[27-Dec-2021] New CASP CAS-003 Dumps with VCE and PDF from PassLeader (New Questions)

PassLeader released the NEWEST CompTIA CAS-003 exam dumps recently! Both CAS-003 VCE dumps and CAS-003 PDF dumps are available on PassLeader, either CAS-003 VCE dumps or CAS-003 PDF dumps have the NEWEST CAS-003 exam questions in it, they will help you passing CompTIA CAS-003 exam easily! You can download the valid CAS-003 dumps VCE and PDF from PassLeader here: https://www.passleader.com/cas-003.html (863 Q&As Dumps –> 894 Q&As Dumps –> 974 Q&As Dumps)

Also, previewing the NEWEST PassLeader CAS-003 dumps online for free on Google Drive: https://drive.google.com/open?id=1bfoVeMAPqLPPEtiIibD38-i-xMle-2O0

An aircraft manufacturer is developing software that will perform automatic flight control (auto-pilot). Given the high safety criticality of the software, the developer can BEST prove software correctness to a requirement’s specification by employing ____.

A.    static code analyzers
B.    formal methods
C.    test harnesses
D.    dynamic analysis methods

Answer: B

An application developer is including third-party backported security fixes in an application. The fixes seem to resolve a currently identified security issue. However, when the application is released to the public, reports come in that a previously resolved vulnerability has returned. Which of the following should the developer integrate into the process to BEST prevent this type of behavior?

A.    Peer review.
B.    Regression testing.
C.    User acceptance.
D.    Dynamic analysis.

Answer: B

A security engineer at a company is designing a system to mitigate recent setbacks caused by competitors that are beating the company to market with new products. Several of the products incorporate proprietary enhancements developed by the engineer’s company. The network already includes a SIEM and a NIPS and requires 2FA for all user access. Which of the following systems should the engineer consider NEXT to mitigate the associated risks?

A.    DLP.
B.    Mail gateway.
C.    Data flow enforcement.
D.    UTM.

Answer: A

Which of the following risks does expanding business into a foreign country carry?

A.    Data sovereignty laws could result in unexpected liability.
B.    Export controls might decrease software costs.
C.    Data ownership might revert to the regulatory entities in the new country.
D.    Some security tools might be monitored by legal authorities.

Answer: C

Following a recent disaster, a business activates its DRP. The business is operational again within 60 minutes. The business has multiple geographically dispersed locations that have similar equipment and operational capabilities. Which of the following strategies has the business implemented?

A.    Cold site.
B.    Reciprocal agreement.
C.    Recovery point objective.
D.    Internal redundancy.

Answer: C

A corporation with a BYOD policy is very concerned about issues that may arise from data ownership. The corporation is investigating a new MDM solution and has gathered the following requirements as part of the requirements-gathering phase:
– Each device must be issued a secure token of trust from the corporate PKI.
– All corporate applications and local data must be able to be deleted from a central console.
– Access to corporate data must be restricted on international travel.
– Devices must be on the latest OS version within three weeks of an OS release.
Which of the following should be features in the new MDM solution to meet these requirements? (Choose two.)

A.    Application-based containerization.
B.    Enforced full-device encryption.
C.    Geofencing.
D.    Application allow listing.
E.    Biometric requirement to unlock device.
F.    Over-the-air update restriction.

Answer: AC

A security engineer needs to implement controls that will prevent the theft of data by insiders who have valid credentials. Recent incidents were carried out with mobile and wearable devices that were used as transfer vectors. In response, USB data transfers are now tightly controlled and require executive authorization. Which of the following controls will further reduce the likelihood of another data theft?

A.    Limit the ability to transfer data via Bluetooth connections.
B.    Move the enterprise to a BYOD or COPE policy.
C.    Deploy strong transit encryption across the enterprise.
D.    Implement time-based restrictions on data transfers.

Answer: A

During an audit, an information security analyst discovers accounts that are still assigned to employees who no longer work for the company and new accounts that need to be verified against a list of authorized users. This type of auditing supports the development of ____.

A.    information classification
B.    continuous monitoring
C.    employment and termination procedures
D.    least privilege

Answer: C

A Chief Information Security Officer (CISO) wants to obtain data from other organizations in the same industry related to recent attacks against industry targets. A partner firm in the industry provides information that discloses the attack vector and the affected vulnerability that impacted other firms. The CISO then works with that firm’s CERT to evaluate the organization for applicability associated with the intelligence provided. This activity is an example of ____.

A.    an emerging threat feed
B.    a risk analysis
C.    a zero-day vulnerability
D.    threat modeling
E.    machine learning
F.    Big Data

Answer: D

Several corporate users returned from an international trip with compromised operating systems on their cellular devices. Additionally, intelligence reports confirm some international carriers are able to modify firmware unexpectedly even when the MDM policy is set to disable FOTA updates. Which of the following mitigations is operationally feasible and MOST likely to reduce the risk of firmware compromise by a carrier while traveling internationally?

A.    Disable the ability to connect to third-party application stores.
B.    Disable the smartphone’s cellular radio and require the use of WiFi.
C.    Enforce the use of an always-on SSL VPN with FIPS-validated encryption.
D.    Issue device PKI certificates to ensure mutual authentication.

Answer: D

The Chief Information Security Officer (CISO) of a power generation facility is concerned about being able to detect missing security updates on the critical infrastructure in use at the facility. Most of this critical infrastructure consists of ICS and SCADA systems that are maintained by vendors, and the vendors have warned the CISO that proxying network traffic is likely to cause a DoS condition. Which of the following would be BEST to address the CISO’s concerns while keeping the critical systems functional?

