Microsoft
Amazon
CompTIA
Salesforce
Cisco®
SAP
PMI
ISC
ISACA
VMware
HP
Palo Alto Networks
EC-Council
LPI
Google
Fortinet
All Vendors
  2. Home
  3. Exam List
  4. CompTIA
  5. CAS-003

CompTIA Advanced Security Practitioner (CASP)
CAS-003 Exam

A systems administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server. Which of the following steps should the administrator take NEXT?

  1. Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2
  2. Immediately encrypt all PHI with AES-256
  3. Delete all PHI from the network until the legal department is consulted
  4. Consult the legal department to determine legal requirements

Answer(s): B



A Chief Information Security Officer (CISO) is reviewing the results of a gap analysis with an outside cybersecurity consultant. The gap analysis reviewed all procedural and technical controls and found the following:

-High-impact controls implemented: 6 out of 10
-Medium-impact controls implemented: 409 out of 472
-Low-impact controls implemented: 97 out of 1000

The report includes a cost-benefit analysis for each control gap. The analysis yielded the following information:
-Average high-impact control implementation cost: $15,000; Probable ALE for each high-impact control gap: $95,000
-Average medium-impact control implementation cost: $6,250; Probable ALE for each medium-impact control gap: $11,000

Due to the technical construction and configuration of the corporate enterprise, slightly more than 50% of the medium-impact controls will take two years to fully implement. Which of the following conclusions could the CISO draw from the analysis?

  1. Too much emphasis has been placed on eliminating low-risk vulnerabilities in the past
  2. The enterprise security team has focused exclusively on mitigating high-level risks
  3. Because of the significant ALE for each high-risk vulnerability, efforts should be focused on those controls
  4. The cybersecurity team has balanced residual risk for both high and medium controls

Answer(s): C



After investigating virus outbreaks that have cost the company $1000 per incident, the company’s Chief Information Security Officer (CISO) has been researching new antivirus software solutions to use and be fully supported for the next two years. The CISO has narrowed down the potential solutions to four candidates that meet all the company’s performance and capability requirements:


Using the table above, which of the following would be the BEST business-driven choice among the five possible solutions?

  1. Product A
  2. Product B
  3. Product C
  4. Product D
  5. Product E

Answer(s): D



A financial consulting firm recently recovered from some damaging incidents that were associated with malware installed via rootkit. Post-incident analysis is ongoing, and the incident responders and systems administrators are working to determine a strategy to reduce the risk of recurrence. The firm’s systems are running modern operating systems and feature UEFI and TPMs. Which of the following technical options would provide the MOST preventive value?

  1. Update and deploy GPOs
  2. Configure and use measured boot
  3. Strengthen the password complexity requirements
  4. Update the antivirus software and definitions

Answer(s): D




Jessica
Thanks to this site! i passed my 310-055 exam with 90%
- UNITED STATES
Upvote


George
I passed my VCP Exam this week with an 87. I hadn't taken a cert exam in 10 years. Your product was very helpful and helped me hone the areas where I was lacking. Thank you.
- UNITED ARAB EMIRATES
Upvote


David B.
I would like to thank this site for the great support and passing 920-105 exam with excellent result. Thanks once again!
- UNITED STATES
Upvote


Bruce Gord
Thanks Well I just passed the exam with high score. Anyway, thanks for providing the good material.
- Malaysia
Upvote


Parag
Hi, Let me appreciate your Study Guide. I passed the exam with 92%. All the questions were from the study guide. I am still wondering where I went wrong for not scoring 100%. I will not hesitate to recommend your site to my friends and colleagues. Thanks
- UNITED STATES
Upvote


J M
Hello, I purchased your 640-801 last week and I was able to pass my exam with 96%. The questions were all the same. I wondering how you guys do it? Keep up the good job. I appreciate your service and your best price. Thanks
- UNITED STATES
Upvote

Read more ...