CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 131:

    A company uses a custom Line of Business (LOB) application to facilitate all back-end manufacturing control. Upon investigation, it has been determined that the database used by the LOB application uses a proprietary data format. The risk management group has flagged this as a potential weakness in the company's operational robustness.

    Which of the following would be the GREATEST concern when analyzing the manufacturing control application?

    A. Difficulty backing up the custom database
    B. Difficulty migrating to new hardware
    C. Difficulty training new admin personnel
    D. Difficulty extracting data from the database

  • Question 132:

    The Chief Information Security Officer (CISO) is researching ways to reduce the risk associated with administrative access of six IT staff members while enforcing separation of duties. In the case where an IT staff member is absent, each staff member should be able to perform all the necessary duties of their IT co-workers.

    Which of the following policies should the CISO implement to reduce the risk?

    A. Require the use of an unprivileged account, and a second shared account only for administrative purposes.
    B. Require role-based security on primary role, and only provide access to secondary roles on a case-by-case basis.
    C. Require separation of duties ensuring no single administrator has access to all systems.
    D. Require on-going auditing of administrative activities, and evaluate against risk-based metrics.

  • Question 133:

    News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit network mapping and fingerprinting occurs in preparation for further exploitation.

    Which of the following is the MOST effective solution to protect against unrecognized malware infections, reduce detection time, and minimize any damage that might be done?

    A. Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology.
    B. Implement an application whitelist at all levels of the organization.
    C. Deploy a network based heuristic IDS, configure all layer 3 switches to feed data to the IDS for more effective monitoring.
    D. Update router configuration to pass all network traffic through a new proxy server with advanced malware detection.

  • Question 134:

    A legacy system is not scheduled to be decommissioned for two years and requires the use of the standard Telnet protocol. Which of the following should be used to mitigate the security risks of this system?

    A. Migrate the system to IPv6.
    B. Migrate the system to RSH.
    C. Move the system to a secure VLAN.
    D. Use LDAPs for authentication.

  • Question 135:

    Which of the following BEST explains SAML?

    A. A security attestation model built on XML and SOAP-based services, which allows for the exchange of AandA data between systems and supports Federated Identity Management.
    B. An XML and SOAP-based protocol, which enables the use of PKI for code signing and SSO by using SSL and SSH to establish a trust model.
    C. A security model built on the transfer of assertions over XML and SOAP-based protocols, which allows for seamless SSO and the open exchange of data.
    D. A security verification model built on SSO and SSL-based services, which allows for the exchange of PKI data between users and supports XACML.

  • Question 136:

    The Information Security Officer (ISO) is reviewing a summary of the findings from the last COOP tabletop exercise. The Chief Information Officer (CIO) wants to determine which additional controls must be implemented to reduce the risk of an extended customer service outage due to the VoIP system being unavailable.

    Which of the following BEST describes the scenario presented and the document the ISO is reviewing?

    A. The ISO is evaluating the business implications of a recent telephone system failure within the BIA.
    B. The ISO is investigating the impact of a possible downtime of the messaging system within the RA.
    C. The ISO is calculating the budget adjustment needed to ensure audio/video system redundancy within the RFQ.
    D. The ISO is assessing the effect of a simulated downtime involving the telecommunication system within the AAR.

  • Question 137:

    Noticing latency issues at its connection to the Internet, a company suspects that it is being targeted in a Distributed Denial of Service attack. A security analyst discovers numerous inbound monlist requests coming to the company's NTP servers.

    Which of the following mitigates this activity with the LEAST impact to existing operations?

    A. Block in-bound connections to the company's NTP servers.
    B. Block IPs making monlist requests.
    C. Disable the company's NTP servers.
    D. Disable monlist on the company's NTP servers.

  • Question 138:

    An extensible commercial software system was upgraded to the next minor release version to patch a security vulnerability. After the upgrade, an unauthorized intrusion into the system was detected. The software vendor is called in to troubleshoot the issue and reports that all core components were updated properly.

    Which of the following has been overlooked in securing the system? (Select TWO).

    A. The company's IDS signatures were not updated.
    B. The company's custom code was not patched.
    C. The patch caused the system to revert to http.
    D. The software patch was not cryptographically signed.
    E. The wrong version of the patch was used.
    F. Third-party plug-ins were not patched.

  • Question 139:

    The security administrator has been tasked with providing a solution that would not only eliminate the need for physical desktops, but would also centralize the location of all desktop applications, without losing physical control of any network devices.

    Which of the following would the security manager MOST likely implement?

    A. VLANs
    B. VDI
    C. PaaS
    D. IaaS

  • Question 140:

    The security administrator reports that the physical security of the Ethernet network has been breached, but the fibre channel storage network was not breached. Why might this still concern the storage administrator? (Select TWO).

    A. The storage network uses FCoE.
    B. The storage network uses iSCSI.
    C. The storage network uses vSAN.
    D. The storage network uses switch zoning.
    E. The storage network uses LUN masking.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.