A.    Configuring the existing SIEM to ingest all log files properly.
B.    Implementing a passive vulnerability scanning solution.
C.    Deploying a data diode for internal websites.
D.    Adding more frequent antivirus and anti-malware signature updates.
E.    Adjusting file access rules to use the concept of least privilege.

Answer: C

Which of the following controls primarily detects abuse of privilege but does not prevent it?

A.    Offboarding.
B.    Separation of duties.
C.    Least privilege.
D.    Job rotation.

Answer: A

A company has a DLP system with the following capabilities:
– Text examination.
– Optical character recognition.
– File type validation.
– Multilingual translation of key words and phrases.
– Blocking of content encrypted with a known cipher.
– Examination of all egress points.
Despite the existing protections, a malicious insider was able to exfiltrate confidential information. DLP logs show the malicious insider transferred a number of JPEG files to an external host, but each of those files appears as negative for the presence of confidential information. Which of the following are the MOST likely explanations for this issue? (Choose two.)

A.    Translating the confidential information from English into Farsi and then into French to avoid detection.
B.    Scrambling the confidential information using a proprietary obfuscation scheme before sending the files via email.
C.    Changing the extension of Word files containing confidential information to .jpg and uploading them to a file sharing site.
D.    Printing the documents to TIFF images and attaching the files to outbound email messages.
E.    Leveraging stenography to hide the information within the JPEG files.
F.    Placing the documents containing sensitive information into an AES-256 encrypted compressed archive files and using FTP to send them to an outside host.

Answer: BE

A developer is concerned about input validation for a newly created shopping-cart application, which will be released soon on a popular website. Customers were previously able to manipulate the shopping cart so they could receive multiple items while only paying for one item. This resulted in large losses. Which of the following would be the MOST efficient way to test the shopping cart and address the developer’s concerns?

A.    Log analysis.
B.    Dynamic analysis.
C.    Vulnerability assessment.
D.    Gray-box testing.
E.    Gray-box testing.

Answer: E

A factory-floor system uses critical, legacy, and unsupported application software to enable factory operations. A latent vulnerability was recently exposed, which permitted attackers to send a specific string of characters followed by arbitrary code for execution. Patches are unavailable, as the manufacturer is no longer in business. Which of the following would be the BEST approach the company should take to mitigate the risk of this vulnerability and other latent vulnerability exploits? (Choose two.)

A.    Configure a host-based firewall on the application server and restrict access to necessary ports and services.
B.    Create a factory-floor enclave segregated from direct LAN/WAN reachability.
C.    Implement a proxy that will sanitize input provided to the application.
D.    Install server-side X.509 certificates and enable TLS 1.0 or later for client access.
E.    Install network and host-based IDS, feeding logs to SIEM, and alerts to SOC operators.
F.    Create a hunt team focused on the factory-floor operations.

Answer: BC

A company deploys a system to use device and user certificates for network authentication. Previously, the company only used separate certificates to send/receive encrypted email. Users have begun notifying the help desk because they cannot read encrypted email. Which of the following is the MOST likely cause of the issues?

A.    The attestation service is not configured to accept the new certificates.
B.    The device certificates have the S/MIME attribute selected.
C.    The sending mail client is selecting the wrong public key to encrypt messages.
D.    Multiple device certificates are associated with the same network port.

Answer: C

A security team wants to keep up with emerging threats more efficiently by automating NIDS signature development and deployment. Which of the following approaches would BEST support this objective?

A.    Use open-source intelligence sources to gather current information on adversary networks/systems.
B.    Subscribe to a commercial service provider that publishes IOCs.
C.    Monitor cyberthreat newsgroups and translate articles into IDS/IPS rulesets.
D.    Configure NIDS to operate inline and use a DNS whitelist.

Answer: B

A newly hired employee is trying to complete online training. When the employee logs on to the third-party service for training using known-good credentials through a SAML-based mechanism, an error message appears regarding the account. Which of the following is MOST likely occurring?

A.    The third-party service does not support special characters in passwords.
B.    The new employee’s user account is not listed properly by the IdP.
C.    The service provider is not verifying the user account exists in the directory.
D.    The user agent string is not listing the correct information.

Answer: D

A product owner is working with a security engineer to improve the security surrounding certificate revocation, which is important for the clients using a web application. The organization is currently using a CRL configuration to manage revocation, but it is looking for a solution that addresses the reporting delays associated with CRLs. The security engineer recommends OCSP, but the product owner is concerned about the overhead associated with its use. Which of the following would the security engineer MOST likely suggest to address the product owner’s concerns?

A.    Key escrow can be used on the WAF.
B.    S/MIME can be used in lieu of OCSP.
C.    Stapling should be used with OCSP.
D.    The organization should use wildcard certificates.

Answer: C

A security analyst is investigating an alert arising from an impossible travel pattern. Within the span of 30 minutes, the email system saw successful authentication from two IP addresses, which geolocate more than 500mi (805km) away from each other. Before locking the account, which of the following actions should the analyst take?

A.    Verify email server NTP synchronization status.
B.    Validate GeoIP data source.
C.    Review VPN authentication logs.
D.    Verify the user’s recent travel activities.

Answer: C


Welcome to choose PassLeader CAS-003 dumps for 100% passing CompTIA CAS-003 exam: https://www.passleader.com/cas-003.html (863 Q&As VCE Dumps and PDF Dumps –> 894 Q&As VCE Dumps and PDF Dumps –> 974 Q&As VCE Dumps and PDF Dumps)

Also, previewing the NEWEST PassLeader CAS-003 dumps online for free on Google Drive: https://drive.google.com/open?id=1bfoVeMAPqLPPEtiIibD38-i-xMle-2O0