CompTIA Advanced Security Practitioner (CASP) CAS-003

Here you have the best CompTIA CAS-003 practice exam questions

You have 473 total questions to study from
Each page has 5 questions, making a total of 95 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on October 27, 2025
This site is not affiliated with or endorsed by CompTIA.

Question 1 of 473

DRAG DROP -
Drag and drop the cloud deployment model to the associated use-case scenario. Options may be used only once or not at all.
Select and Place:
Exam CAS-003: Question 1 - Image 1

Correct Answer:

Question 2 of 473

DRAG DROP -
A security consultant is considering authentication options for a financial institution. The following authentication options are available. Drag and drop the security mechanism to the appropriate use case. Options may be used once.
Select and Place:
Exam CAS-003: Question 2 - Image 1

Correct Answer:

Question 3 of 473

A company's Chief Operating Officer (COO) is concerned about the potential for competitors to infer proprietary information gathered from employees' social media accounts.

Which of the following methods should the company use to gauge its own social media threat level without targeting individual employees?

Utilize insider threat consultants to provide expertise.

Require that employees divulge social media accounts.

Leverage Big Data analytical algorithms.

Perform social engineering tests to evaluate employee awareness.

Correct Answer: C

Leverage Big Data analytical algorithms is the best method for the company to gauge its social media threat level without targeting individual employees. Using Big Data analytics can help identify patterns and gather insights from publicly available social media data, allowing the company to assess potential threats and understand the kind of information that might be inferred by competitors. This approach does not require targeting specific individuals but rather focuses on analyzing large sets of data to identify trends and potential vulnerabilities.

Question 4 of 473

DRAG DROP -
A security administrator must configure the database server shown below to comply with the four requirements listed. Drag and drop the appropriate ACL that should be configured on the database server to its corresponding requirement. Answer options may be used once or not at all.
Exam CAS-003: Question 4 - Image 1

Select and Place:
Exam CAS-003: Question 4 - Image 2

Correct Answer:

Question 5 of 473

A security administrator is hardening a TrustedSolaris server that processes sensitive data. The data owner has established the following security requirements:
✑ The data is for internal consumption only and shall not be distributed to outside individuals
✑ The systems administrator should not have access to the data processed by the server
✑ The integrity of the kernel image is maintained

Which of the following host-based security controls BEST enforce the data owner's requirements? (Choose three.)

SELinux

DLP

HIDS

Host-based firewall

Measured boot

Data encryption

Watermarking

Correct Answer: A, B, E

To harden a TrustedSolaris server that processes sensitive data and enforce the data owner's requirements, the following host-based security controls are recommended: SELinux, DLP, and Measured Boot. SELinux (Security-Enhanced Linux) is excellent for enforcing strict access controls, ensuring that the systems administrator does not have access to the data processed by the server. DLP (Data Loss Prevention) ensures that the data is not distributed to outside individuals and remains for internal consumption only. Measured Boot maintains the integrity of the kernel image by ensuring it has not been tampered with during the boot process.