New Updated CAS-003 Exam Questions from PassLeader CAS-003 PDF dumps! Welcome to download the newest PassLeader CAS-003 VCE dumps: https://www.passleader.com/cas-003.html (436 Q&As)
Keywords: CAS-003 exam dumps, CAS-003 exam questions, CAS-003 VCE dumps, CAS-003 PDF dumps, CAS-003 practice tests, CAS-003 study guide, CAS-003 braindumps, CompTIA Advanced Security Practitioner (CASP) Exam
P.S. New CAS-003 dumps PDF: https://drive.google.com/open?id=1bfoVeMAPqLPPEtiIibD38-i-xMle-2O0
NEW QUESTION 411
A security engineer is deploying an IdP to broker authentication between applications. These applications all utilize SAML 2.0 for authentication. Users log into the IdP with their credentials and are given a list of applications they may access. One of the application’s authentications is not functional when a user initiates an authentication attempt from the IdP. The engineer modifies the configuration so users browse to the application first, which corrects the issue. Which of the following BEST describes the root cause?
A. The application only supports SP-initiated authentication.
B. The IdP only supports SAML 1.0.
C. There is an SSL certificate mismatch between the IdP and the SaaS application.
D. The user is not provisioned correctly on the IdP.
NEW QUESTION 412
A security manager recently categorized an information system. During the categorization effort, the manager determined the loss of integrity of a specific information type would impact business significantly. Based on this, the security manager recommends the implementation of several solutions. Which of the following, when combined, would BEST mitigate this risk? (Choose two.)
A. Access control
E. Boot attestation
NEW QUESTION 413
A penetration test is being scoped for a set of web services with API endpoints. The APIs will be hosted on existing web application servers. Some of the new APIs will be available to unauthenticated users, but some will only be available to authenticated users. Which of the following tools or activities would the penetration tester MOST likely use or do during the engagement? (Choose two.)
A. Static code analyzer
B. Intercepting proxy
C. Port scanner
D. Reverse engineering
E. Reconnaissance gathering
F. User acceptance testing
NEW QUESTION 414
As part of the development process for a new system, the organization plans to perform requirements analysis and risk assessment. The new system will replace a legacy system, which the organization has used to perform data analytics. Which of the following is MOST likely to be part of the activities conducted by management during this phase of the project?
A. Static code analysis and peer review of all application code.
B. Validation of expectations relating to system performance and security.
C. Load testing the system to ensure response times is acceptable to stakeholders.
D. Design reviews and user acceptance testing to ensure the system has been deployed properly.
E. Regression testing to evaluate interoperability with the legacy system during the deployment.
NEW QUESTION 415
A system owner has requested support from data owners to evaluate options for the disposal of equipment containing sensitive data. Regulatory requirements state the data must be rendered unrecoverable via logical means or physically destroyed. Which of the following factors is the regulation intended to address?
NEW QUESTION 416
During a criminal investigation, the prosecutor submitted the original hard drive from the suspect’s computer as evidence. The defense objected during the trial proceedings, and the evidence was rejected. Which of the following practices should the prosecutor’s forensics team have used to ensure the suspect’s data would be admissible as evidence? (Choose two.)
A. Follow chain of custody best practices.
B. Create an identical image of the original hard drive, store the original securely, and then perform forensics only on the imaged drive.
C. Use forensics software on the original hard drive and present generated reports as evidence.
D. Create a tape backup of the original hard drive and present the backup as evidence.
E. Create an exact image of the original hard drive for forensics purposes, and then place the original back in service.
NEW QUESTION 417
An organization just merged with an organization in another legal jurisdiction and must improve its network security posture in ways that do not require additional resources to implement data isolation. One recommendation is to block communication between endpoint PCs. Which of the following would be the BEST solution?
A. Installing HIDS
B. Configuring a host-based firewall
C. Configuring EDR
D. Implementing network segmentation
NEW QUESTION 418
After several industry comnpetitors suffered data loss as a result of cyebrattacks, the Chief Operating Officer (COO) of a company reached out to the information security manager to review the organization’s security stance. As a result of the discussion, the COO wants the organization to meet the following criteria:
– Blocking of suspicious websites
– Prevention of attacks based on threat intelligence
– Reduction in spam
– Identity-based reporting to meet regulatory compliance
– Prevention of viruses based on signature
– Project applications from web-based threats
Which of the following would be the BEST recommendation the information security manager could make?
A. Reconfigure existing IPS resources
B. Implement a WAF
C. Deploy a SIEM solution
D. Deploy a UTM solution
E. Implement an EDR platform
NEW QUESTION 419
A company’s chief cybersecurity architect wants to configure mutual authentication to access an internal payroll website. The architect has asked the administration team to determine the configuration that would provide the best defense against MITM attacks. Which of the folowing implementation approaches would BEST support the architect’s goals?
A. Utilize a challenge-response prompt as required input at username/password entry.
B. Implement TLS and require the client to use its own certificate during handshake.
C. Configure a web application proxy and institute monitoring of HTTPS transactions.
D. Install a reverse proxy in the corporate DMZ configured to decrypt TLS sessions.
NEW QUESTION 420
A company is not familiar with the risks associated with IPv6. The systems administrator wants to isolate IPv4 from IPv6 traffic between two different network segments. Which of the following should the company implement? (Choose two.)
A. Use an internal firewall to block UDP port 3544.
B. Disable network discovery protocol on all company routers.
C. Block IP protocol 41 using Layer 3 switches.
D. Disable the DHCPv6 service from all routers.
E. Drop traffic for ::/0 at the edge firewall.
F. Implement a 6in4 proxy server.
NEW QUESTION 421
With which of the following departments should an engineer for a consulting firm coordinate when determining the control and reporting requirements for storage of sensitive, proprietary customer information?
A. Human resources
D. Legal counsel
NEW QUESTION 422
The Chief Executive Officers (CEOs) from two different companies are discussing the highly sensitive prospect of merging their respective companies together. Both have invited their Chief Information Officers (CIOs) to discern how they can securely and digitaly communicate, and the following criteria are collectively determined:
– Must be encrypted on the email servers and clients
– Must be OK to transmit over unsecure Internet connections
Which of the following communication methods would be BEST to recommend?
A. Force TLS between domains.
B. Enable STARTTLS on both domains.
C. Use PGP-encrypted emails.
D. Switch both domains to utilize DNSSEC.
NEW QUESTION 423
A bank is initiating the process of acquiring another smaller bank. Before negotiations happen between the organizations, which of the follwing business documents would be used as the FIRST step in the process?
NEW QUESTION 424
A company wants to confirm sufficient executable space protection is in place for scenarios in which malware may be attempting buffer overflow attacks. Which of the following should the security engineer check?
NEW QUESTION 425
Which of the following describes a contract that is used to define the various levels of maintenance to be provided by an external business vendor in secure environment?
NEW QUESTION 426
Within the past six months, a company has experienced a series of attacks directed at various collaboration tools. Additionally, sensitive information was compromised during a recent security breach of a remote access session from an unsecure site. As a result, the company is requiring all collaboration tools to comply with the following:
– Secure messaging between internal users using digital signatures
– Secure sites for video-conferencing sessions
– Presence information for all office employees
– Restriction of certain types of messages to be allowed into the network
Which of the following applications must be configured to meet the new requirements? (Choose two.)
A. Remote desktop
C. Remote assistance
E. Instant messaging
F. Social media websites
NEW QUESTION 427
Following a recent data breach, a company has hired a new Chief Information Security Officer (CISO). The CISO is very concerned about the response time to the previous breach and wishes to know how the security team expects to react to a future attack. Which of the following is the BEST method to achieve this goal while minimizing disruption?
A. Perform a black box assessment.
B. Hire an external red team audit.
C. Conduct a tabletop exercise.
D. Recreate the previous breach.
E. Conduct an external vulnerability assessment.
NEW QUESTION 428
A technician is validating compliance with organizational policies. The user and machine accounts in the AD are not set to expire, which is non-compliant. Which of the following network tools would provide this type of information?
A. SIEM server
B. IDS appliance
C. SCAP scanner
D. HTTP interceptor
NEW QUESTION 429
An organization’s Chief Financial Officer (CFO) was the target of several different social engineering attacks recently. The CFO has subsequently worked closely with the Chief Information Security Officer (CISO) to increase awareness of what attacks may look like. An unexpected email arrives in the CFO’s inbox from a familiar name with an attachment. Which of the following should the CISO task a security analyst with to determine whether or not the attachment is safe?
A. Place it in a malware sandbox.
B. Perform a code review of the attachment.
C. Conduct a memory dump of the CFO’s PC.
D. Run a vulnerability scan on the email server.
NEW QUESTION 430
An organization is currently performing a market scan for managed security services and EDR capability. Which of the following business documents should be released to the prospective vendors in the first step of the process? (Choose two.)
NEW QUESTION 431
Download the newest PassLeader CAS-003 dumps from passleader.com now! 100% Pass Guarantee!
CAS-003 PDF dumps & CAS-003 VCE dumps: https://www.passleader.com/cas-003.html (436 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!)
P.S. New CAS-003 dumps PDF: https://drive.google.com/open?id=1bfoVeMAPqLPPEtiIibD38-i-xMle-2O0