CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 111:

    When authenticating over HTTP using SAML, which of the following is issued to the authenticating user?

    A. A symmetric key
    B. A PKI ticket
    C. An X.509 certificate
    D. An assertion ticket

  • Question 112:

    An internal employee has sold a copy of the production customer database that was being used for upgrade testing to outside parties via HTTP file upload. The Chief Information Officer (CIO) has resigned and the Chief Executive Officer (CEO) has tasked the incoming CIO with putting effective controls in place to help prevent this from occurring again in the future.

    Which of the following controls is the MOST effective in preventing this threat from re-occurring?

    A. Network-based intrusion prevention system
    B. Data loss prevention
    C. Host-based intrusion detection system
    D. Web application firewall

  • Question 113:

    Due to a new regulation, a company has to increase active monitoring of security-related events to 24 hours a day. The security staff only has three full time employees that work during normal business hours. Instead of hiring new security analysts to cover the remaining shifts necessary to meet the monitoring requirement, the Chief Information Officer (CIO) has hired a Managed Security Service (MSS) to monitor events.

    Which of the following should the company do to ensure that the chosen MSS meets expectations?

    A. Develop a memorandum of understanding on what the MSS is responsible to provide.
    B. Create internal metrics to track MSS performance.
    C. Establish a mutually agreed upon service level agreement.
    D. Issue a RFP to ensure the MSS follows guidelines.

  • Question 114:

    A security administrator at a Lab Company is required to implement a solution which will provide the highest level of confidentiality possible to all data on the lab network.

    The current infrastructure design includes:

    Two-factor token and biometric based authentication for all users Attributable administrator accounts

    Logging of all transactions

    Full disk encryption of all HDDs

    Finely granular access controls to all resources

    Full virtualization of all servers

    The use of LUN masking to segregate SAN data

    Port security on all switches

    The network is protected with a firewall implementing ACLs, a NIPS device, and secured wireless access points.

    Which of the following cryptographic improvements should be made to the current architecture to achieve the stated goals?

    A. PKI based authorization
    B. Transport encryption
    C. Data at rest encryption
    D. Code signing

  • Question 115:

    An organization is finalizing a contract with a managed security services provider (MSSP) that is responsible for primary support of all security technologies. Which of the following should the organization require as part of the contract to ensure the protection of the organization's technology?

    A. An operational level agreement
    B. An interconnection security agreement
    C. A non-disclosure agreement
    D. A service level agreement

  • Question 116:

    A small customer focused bank with implemented least privilege principles, is concerned about the possibility of branch staff unintentionally aiding fraud in their day to day interactions with customers. Bank staff has been encouraged to build friendships with customers to make the banking experience feel more personal. The security and risk team have decided that a policy needs to be implemented across all branches to address the risk.

    Which of the following BEST addresses the security and risk team's concerns?

    A. Information disclosure policy
    B. Awareness training
    C. Job rotation
    D. Separation of duties

  • Question 117:

    The security administrator of a large enterprise is tasked with installing and configuring a solution that will allow the company to inspect HTTPS traffic for signs of hidden malware and to detect data exfiltration over encrypted channels. After installing a transparent proxy server, the administrator is ready to configure the HTTPS traffic inspection engine and related network equipment.

    Which of the following should the security administrator implement as part of the network and proxy design to ensure the browser will not display any certificate errors when browsing HTTPS sites? (Select THREE).

    A. Install a self-signed Root CA certificate on the proxy server.
    B. The proxy configuration of all users' browsers must point to the proxy IP.
    C. TCP port 443 requests must be redirected to TCP port 80 on the web server.
    D. All users' personal certificates' public key must be installed on the proxy.
    E. Implement policy-based routing on a router between the hosts and the Internet.
    F. The proxy certificate must be installed on all users' browsers.

  • Question 118:

    The security administrator at `company.com' is reviewing the network logs and notices a new UDP port pattern where the amount of UDP port 123 packets has increased by 20% above the baseline. The administrator runs a packet capturing tool from a server attached to a SPAN port and notices the following.

    UDP 192.168.0.1:123 -> 172.60.3.0:123 UDP 192.168.0.36:123 -> time.company.com UDP 192.168.0.112:123 -> 172.60.3.0:123 UDP 192.168.0.91:123 -> time.company.com UDP 192.168.0.211:123 -> 172.60.3.0:123 UDP 192.168.0.237:123 -> time.company.com UDP 192.168.0.78:123 -> 172.60.3.0:123

    The corporate HIPS console reports an MD5 hash mismatch on the svchost.exe file of the following computers:

    192.168.0.1

    192.168.0.112

    192.168.0.211

    192.168.0.78

    Which of the following should the security administrator report to upper management based on the above output?

    A. An NTP client side attack successfully exploited some hosts.
    B. A DNS cache poisoning successfully exploited some hosts.
    C. An NTP server side attack successfully exploited some hosts.
    D. A DNS server side attack successfully exploited some hosts.

  • Question 119:

    A startup company offering software on demand has hired a security consultant to provide expertise on data security. The company's clients are concerned about data confidentiality. The security consultant must design an environment with data confidentiality as the top priority, over availability and integrity.

    Which of the following designs is BEST suited for this purpose?

    A. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment to access the virtualized applications. A secret key kept by the startup encrypts the application virtual memory and data store.
    B. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment and to access the virtualized applications. Each client has a common shared key, which encrypts the application virtual memory and data store.
    C. Each client is assigned a set of virtual hosts running shared hardware. Physical storage is partitioned into LUNS and assigned to each client. MPLS technology is used to segment and encrypt each of the client's networks. PKI based remote desktop with hardware tokens is used by the client to connect to the application.
    D. Each client is assigned a set of virtual hosts running shared hardware. Virtual storage is partitioned and assigned to each client. VLAN technology is used to segment each of the client's networks. PKI based remote desktop access is used by the client to connect to the application.

  • Question 120:

    Which of the following is the MOST secure way to ensure third party applications and introduce only acceptable risk?

    A. Line by line code review and simu-lation; uncovers hidden vulnerabilities and allows for behavior to be observed with minimal risk.
    B. Technical exchange meetings with the application's vendor; vendors have more in depth knowledge of the product.
    C. Pilot trial; minimizes the impact to the enterprise while still providing services to enterprise users.
    D. Full deployment with crippled features; allows for large scale testing and observation of the applications security profile.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.