CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 101:

    The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network.

    Which of the following would BEST meet this requirement?

    A. HIPS
    B. UTM
    C. Antivirus
    D. NIPS
    E. DLP

  • Question 102:

    A company has implemented data retention policies and storage quotas in response to their legal department's requests and the SAN administrator's recommendation. The retention policy states all email data older than 90 days should be eliminated. As there are no technical controls in place, users have been instructed to stick to a storage quota of 500Mb of network storage and 200Mb of email storage. After being presented with an e-discovery request from an opposing legal council, the security administrator discovers that the user in the suit has 1Tb of files and 300Mb of email spanning over two years.

    Which of the following should the security administrator provide to opposing council?

    A. Delete files and email exceeding policy thresholds and turn over the remaining files and email.
    B. Delete email over the policy threshold and hand over the remaining emails and all of the files.
    C. Provide the 1Tb of files on the network and the 300Mb of email files regardless of age.
    D. Provide the first 200Mb of e-mail and the first 500Mb of files as per policy.

  • Question 103:

    The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage; and realizes this is a risk to the company. In response, the CISO implements a mandatory training course in which all employees are instructed on the proper use of cloud-based storage.

    Which of the following risk strategies did the CISO implement?

    A. Avoid
    B. Accept
    C. Mitigate
    D. Transfer

  • Question 104:

    An organization did not know its internal customer and financial databases were compromised until the attacker published sensitive portions of the database on several popular attacker websites. The organization was unable to determine when, how, or who conducted the attacks but rebuilt, restored, and updated the compromised database server to continue operations.

    Which of the following is MOST likely the cause for the organization's inability to determine what really occurred?

    A. Too few layers of protection between the Internet and internal network
    B. Lack of a defined security auditing methodology
    C. Poor intrusion prevention system placement and maintenance
    D. Insufficient logging and mechanisms for review

  • Question 105:

    A software development manager is taking over an existing software development project. The team currently suffers from poor communication, and this gap is resulting in an above average number of security-related bugs making it into production.

    Which of the following development methodologies involves daily stand- ups designed to improve communication?

    A. Spiral
    B. Agile
    C. Waterfall
    D. Rapid

  • Question 106:

    The Chief Information Security Officer (CISO) at a software development company is concerned about the lack of introspection during a testing cycle of the company's flagship product. Testing was conducted by a small offshore consulting

    firm and the report by the consulting firm clearly indicates that limited test cases were used and many of the code paths remained untested.

    The CISO raised concerns about the testing results at the monthly risk committee meeting, highlighting the need to get to the bottom of the product behaving unexpectedly in only some large enterprise deployments.

    The Security Assurance and Development teams highlighted their availability to redo the testing if required.

    Which of the following will provide the MOST thorough testing?

    A. Have the small consulting firm redo the Black box testing.
    B. Use the internal teams to perform Grey box testing.
    C. Use the internal team to perform Black box testing.
    D. Use the internal teams to perform White box testing.
    E. Use a larger consulting firm to perform Black box testing.

  • Question 107:

    An intruder was recently discovered inside the data center, a highly sensitive area. To gain access, the intruder circumvented numerous layers of physical and electronic security measures. Company leadership has asked for a thorough review of physical security controls to prevent this from happening again.

    Which of the following departments are the MOST heavily invested in rectifying the problem? (Select THREE).

    A. Facilities management
    B. Human resources
    C. Research and development
    D. Programming
    E. Data center operations
    F. Marketing
    G. Information technology

  • Question 108:

    In order to reduce cost and improve employee satisfaction, a large corporation has decided to allow personal communication devices to access email and to remotely connect to the corporate network. Which of the following security measures should the IT organization implement? (Select TWO).

    A. A device lockdown according to policies
    B. An IDS on the internal networks
    C. A data disclosure policy
    D. A privacy policy
    E. Encrypt data in transit for remote access

  • Question 109:

    Company XYZ has transferred all of the corporate servers, including web servers, to a cloud hosting provider to reduce costs. All of the servers are running unpatched, outdated versions of Apache. Furthermore, the corporate financial data is also hosted by the cloud services provider, but it is encrypted when not in use. Only the DNS server is configured to audit user and administrator actions and logging is disabled on the other virtual machines.

    Given this scenario, which of the following is the MOST significant risk to the system?

    A. All servers are unpatched and running old versions.
    B. Financial data is processed without being encrypted.
    C. Logging is disabled on critical servers.
    D. Server services have been virtualized and outsourced.

  • Question 110:

    A sensitive database needs its cryptographic integrity upheld.

    Which of the following controls meets this goal? (Select TWO).

    A. Data signing
    B. Encryption
    C. Perfect forward secrecy
    D. Steganography
    E. Data vaulting
    F. RBAC
    G. Lock and key

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.