Download CompTIA Advanced Security Practitioner (CASP).Testking.CAS-003.2019-04-10.1e.95q.vcex

Download Exam

File Info

Exam CompTIA Advanced Security Practitioner (CASP)
Number CAS-003
File Name CompTIA Advanced Security Practitioner (CASP).Testking.CAS-003.2019-04-10.1e.95q.vcex
Size 1.58 Mb
Posted April 10, 2019
Downloads 33

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

 
 



Demo Questions

Question 1
During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization’s reliance on VLANs to segment traffic is insufficient to provide segmentation based on regulatory standards. Which of the following should the organization consider implementing along with VLANs to provide a greater level of segmentation?

  • A: Air gaps
  • B: Access control lists
  • C: Spanning tree protocol
  • D: Network virtualization
  • E: Elastic load balancing



Question 2
A security administrator was informed that a server unexpectedly rebooted. The administrator received an export of syslog entries for analysis:

  

Which of the following does the log sample indicate? (Choose two.) 

  • A: A root user performed an injection attack via kernel module
  • B: Encrypted payroll data was successfully decrypted by the attacker
  • C: Jsmith successfully used a privilege escalation attack
  • D: Payroll data was exfiltrated to an attacker-controlled host
  • E: Buffer overflow in memory paging caused a kernel panic
  • F: Syslog entries were lost due to the host being rebooted



Question 3
An organization has employed the services of an auditing firm to perform a gap assessment in preparation for an upcoming audit. As part of the gap assessment, 
the auditor supporting the assessment recommends the organization engage with other industry partners to share information about emerging attacks to 
organizations in the industry in which the organization functions. Which of the following types of information could be drawn from such participation? 


  • A: Threat modeling
  • B: Risk assessment
  • C: Vulnerability data
  • D: Threat intelligence
  • E: Risk metrics
  • F: Exploit frameworks



Question 4
A recent penetration test identified that a web server has a major vulnerability. The web server hosts a critical shipping application for the company and requires 99.99% availability. Attempts to fix the vulnerability would likely break the application. The shipping application is due to be replaced in the next three months. Which of the following would BEST secure the web server until the replacement web server is ready?

  • A: Patch management
  • B: Antivirus
  • C: Application firewall
  • D: Spam filters
  • E: HIDS



Question 5
To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200 vulnerabilities on production servers to be remediated. The security engineer must determine which vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the most dangerous risks. The CISO wants the security engineer to act in the same manner as would an external threat, while using vulnerability scan results to prioritize any actions. 
Which of the following approaches is described?

  • A: Blue team
  • B: Red team
  • C: Black box
  • D: White team



Question 6
An engineer is evaluating the control profile to assign to a system containing PII, financial, and proprietary data. 

  

Based on the data classification table above, which of the following BEST describes the overall classification?

  • A: High confidentiality, high availability
  • B: High confidentiality, medium availability
  • C: Low availability, low confidentiality
  • D: High integrity, low availability



Question 7
A company has hired an external security consultant to conduct a thorough review of all aspects of corporate security. The company is particularly concerned about unauthorized access to its physical offices resulting in network compromises. Which of the following should the consultant recommend be performed to evaluate potential risks?

  • A: The consultant should attempt to gain access to physical offices through social engineering and then attempt data exfiltration
  • B: The consultant should be granted access to all physical access control systems to review logs and evaluate the likelihood of the threat
  • C: The company should conduct internal audits of access logs and employee social media feeds to identify potential insider threats
  • D: The company should install a temporary CCTV system to detect unauthorized access to physical offices 



Question 8
A server (10.0.0.2) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a 
separate network segment. The security engineer implements the following configuration on the management router:

  

Which of the following is the engineer implementing?

  • A: Remotely triggered black hole
  • B: Route protection
  • C: Port security
  • D: Transport security
  • E: Address space layout randomization



Question 9
An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live. The web host administrator collects the log files below and gives them to the development team so improvements can be made to the security design of the website. 

  

Which of the following types of attack vector did the penetration tester use? 

  • A: SQLi
  • B: CSRF
  • C: Brute force
  • D: XSS
  • E: TOC/TOU



Question 10
The Chief Information Security Officer (CISO) for an organization wants to develop custom IDS rulesets faster, prior to new rules being released by IDS vendors. 
Which of the following BEST meets this objective?

  • A: Identify a third-party source for IDS rules and change the configuration on the applicable IDSs to pull in the new rulesets
  • B: Encourage cybersecurity analysts to review open-source intelligence products and threat database to generate new IDS rules based on those sources
  • C: Leverage the latest TCP- and UDP-related RFCs to arm sensors and IDSs with appropriate heuristics for anomaly detection
  • D: Use annual hacking conventions to document the latest attacks and threats, and then develop IDS rules to counter those threats






CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset