← Back to exam page

CAS-003 CompTIA Advanced Security Practitioner (CASP) CAS-003

Loading demo links...

Showing 7–9 of 20 questions

Question 7

A security engineer has implemented an internal user access review tool so service teams can baseline user accounts and group memberships. The tool is functional and popular among its initial set of onboarded teams. However, the tool has not been built to cater to a broader set of internal teams yet. The engineer has sought feedback from internal stakeholders, and a list of summarized requirements is as follows:

The tool needs to be responsive so service teams can query it, and then perform an automated response action.

The tool needs to be resilient to outages so service teams can perform the user access review at any point in time and meet their own SLAs.

The tool will become the system-of-record for approval, reapproval, and removal life cycles of group memberships and must allow for data retrieval after failure.

Which of the following need specific attention to meet the requirements listed above? (Choose three.)

Select all that apply, then click Submit answer.

  • Scalability

  • Latency

  • Availability

  • Usability

  • Recoverability

  • Maintainability
Question 8

A company is not familiar with the risks associated with IPv6. The systems administrator wants to isolate IPv4 from IPv6 traffic between two different network segments. Which of the following should the company implement? (Choose two.)

Select all that apply, then click Submit answer.

  • Use an internal firewall to block UDP port 3544.

  • Disable network discovery protocol on all company routers.

  • Block IP protocol 41 using Layer 3 switches.

  • Disable the DHCPv6 service from all routers.

  • Drop traffic for ::/0 at the edge firewall.

  • Implement a 6in4 proxy server.
Question 9

One of the objectives of a bank is to instill a security awareness culture. Which of the following are techniques that could help to achieve this? (Choose two.)

Select all that apply, then click Submit answer.

  • Blue teaming

  • Phishing simulations

  • Lunch-and-learn

  • Random audits

  • Continuous monitoring

  • Separation of duties