Certification Exam Prep Questions For CAS-003 - CompTIA Advanced Security CASP +


QuickStart is now offering assessment questions for CompTIA Advanced Security practitioner (CASP) +. Whether you are deciding which exam to sign up for, or simply want to practice the materials necessary to complete certification for this course, we have provided a practice assessment to better aid in certification. 100% of the questions are real questions; from a recent version of the test you will take for CompTIA Advanced Security practitioner (CASP) +.


Arrow
 

1

As a security practitioner, you must ensure that the appropriate security controls are deployed in the correct locations on the network. You have been asked to create both a physical network diagram and a logical network diagram for future reference. You will also need to give a copy of these diagrams to other members of the IT department, including the network administrator. Which of the following is part of the logical network diagram ONLY?

A. trust relationships
Incorrect.
B. IP addresses
Correct!
C. device names
Incorrect.
D. device role
Incorrect.
2

When developing a security management program, which development will be the result of following a life cycle structure?

3

Your company wants to implement a cloud storage solution for files. Management has requested that you research cloud storage. All of the following are security risks associated with cloud computing, EXCEPT:

A. data recovery
Incorrect.
B. data location
Incorrect.
C. false positives
Correct!
D. regulatory compliance
Incorrect.
4

Which statements regarding system security policy are correct? (Choose all that apply.)

5

Your company has decided to deploy security templates to ensure that all computers on your network are secure. Which areas should be covered by the security templates? (Choose all that apply.)

6

You are implementing enterprise access management for your company. You need to ensure that the system you implement allows you to configure a trust with another company such that your users can access the other company's network without logging in again. What should you implement to ensure that this trust can be configured?

7

You have recently implemented several new security policies. As part of these policies, two-man controls were implemented to provide added security. Which statement best describes a two-man control?

8

As part of a new security initiative, your organization has decided that all employees must undergo security awareness training. What is the aim of this training?

9

For security reasons, management has decided that all e-mail communication must use digital signatures. You must implement a solution that provides digital signatures for e-mail. What should you do?

10

Your organization has purchased a new security device. You have determined that the MTBF is six months and the tv1TTR is one day. The cost for each failure is estimated to be $5.000. The vendor has offered your organization a three-year maintenance plan for $7,500 per year. You could also purchase another identical device to act as backup for $20.000. Another option is to hire a security practitioner that will be tasked with maintaining the security devices on the network for an annual salary of $45,000. You must protect your organization against the risk of failure in the most cost-efficient manner as possible. What should you do?

11

As the security administrator for your organization, you are responsible for ensuring that the organization's enterprise is protected. Recently, your organization has adopted a new mobile device policy. As part of this policy, all employees will be issued mobile phones and tablets. Employees will be able to use these devices from any location. However, you are concerned that these devices can be lost or stolen. You need to deploy an appropriate security control for this problem. What should you deploy?

A. geo-location
Correct!
B. RFID
Incorrect.
C. geo-tagging
Incorrect.
D. geo-fencing
Incorrect.
12

Your organization needs to deploy a new Gigabit network segment for the research department. Senior management has requested that network collisions on the new segment be prevented. The research department manager has requested that the full network bandwidth be available for each connection. When a device on the segment fails, you need to ensure that the other devices are able to operate normally. What should you do?

13

Recently, your organization's network was attacked when a hacker used promiscuous mode for data analysis. Which type of attacked occurred?

A. packet sniffing
Correct!
B. traffic analysis
Incorrect.
C. known plain text
Incorrect.
D. syn flood
Incorrect.
14

Management has notified you that the mean time to repair (MTTR) for a critical hard drive is too high. You need to address this issue with the least amount of expense. What should you do?

15

You have discovered that 25% of your organization's computers have been attacked. As a result, these computers were used as part of a distributed denial of service (DDoS) attack. To what classification or area do the compromised computers belong?

