CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 281:

    A security auditor is conducting an audit of a corporation where 95% of the users travel or work from non-corporate locations a majority of the time. While the employees are away from the corporate offices, they retain full access to the corporate network and use of corporate laptops. The auditor knows that the corporation processes PII and other sensitive data with applications requiring local caches of any data being manipulated.

    Which of the following security controls should the auditor check for and recommend to be implemented if missing from the laptops?

    A. Trusted operating systems
    B. Full disk encryption
    C. Host-based firewalls
    D. Command shell restrictions

  • Question 282:

    An IT administrator has installed new DNS name servers (Primary and Secondary), which are used to host the company MX records and resolve the web server's public address. In order to secure the zone transfer between the primary and secondary server, the administrator uses only server ACLs.

    Which of the following attacks could the secondary DNS server still be susceptible to?

    A. Email spamming
    B. IP spoofing
    C. Clickjacking
    D. DNS replication

  • Question 283:

    Company XYZ has had repeated vulnerability exploits of a critical nature released to the company's flagship product. The product is used by a number of large customers. At the Chief Information Security Officer's (CISO's) request, the product manager now has to budget for a team of security consultants to introduce major product security improvements.

    Here is a list of improvements in order of priority:

    1.

    A noticeable improvement in security posture immediately.

    2.

    Fundamental changes to resolve systemic issues as an ongoing process

    3.

    Improvements should be strategic as opposed to tactical

    4.

    Customer impact should be minimized

    Which of the following recommendations is BEST for the CISO to put forward to the product manager?

    A. Patch the known issues and provide the patch to customers. Make a company announcement to customers on the main website to reduce the perceived exposure of the application to alleviate customer concerns. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that any defects have been resolved.
    B. Patch the known issues and provide the patch to customers. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that the defects have been resolved. Introduce periodic code review and penetration testing of the product in question and consider including all relevant future projects going forward.
    C. Patch the known issues and provide the patch to customers. Implement an SSDLC / SDL overlay on top of the SDLC. Train architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. Use the product as the primary focal point to close out issues and consider using the SSDLC / SDL overlay for all relevant future projects.
    D. Stop active support of the product. Bring forward end-of-life dates for the product so that it can be decommissioned. Start a new project to develop a replacement product and ensure that an SSDLC / SDL overlay on top of the SDLC is formed. Train BAs, architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases.

  • Question 284:

    A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self service functionality. The application has been written by developers over the last six months and the project is currently in the test phase.

    Which of the following security activities should be implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select TWO).

    A. Perform unit testing of the binary code
    B. Perform code review over a sampling of the front end source code
    C. Perform black box penetration testing over the solution
    D. Perform grey box penetration testing over the solution
    E. Perform static code review over the front end source code

  • Question 285:

    A team of security engineers has applied regulatory and corporate guidance to the design of a corporate network. The engineers have generated an SRTM based on their work and a thorough analysis of the complete set of functional and performance requirements in the network specification.

    Which of the following BEST describes the purpose of an SRTM in this scenario?

    A. To ensure the security of the network is documented prior to customer delivery
    B. To document the source of all functional requirements applicable to the network
    C. To facilitate the creation of performance testing metrics and test plans
    D. To allow certifiers to verify the network meets applicable security requirements

  • Question 286:

    Which of the following implementations of a continuous monitoring risk mitigation strategy is correct?

    A. Audit successful and failed events, transfer logs to a centralized server, institute computer assisted audit reduction, and email alerts to NOC staff hourly.
    B. Audit successful and critical failed events, transfer logs to a centralized server once a month, tailor logged event thresholds to meet organization goals, and display alerts in real time when thresholds are approached.
    C. Audit successful and failed events, transfer logs to a centralized server, institute computer assisted audit reduction, tailor logged event thresholds to meet organization goals, and display alerts in real time when thresholds are exceeded.
    D. Audit failed events only, transfer logs to a centralized server, implement manual audit reduction, tailor logged event thresholds to meet organization goals, and display alerts in real time when thresholds are approached and exceeded.

  • Question 287:

    A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important?

    A. Insecure direct object references, CSRF, Smurf
    B. Privilege escalation, Application DoS, Buffer overflow
    C. SQL injection, Resource exhaustion, Privilege escalation
    D. CSRF, Fault injection, Memory leaks

  • Question 288:

    When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones. Which of the following would impact the security of conference's resources?

    A. Wireless network security may need to be increased to decrease access of mobile devices.
    B. Physical security may need to be increased to deter or prevent theft of mobile devices.
    C. Network security may need to be increased by reducing the number of available physical network jacks.
    D. Wireless network security may need to be decreased to allow for increased access of mobile devices.

  • Question 289:

    A software project manager has been provided with a requirement from the customer to place limits on the types of transactions a given user can initiate without external interaction from another user with elevated privileges. This requirement is BEST described as an implementation of:

    A. An administrative control
    B. Dual control
    C. Separation of duties
    D. Least privilege
    E. Collusion

  • Question 290:

    Three companies want to allow their employees to seamlessly connect to each other's wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companies' wireless network. All three companies have agreed to standardize on 802.1x EAP- PEAP-MSCHAPv2 for client configuration.

    Which of the following should the three companies implement?

    A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation.
    B. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID.
    C. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates.
    D. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.