Microsoft
Amazon
CompTIA
Salesforce
Cisco®
SAP
PMI
ISC
ISACA
VMware
HP
Palo Alto Networks
EC-Council
LPI
Google
Fortinet
All Vendors
  2. Home
  3. Exam List
  4. CompTIA
  5. CAS-003

CompTIA Advanced Security Practitioner (CASP)
CAS-003 Exam

A security incident responder discovers an attacker has gained access to a network and has overwritten key system files with backdoor software. The server was reimaged and patched offline. Which of the following tools should be implemented to detect similar attacks?

  1. Vulnerability scanner
  2. TPM
  3. Host-based firewall
  4. File integrity monitor
  5. NIPS

Answer(s): D



An organization is in the process of integrating its operational technology and information technology areas. As part of the integration, some of the cultural aspects it would like to see include more efficient use of resources during change windows, better protection of critical infrastructure, and the ability to respond to incidents. The following observations have been identified:

1. The ICS supplier has specified that any software installed will result in lack of support.
2. There is no documented trust boundary defined between the SCADA and corporate networks.
3. Operational technology staff have to manage the SCADA equipment via the engineering workstation.
4. There is a lack of understanding of what is within the SCADA network.

Which of the following capabilities would BEST improve the security position?

  1. VNC, router, and HIPS
  2. SIEM, VPN, and firewall
  3. Proxy, VPN, and WAF
  4. IDS, NAC, and log monitoring

Answer(s): A



A company has hired an external security consultant to conduct a thorough review of all aspects of corporate security. The company is particularly concerned about unauthorized access to its physical offices resulting in network compromises. Which of the following should the consultant recommend be performed to evaluate potential risks?

  1. The consultant should attempt to gain access to physical offices through social engineering and then attempt data exfiltration
  2. The consultant should be granted access to all physical access control systems to review logs and evaluate the likelihood of the threat
  3. The company should conduct internal audits of access logs and employee social media feeds to identify potential insider threats
  4. The company should install a temporary CCTV system to detect unauthorized access to physical offices

Answer(s): A



A server (10.0.0.2) on the corporate network is experiencing a DoS from a number of marketing desktops that have been compromised and are connected to a separate network segment. The security engineer implements the following configuration on the management router:


Which of the following is the engineer implementing?

  1. Remotely triggered black hole
  2. Route protection
  3. Port security
  4. Transport security
  5. Address space layout randomization

Answer(s): B




MD. MAZBAHUL KARIM
This is a superb site for quality exam, I really appreciate this site.
- Anonymous
Upvote


PJT
Need for preparing to Certification exam
- Anonymous
Upvote


Mohan Krishna, arevrapu
I need it please sent asap in 2 days
- INDIA
Upvote


Dan
Ans to 355 is wrong, pls have a certified to work on the answers again pls
- Anonymous
Upvote


dnllin
366 Ans Hypervisor-level software patching is wrong, should be B - Customers are responsible for managing their data (including encryption options) Why there are so many wrong answers?
- UNITED STATES
Upvote


dnllin
Q342: Which AWS service or feature for technical assistance is available to a user who has the AWS Basic Support plan? - Ans AWS senior support engineers is wrong. Should be D. Basic Support offers support for account and billing questions and service quota increases. The other plans offer a number of technical support cases with pay-by-the-month pricing and no long-term contracts.
- UNITED STATES
Upvote


Dnllin
Which AWS services or features enable users to connect on-premises networks to a VPC? (Choose two.) Answer(s): A,D. D (VPC peering) is wrong. C is correct - AWS Direct Connect. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office,
- UNITED STATES
Upvote


Lin Tzu
QUESTION: 154 - answer (D) - Transit gateway is wrong, should be C & E. Below are the components of the site to site VPN: Customer Gateway: A customer gateway is a physical device or software application on your side of the Site-to-Site VPN connection. Virtual Private Gateway: A virtual private gateway is the VPN concentrator on the AWS side of the Site-to-Site VPN connection. You create a virtual private gateway and attach it to the VPC from which you want to create the Site-to-Site VPN connection.
- Anonymous
Upvote


saritha
I have passed the exam thankyou
- UNITED STATES
Upvote


Tzu Lin
What are the benefits of consolidated billing for AWS Cloud services? (Choose two.) Answer(s): C,E C) One bill for multiple accounts E) Custom cost and usage budget creation E seems incorrect, should be A = Volume discounts (Combined usage – You can combine the usage across all accounts in the organization to share the volume pricing discounts)
- UNITED STATES
Upvote

Read more ...