CompTIA CASP (CAS-003) Certification Sample Questions

CASP Dumps, CAS-003 Dumps, CAS-003 PDF, CASP VCE, CompTIA CAS-003 VCEThe purpose of this Sample Question Set is to provide you with information about the CompTIA Advanced Security Practitioner exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CAS-003 certification test. To get familiar with real exam environment, we suggest you try our Sample CompTIA CASP Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual CompTIA Advanced Security Practitioner (CASP) certification exam.

These sample questions are simple and basic questions that represent likeness to the real CompTIA CAS-003 exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium CompTIA CASP Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.

CompTIA CAS-003 Sample Questions:

01. As a condition of being awarded a new contract, an organization must increase the security of its VPN ensuring that one compromised SA session key cannot be used to compromise any other sessions.
Which of the following could be configured to meet this requirement?
a) Opportunistic encryption
b) Pseudo-random number generator
c) Dual-factor authentication
d) Perfect forward secrecy
 
02. An IT Manager has requested that specific files stored on the company SAN containing data which is not protected by patent law, but is classified as trade secret encrypted with a block cipher which is both secure and fast.
Which of the following BEST satisfies the request?
a) Blowfish
b) MD5
c) Triple-DES
d) RC4
 
03. During a routine security assessment of a network, the security administrator discovers a user workstation with multiple SSH connections to servers outside the corporate network.
Using a protocol analyzer, the administrator identifies hundreds of gigabytes of information being transferred to an external server via SCP. After identifying the user, the administrator discovers that today is the user’s last day of employment, and that the employee is going to work for a competitor.
Which of the following tactics is being used to steal company secrets?
a) Logic bomb
b) SSH worm
c) Data exfiltration
d) Privilege escalation
e) SAML exploit
 
04. A new system has recently been built using the SSDLC process and is in the validation process to ensure the system is behaving correctly.
During this process, the development team notices that the system is behaving as it should, except for a few minor internal application bugs. Which of the following validation types would be a result of this issue?
a) Application interface validation
b) Code validation
c) Functional validation
d) Requirements validation
 
05. When considering security requirements which require third party vendor requests, which of the following is a correctly ordered set of events from start to finish?
a) RFP, RFQ, RFC
b) RFI, RFQ, RFP
c) RFP, RFQ, RFI
d) RFC, RFT
 
06. An administrator uses an iSCSI unencrypted connection over the corporate network. Which of the following vulnerabilities would be present in regards to iSCSI authentication?
a) Authentication uses the older TACACS protocol and is vulnerable to a botnet attack.
b) Authentication is vulnerable to a dictionary attack.
c) iSCSI uses LDAP authentication in plain text, which can be easily compromised.
d) Kerberos authentication would not be supported on Linux hosts.
 
07. A security administrator notices a network intrusion and quickly solves the problem by closing an unused port. Which of the following should be completed?
a) After action report
b) ELA
c) MOA
d) Reverse engineering incident report
 
08. Which of the following practices is MOST likely employed during e-discovery?
a) Legal hold and chain of custody
b) Risk mitigation and policy generation
c) Network enumeration and fingerprinting
d) Data deduplication and hashing
 
09. A new Chief Information Officer’s (CIO’s) primary initiative is to reduce risk and the number of vulnerabilities affecting an organization. Which of the following reduces the number of locations to patch internal applications?
a) Provide application access through a VDI
b) Host applications using terminal services
c) Implement an enterprise patch management solution
d) Convert applications to leverage hosted cloud computing
 
10. A server administrator needs to find a web service that will allow most systems to communicate over HTTP using an XML based protocol. Which of the following communication methods will allow this?
a) SOAP
b) XACML
c) SSO
d) SAML

Answers:

Question: 01
Answer: d
Question: 02
Answer: a
Question: 03
Answer: c
Question: 04
Answer: b
Question: 05
Answer: b
Question: 06
Answer: b
Question: 07
Answer: a
Question: 08
Answer: a
Question: 09
Answer: b
Question: 10
Answer: a

Note: For any error in CompTIA Advanced Security Practitioner (CASP) (CAS-003) certification exam sample questions, please update us by writing an email on feedback@edusum.com.

Rating: 4.9 / 5 (25 votes)