Microsoft
Amazon
CompTIA
Salesforce
Cisco®
SAP
PMI
ISC
ISACA
VMware
HP
Palo Alto Networks
EC-Council
LPI
Google
Fortinet
All Vendors
  2. Home
  3. Exam List
  4. CompTIA
  5. CAS-003

CompTIA Advanced Security Practitioner (CASP)
CAS-003 Exam

An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live. The web host administrator collects the log files below and gives them to the development team so improvements can be made to the security design of the website.


Which of the following types of attack vectors did the penetration tester use?

  1. SQL injection
  2. CSRF
  3. Brute force
  4. XSS
  5. TOC/TOU

Answer(s): B



The Chief Information Security Officer (CISO) for an organization wants to develop custom IDS rulesets faster, prior to new rules being released by IDS vendors. Which of the following BEST meets this objective?

  1. Identify a third-party source for IDS rules and change the configuration on the applicable IDSs to pull in the new rulesets
  2. Encourage cybersecurity analysts to review open-source intelligence products and threat database to generate new IDS rules based on those sources
  3. Leverage the latest TCP- and UDP-related RFCs to arm sensors and IDSs with appropriate heuristics for anomaly detection
  4. Use annual hacking conventions to document the latest attacks and threats, and then develop IDS rules to counter those threats

Answer(s): B



A user workstation was infected with a new malware variant as a result of a drive-by download. The security administrator reviews key controls on the infected workstation and discovers the following:


Which of the following would BEST prevent the problem from reoccurring in the future? (Choose two.)

  1. Install HIPS
  2. Enable DLP
  3. Install EDR
  4. Install HIDS
  5. Enable application blacklisting
  6. Improve patch management processes

Answer(s): B,E



An engineer is assisting with the design of a new virtualized environment that will house critical company services and reduce the datacenter’s physical footprint. The company has expressed concern about the integrity of operating systems and wants to ensure a vulnerability exploited in one datacenter segment would not lead to the compromise of all others. Which of the following design objectives should the engineer complete to BEST mitigate the company’s concerns? (Choose two.)

  1. Deploy virtual desktop infrastructure with an OOB management network
  2. Employ the use of vTPM with boot attestation
  3. Leverage separate physical hardware for sensitive services and data
  4. Use a community CSP with independently managed security services
  5. Deploy to a private cloud with hosted hypervisors on each physical machine

Answer(s): A,C




Rose
I passed that exam the first time. And I thank you folks for that. I could not have passed it with out your help.
- South Africa
Upvote


Shourya
I've just done my exam and passed (890) - your materials are spot on.
- UNITED STATES
Upvote


90%
I have sat and passed.
- Haidarabad
Upvote


Jessica
Thanks to this site! i passed my 310-055 exam with 90%
- UNITED STATES
Upvote


George
I passed my VCP Exam this week with an 87. I hadn't taken a cert exam in 10 years. Your product was very helpful and helped me hone the areas where I was lacking. Thank you.
- UNITED ARAB EMIRATES
Upvote


David B.
I would like to thank this site for the great support and passing 920-105 exam with excellent result. Thanks once again!
- UNITED STATES
Upvote


Bruce Gord
Thanks Well I just passed the exam with high score. Anyway, thanks for providing the good material.
- Malaysia
Upvote


Parag
Hi, Let me appreciate your Study Guide. I passed the exam with 92%. All the questions were from the study guide. I am still wondering where I went wrong for not scoring 100%. I will not hesitate to recommend your site to my friends and colleagues. Thanks
- UNITED STATES
Upvote


J M
Hello, I purchased your 640-801 last week and I was able to pass my exam with 96%. The questions were all the same. I wondering how you guys do it? Keep up the good job. I appreciate your service and your best price. Thanks
- UNITED STATES
Upvote

Read more ...