CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 201:

    A company receives an e-discovery request for the Chief Information Officer's (CIO's) email data. The storage administrator reports that the data retention policy relevant to their industry only requires one year of email data. However the storage administrator also reports that there are three years of email data on the server and five years of email data on backup tapes.

    How many years of data MUST the company legally provide?

    A. 1
    B. 2
    C. 3
    D. 5

  • Question 202:

    A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital's guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital's system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices.

    Which of the following are of MOST concern? (Select TWO).

    A. Privacy could be compromised as patient records can be viewed in uncontrolled areas.
    B. Device encryption has not been enabled and will result in a greater likelihood of data loss.
    C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data.
    D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes.
    E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable.

  • Question 203:

    A morphed worm carrying a 0-day payload has infiltrated the company network and is now spreading across the organization. The security administrator was able to isolate the worm communication and payload distribution channel to TCP port 445.

    Which of the following can the administrator do in the short term to minimize the attack?

    A. Deploy the following ACL to the HIPS: DENY - TCP - ANY - ANY 445.
    B. Run a TCP 445 port scan across the organization and patch hosts with open ports.
    C. Add the following ACL to the corporate firewall: DENY - TCP - ANY - ANY - 445.
    D. Force a signature update and full system scan from the enterprise anti-virus solution.

  • Question 204:

    The company is about to upgrade a financial system through a third party, but wants to legally ensure that no sensitive information is compromised throughout the project. The project manager must also make sure that internal controls are set to mitigate the potential damage that one individual's actions may cause.

    Which of the following needs to be put in place to make certain both organizational requirements are met? (Select TWO).

    A. Separation of duties
    B. Forensic tasks
    C. MOU
    D. OLA
    E. NDA
    F. Job rotation

  • Question 205:

    A security engineer has inherited an authentication project which integrates 1024-bit PKI certificates into the company infrastructure and now has a new requirement to integrate 2048-bit PKI certificates so that the entire company will be interoperable with its vendors when the project is completed. The project is now 25% complete, with 15% of the company staff being issued 1024-bit certificates. The provisioning of network based accounts has not occurred yet due to other project delays. The project is now expected to be over budget and behind its original schedule. Termination of the existing project and beginning a new project is a consideration because of the change in scope.

    Which of the following is the security engineer's MOST serious concern with implementing this solution?

    A. Succession planning
    B. Performance
    C. Maintainability
    D. Availability

  • Question 206:

    Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow.

    How should the employees request access to shared resources before the authentication integration is complete?

    A. They should logon to the system using the username concatenated with the 6-digit code and their original password.
    B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code.
    C. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed.
    D. They should use the username format: [email protected], together with a password and their 6-digit code.

  • Question 207:

    In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO).

    A. Erase all files on drive
    B. Install of standard image
    C. Remove and hold all drives
    D. Physical destruction
    E. Drive wipe

  • Question 208:

    A small bank is introducing online banking to its customers through its new secured website. The firewall has three interfaces: one for the Internet connection, another for the DMZ, and the other for the internal network. Which of the following will provide the MOST protection from all likely attacks on the bank?

    A. Implement NIPS inline between the web server and the firewall.
    B. Implement a web application firewall inline between the web server and the firewall.
    C. Implement host intrusion prevention on all machines at the bank.
    D. Configure the firewall policy to only allow communication with the web server using SSL.

  • Question 209:

    A security architect is seeking to outsource company server resources to a commercial cloud service provider. The provider under consideration has a reputation for poorly controlling physical access to datacenters and has been the victim of multiple social engineering attacks. The service provider regularly assigns VMs from multiple clients to the same physical resources.

    When conducting the final risk assessment which of the following should the security architect take into consideration?

    A. The ability to implement user training programs for the purpose of educating internal staff about the dangers of social engineering.
    B. The cost of resources required to relocate services in the event of resource exhaustion on a particular VM.
    C. The likelihood a malicious user will obtain proprietary information by gaining local access to the hypervisor platform.
    D. Annual loss expectancy resulting from social engineering attacks against the cloud service provider affecting corporate network infrastructure.

  • Question 210:

    An ISP is peering with a new provider and wishes to disclose which autonomous system numbers should be allowed through BGP for network transport. Which of the following should contain this information?

    A. Memorandum of Understanding
    B. Interconnection Security Agreement
    C. Operating Level Agreement
    D. Service Level Agreement

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.