A. botnet
Correct!
B. honeypot
Incorrect.
C. DMZ
Incorrect.
D. VPN
Incorrect.
16

Your company has recently acquired a competitor. As part of the acquisition, management has asked you to develop a plan to merge the two networks. Management wants you to ensure that confidential information is protected during the merge. You need to ensure that the company has taken reasonable measures to protect its confidential information and employees. What are you providing?

A. due responsibility
Incorrect.
B. due care
Correct!
C. due diligence
Incorrect.
D. due obligation
Correct!
17

Your organization has implemented Web Services Security (WS-Security) in all its Web applications. What is NOT provided with this Simple Object Access Protocol (SOAP) extension?

A. non-repudiation
Incorrect.
B. availability
Correct!
C. confidentiality
Incorrect.
D. integrity
Incorrect.
18

You need to identify authorized users involved in unauthorized activities. Which control is best used?

A. detective control
Correct!
B. preventive control
Incorrect.
C. media control
Incorrect.
D. physical control
Incorrect.
19

You are creating a document that solicitis information about a product that your company may need to buy. Which document are you creating?

A. RGQ
Incorrect.
B. RFI
Correct!
C. IFB
Incorrect.
D. RFP
Incorrect.
20

The CEO of a large organization wants to streamline security operations by limiting the number of security devices on the network. The CEO heard about endpoint detection and response software and thinks that it can replace a number of existing security products. He tells the CISO what he wants to do. What should the CISO tell the CEO?

21

Your company is considering using IPv6 instead of IPv4. Which improvements does IPv6 provide over IPv4? (Choose two.)

22

You have been hired as a security practitioner. The company specifically wants you to develop the enterprisea:Tms security architecture (ESA). What are the three components that make up ESA? (Choose three.)

A. Legislation
Incorrect.
B. Governance
Correct!
C. Operations Li
Correct!
D. Technology architecture
Correct!
23

You have discovered that hackers are gaining access to your WEP wireless network. After researching, you discover that the hackers are using war driving. You need to protect against this type of attack. What should you do? (Choose all that apply.)

24

Your company network has been breached. During the breach, the attacker removes incriminating data from your company's audit logs to prevent prosecution. What is this process called?

A. deleting
Incorrect.
B. scrubbing
Correct!
C. cleaning
Incorrect.
D. clearing
Incorrect.
25

You have been hired as a security consultant for a large organization. During a physical examination of the 10-floor building, you discover several possible security issues. Which conditions are security concerns? (Choose all that apply.)

26

You have recently been hired by a new company to help design their network infrastructure. As part of your job duties, you need to create administrative, physical, and technical controls for the company. Which controls are you currently creating?

A. application controls
Incorrect.
B. management controls
Correct!
C. environment controls
Incorrect.
D. system controls
Incorrect.
27

Which of the following would require an organization to complete the risk management process prior to its deployment?

28

You are researching the emerging threat sources that threaten today's organizations. As part of this research. you have been reading about ethical hackers that are hired by organizations to help increase the security of the organization's network. Which term is used for this type of hackers?

A. black hat
Incorrect.
B. white hat
Correct!
C. hactivist
Incorrect.
D. crackers
Incorrect.
29

29. Your organization wants to implement a directory services solution that uses the same data format as the X.500 directory services. What should you implement?

A. ESB
Incorrect.
B. BDAM
Incorrect.
C. LDAP
Correct!
D. SIEM
Incorrect.
30

While developing a new system, the IT department considers the system's security requirements, such as encryption. Which phase of the system development life cycle is occurring?

PDP Url

CAS-003 Sample Question - CompTIA Advanced Security practitioner (CASP) +


Self-Paced

Learning Style

Beginner

Difficulty

1 Hour

Course Duration

Certificate

See Sample

Buy Individually
About Individual Course:
  • Individual course plan gives you access to this course
$109.00
$109.00
/ Each

Outline

More Information

More Information
Lab Access No
Learning Style Self-Paced Learning
Difficulty Beginner
Course Duration 1 Hour
Language English

Reviews

Write Your Own Review
Only registered users can write reviews. Please Sign in or create an account

Contact A Learning Consultant


click here