CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 11:

    A security administrator needs to deploy a remote access solution for both staff and contractors. Management favors remote desktop due to ease of use. The current risk assessment suggests protecting Windows as much as possible from direct ingress traffic exposure.

    Which of the following solutions should be selected?

    A. Deploy a remote desktop server on your internal LAN, and require an active directory integrated SSL connection for access.
    B. Change remote desktop to a non-standard port, and implement password complexity for the entire active directory domain.
    C. Distribute new IPSec VPN client software to applicable parties. Virtualize remote desktop services functionality.
    D. Place the remote desktop server(s) on a screened subnet, and implement two-factor authentication.

  • Question 12:

    A system designer needs to factor in CIA requirements for a new SAN. Which of the CIA requirements is BEST met by multipathing?

    A. Confidentiality
    B. Authentication
    C. Integrity
    D. Availability

  • Question 13:

    What of the following vulnerabilities is present in the below source code file named `AuthenticatedArea.php'?

    AuthenticatedArea

    include ("/inc/common.php");

    $username = $_REQUEST[`username'];

    if ($username != "") {

    echo "Your username is: " . $_REQUEST[`username']; }else {

    header)("location: /login.php"

    }

    ?>

    A. Header manipulation
    B. Account disclosure
    C. Unvalidated file inclusion
    D. Cross-site scripting

  • Question 14:

    A network engineer at Company ABC observes the following raw HTTP request:

    GET /disp_reports.php?SectionEntered=57andGroupEntered=-1andreport_type=alertsandto_date=01- 01-0101andRun= RunandUserEntered=dsmithandSessionID=5f04189bcandfrom_date=31-10-2010andTypesEntered=1

    HTTP/1.1 Host: test.example.net Accept: */* Accept-Language: en Connection: close Cookie: java14=1; java15=1; java16=1; js=1292192278001;

    Which of the following should be the engineer's GREATEST concern?

    A. The HTTPS is not being enforced so the system is vulnerable.
    B. The numerical encoding on the session ID is limited to hexadecimal characters, making it susceptible to a brute force attack.
    C. Sensitive data is transmitted in the URL.
    D. The dates entered are outside a normal range, which may leave the system vulnerable to a denial of service attack.

  • Question 15:

    A company has decided to relocate and the security manager has been tasked to perform a site survey of the new location to help in the design of the physical infrastructure. The current location has video surveillance throughout the building and entryways.

    The following requirements must be met:

    Able to log entry of all employees in and out of specific areas

    Access control into and out of all sensitive areas

    Tailgating prevention

    Which of the following would MOST likely be implemented to meet the above requirements and provide a secure solution? (Select TWO).

    A. Discretionary Access control
    B. Man trap
    C. Visitor logs
    D. Proximity readers
    E. Motion detection sensors

  • Question 16:

    The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer's (CSO) request to harden the corporate network's perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different.

    Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?

    A. The corporate network is the only network that is audited by regulators and customers.
    B. The aggregation of employees on a corporate network makes it a more valuable target for attackers.
    C. Home networks are unknown to attackers and less likely to be targeted directly.
    D. Employees are more likely to be using personal computers for general web browsing when they are at home.

  • Question 17:

    After a security incident, an administrator revokes the SSL certificate for their web server www.company.com. Later, users begin to inform the help desk that a few other servers are generating certificate errors: ftp.company.com, mail.company.com, and partners.company.com.

    Which of the following is MOST likely the reason for this?

    A. Each of the servers used the same EV certificate.
    B. The servers used a wildcard certificate.
    C. The web server was the CA for the domain.
    D. Revoking a certificate can only be done at the domain level.

  • Question 18:

    Every year, the accounts payable employee, Ann, takes a week off work for a vacation. She typically completes her responsibilities remotely during this week. Which of the following policies, when implemented, would allow the company to audit this employee's work and potentially discover improprieties?

    A. Job rotation
    B. Mandatory vacations
    C. Least privilege
    D. Separation of duties

  • Question 19:

    The Chief Risk Officer (CRO) has requested that the MTD, RTO and RPO for key business applications be identified and documented. Which of the following business documents would MOST likely contain the required values?

    A. MOU
    B. BPA
    C. RA
    D. SLA
    E. BIA

  • Question 20:

    A corporation has expanded for the first time by integrating several newly acquired businesses. Which of the following are the FIRST tasks that the security team should undertake? (Select TWO).

    A. Remove acquired companies Internet access.
    B. Federate identity management systems.
    C. Install firewalls between the businesses.
    D. Re-image all end user computers to a standard image.
    E. Develop interconnection policy.
    F. Conduct a risk analysis of each acquired company's networks.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.