CAS-003CompTIA Advanced Security Practitioner (CASP+)
791 Questions and Answers Experienced specialists selected 791 questions for this exam. All answers are verified to ensure correctness.
Last Updated Jan 22, 2024 Ace your exams with our consistently updated CAS-003 exam dumps.
PDF Demo Download Download free PDF demos and try sample questions before purchase
Exam retired, new exam code replace: CAS-004
CAS-003 Last Month Results
CAS-003 Online Practice Questions and Answers
Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote
site. The Telco router interface uses the 192.10.5.0/30 IP range.
Instructions: Click on the simulation button to refer to the Network Diagram for Company A.
Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.
Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.
Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.
Hot Area:
A technician is configuring security options on the mobile device manager for users who often utilize public Internet connections while travelling. After ensuring that full disk encryption is enabled, which of the following security measures should the technician take? (Choose two.)
A. Require all mobile device backups to be encrypted
B. Ensure all mobile devices back up using USB OTG
C. Issue a remote wipe of corporate and personal partitions
D. Restrict devices from making long-distance calls during business hours
E. Implement an always-on VPN
A security analyst receives an email from a peer that includes a sample of code from a piece of malware found in an application running in the organization's staging environment. During the incident response process, it is determined the code was introduced into the environment as a result of a compromised laptop being used to harvest credentials and access the organization's code repository. While the laptop itself was not used to access the code repository, an attacker was able to leverage the harvested credentials from another system in the development environment to bypass the ACLs limiting access to the repositories. Which of the following controls MOST likely would have interrupted the kill chain in this attack?
A. IP whitelisting on the perimeter firewall
B. MFA for developer access
C. Dynamic analysis scans in the production environment
D. Blue team engagement in peer-review activities
E. Time-based restrictions on developer access to code repositories
