching to a spiral software development model and perform security testing during the requirements gathering.
  • C: Recommend switching to a waterfall development methodology and perform security testing during the testing phase.
  • D: Recommend switching to an agile development methodology and perform security testing during iterations.

Question 7
The manager of the firewall team is getting complaints from various IT teams that firewall changes are causing issues. Which of the following should the manager recommend to BEST address these issues?

  • A: Set up a weekly review for relevant teams to discuss upcoming changes likely to have a broad impact.
  • B: Update the change request form so that requesting teams can provide additional details about the requested changes.
  • C: Require every new firewall rule go through a secondary firewall administrator for review before pushing the firewall policy.
  • D: Require the firewall team to verify the change with the requesting team before pushing the updated firewall policy.

Question 8
An asset manager is struggling with the best way to reduce the time required to perform asset location activities in a large warehouse. A project manager indicated that RFID might be a valid solution if the asset manager's requirements were supported by current RFID capabilities. Which of the following requirements would be MOST difficult for the asset manager to implement?

  • A: The ability to encrypt RFID data in transmission.
  • B: The ability to integrate environmental sensors into the RFID tag.
  • C: The ability to track assets in real time as they move throughout the facility.
  • D: The ability to assign RFID tags a unique identifier.

Question 9
Part of the procedure for decommissioning a database server is to wipe all local disks, as well as SAN LUNs allocated to the server, even though the SAN itself is not being decommissioned. Which of the following is the reason for wiping the SAN LUNs?

  • A: LUN masking will prevent the next server from accessing the LUNs.
  • B: The data may be replicated to other sites that are not as secure.
  • C: Data remnants remain on the LUN that could be read by other servers.
  • D: The data is not encrypted during transport.

Question 10
A software development manager is running a project using agile development methods. The company cybersecurity engineer has noticed a high number of vulnerabilities have been making it into production code on the project. Which of the following methods could be used in addition to an integrated development environment to reduce the severity of the issue?

  • A: Conduct a penetration test on each function as it is developed.
  • B: Develop a set of basic checks for common coding errors.
  • C: Adopt a waterfall method of software development.
  • D: Implement unit tests that incorporate static code analyzers.



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files