Pre Black Friday Sale Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

Note! CAS-003 has been withdrawn. The new exam code is CAS-004

CAS-003 CompTIA Advanced Security Practitioner (CASP) Exam Questions and Answers

Question # 6

The Chief Executive Officer (CEO) of a fast-growing company no longer knows all the employees and is concerned about the company's intellectual property being stolen by an employee. Employees are allowed to work remotely with flexible hours, creating unpredictable schedules. Roles are poorly defined due to frequent shifting needs across the company. Which of the following new initiatives by the information security team would BEST secure the company and mitigate the CEO's concerns?

A.

Begin simulated phishing campaigns for employees and follow up with additional security awareness training.

B.

Seed company fileshares and servers with text documents containing fake passwords and then monitor for their use.

C.

Implement DLP to monitor data transfer between employee accounts and external parties and services

D.

Report data from a user-behavior monitoring tool and assign security analysts to review it daily

Full Access
Question # 7

A security appliance vendor is reviewing an RFP that is requesting solutions for the defense of a set of web-based applications. This RFP is from a financial institution with very strict performance requirements. The vendor would like to respond with its solutions.

Before responding, which of the following factors is MOST likely to have an adverse effect on the vendor’s qualifications?

A.

The solution employs threat information-sharing capabilities using a proprietary data model.

B.

The RFP is issued by a financial institution that is headquartered outside of the vendor’s own country.

C.

The overall solution proposed by the vendor comes in less that the TCO parameter in the RFP.

D.

The vendor’s proposed solution operates below the KPPs indicated in the RFP.

Full Access
Question # 8

A developer is reviewing the following transaction logs from a web application:

Username: John Doe

Street name: Main St.

Street number: