CompTIA CAS-003 CompTIA Advanced Security Practitioner (CASP) Web: www.exactinside.com Version: Demo Email: email@example.com [ Total Questions: 10] IMPORTANT NOTICE Feedback We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at firstname.lastname@example.org Support If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at email@example.com and our technical experts will provide support within 24 hours. Copyright The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement. Exact Questions CompTIA - CAS-003 Question #:1 A security administrator is reviewing the following output from an offline password audit: Which of the following should the systems administrator implement to BEST address this audit finding? (Choose two.) A. Cryptoprocessor B. Bcrypt C. SHA-256 D. PBKDF2 E. Message authentication Answer: B D Question #:2 An enterprise is configuring an SSL client-based VPN for certificate authentication. The trusted root certificate from the CA is imported into the firewall, and the VPN configuration in the firewall is configured for certificate authentication. Signed certificates from the trusted CA are distributed to user devices. The CA certificate is set as trusted on the end-user devices, and the VPN client is configured on the end-user devices When the end users attempt to connect however, the firewall rejects the connection after a brief period Which of the following is the MOST likely reason the firewall rejects the connection? A. In the firewall, compatible cipher suites must be enabled B. In the VPN client, the CA CRL address needs to be specified manually C. In the router, IPSec traffic needs to be allowed in bridged mode D. In the CA. the SAN field must be set for the root CA certificate and then reissued Answer: A Question #:3 A security engineer is deploying an IdP to broker authentication between applications. These applications all Find Everything , Exactly in your Exam 1 of 7 Exact Questions CompTIA - CAS-003 utilize SAML 2.0 for authentication. Users log into the IdP with their credentials and are given a list of applications they may access. One of the application’s authentications is not functional when a user initiates an authentication attempt from the IdP. The engineer modifies the configuration so users browse to the application first, which corrects the issue. Which of the following BEST describes the root cause? A. The application only supports SP-initiated authentication. B. The IdP only supports SAML 1.0 C. There is an SSL certificate mismatch between the IdP and the SaaS application. D. The user is not provisioned correctly on the IdP. Answer: A Question #:4 A penetration tester is trying to gain access to a remote system. The tester is able to see the secure login page and knows one user account and email address, but has not yet discovered a password. Which of the following would be the EASIEST method of obtaining a password for the known account? A. Man-in-the-middle B. Reverse engineering C. Social engineering D. Hash cracking Answer: C Question #:5 A SaaS-based email service provider often receives reports from legitimate customers that their IP netblocks are on blacklists and they cannot send email. The SaaS has confirmed that affected customers typically have IP addresses within broader network ranges and some abusive customers within the same IP ranges may have performed spam campaigns. Which of the following actions should the SaaS provider perform to minimize legitimate customer impact? A. Inform the customer that the service provider does not have any control over third-party blacklist entries. The customer should reach out to the blacklist operator directly B. Perform a takedown of any customer accounts that have entries on email blacklists because this is a strong indicator of hostile behavior C. Work with the legal department and threaten legal action against the blacklist operator if the netblocks Find Everything , Exactly in your Exam 2 of 7 Exact Questions CompTIA - CAS-003 C. are not removed because this is affecting legitimate traffic D. Establish relationship with a blacklist operators so broad entries can be replaced with more granular entries and incorrect entries can be quickly pruned Answer: D Question #:6 A security analyst sees some suspicious entries in a log file from a web server website, which has a form that allows customers to leave feedback on the company’s products. The analyst believes a malicious actor is scanning the web form. To know which security controls to put in place, the analyst first needs to determine the type of activity occurring to design a control. Given the log below: Find Everything , Exactly in your Exam 3 of 7 Exact Questions CompTIA - CAS-003 Which of the following is the MOST likely type of activity occurring? A. SQL injection B. XSS scanning C. Fuzzing D. Brute forcing Answer: A Find Everything , Exactly in your Exam 4 of 7 Exact Questions CompTIA - CAS-003 Question #:7 A pharmacy gives its clients online access to their records and the ability to review bills and make payments. A new SSL vulnerability on a special platform was discovered, allowing an attacker to capture the data between the end user and the web server providing these services. After invest the new vulnerability, it was determined that the web services providing are being impacted by this new threat. Which of the following data types a MOST likely at risk of exposure based on this new threat? (Select TWO) A. Cardholder data B. intellectual property C. Personal health information D. Employee records E. Corporate financial data Answer: A C Question #:8 Given the code snippet below: Find Everything , Exactly in your Exam 5 of 7 Exact Questions CompTIA - CAS-003 Which of the following vulnerability types in the MOST concerning? A. Only short usernames are supported, which could result in brute forcing of credentials. B. Buffer overflow in the username parameter could lead to a memory corruption vulnerability. C. Hardcoded usernames with different code paths taken depend on which user is entered. D. Format string vulnerability is present for admin users but not for standard users. Answer: B Question #:9 Find Everything , Exactly in your Exam 6 of 7 Exact Questions CompTIA - CAS-003 A security assessor is working with an organization to review the policies and procedures associated with managing the organization’s virtual infrastructure. During a review of the virtual environment, the assessor determines the organization is using servers to provide more than one primary function, which violates a regulatory requirement. The assessor reviews hardening guides and determines policy allows for this configuration. It would be MOST appropriate for the assessor to advise the organization to: A. segment dual-purpose systems on a hardened network segment with no external access B. assess the risks associated with accepting non-compliance with regulatory requirements C. update system implementation procedures to comply with regulations D. review regulatory requirements and implement new policies on any newly provisioned servers Answer: A Question #:10 A database administrator is required to adhere to and implement privacy principles when executing daily tasks. A manager directs the administrator to reduce the number of unique instances of PII stored within an organization’s systems to the greatest extent possible. Which of the following principles is being demonstrated? A. Administrator accountability B. PII security C. Record transparency D. Data minimization Answer: D Find Everything , Exactly in your Exam 7 of 7 About exactinside.com exactinside.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests. We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. View list of all certification exams: All vendors We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below. Sales: firstname.lastname@example.org Feedback: email@example.com Support: firstname.lastname@example.org Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.