CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 21:

    A user on a virtual machine downloads a large file using a popular peer-to-peer torrent program. The user is unable to execute the program on their VM. A security administrator scans the VM and detects a virus in the program. The administrator reviews the hypervisor logs and correlates several access attempts to the time of execution of the virus.

    Which of the following is the MOST likely explanation for this behavior?

    A. The hypervisor host does not have hardware acceleration enabled and does not allow DEP.
    B. The virus scanner on the VM changes file extensions of all programs downloaded via P2P to prevent execution.
    C. The virtual machine is configured to require administrator rights to execute all programs.
    D. The virus is trying to access a virtual device which the hypervisor is configured to restrict.

  • Question 22:

    A data processing server uses a Linux based file system to remotely mount physical disks on a shared SAN. The server administrator reports problems related to processing of files where the file appears to be incompletely written to the disk. The network administration team has conducted a thorough review of all network infrastructure and devices and found everything running at optimal performance. Other SAN customers are unaffected. The data being processed consists of millions of small files being written to disk from a network source one file at a time. These files are then accessed by a local Java program for processing before being transferred over the network to a SE Linux host for processing.

    Which of the following is the MOST likely cause of the processing problem?

    A. The administrator has a PERL script running which disrupts the NIC by restarting the CRON process every 65 seconds.
    B. The Java developers accounted for network latency only for the read portion of the processing and not the write process.
    C. The virtual file system on the SAN is experiencing a race condition between the reads and writes of network files.
    D. The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors.

  • Question 23:

    Which of the following protocols only facilitates access control?

    A. XACML
    B. Kerberos
    C. SPML
    D. SAML

  • Question 24:

    Company ABC has entered into a marketing agreement with Company XYZ, whereby ABC will share some of its customer information with XYZ. However, XYZ can only contact ABC customers who explicitly agreed to being contacted by third parties.

    Which of the following documents would contain the details of this marketing agreement?

    A. BPA
    B. ISA
    C. NDA
    D. SLA

  • Question 25:

    A company has purchased a new system, but security personnel are spending a great deal of time on system maintenance. A new third party vendor has been selected to maintain and manage the company's system. Which of the following document types would need to be created before any work is performed?

    A. IOS
    B. ISA
    C. SLA
    D. OLA

  • Question 26:

    A company is preparing to upgrade its NIPS at five locations around the world. The three platforms the team plans to test, claims to have the most advanced features and lucrative pricing. Assuming all platforms meet the functionality requirements, which of the following methods should be used to select the BEST platform?

    A. Establish return on investment as the main criteria for selection.
    B. Run a cost/benefit analysis based on the data received from the RFP.
    C. Evaluate each platform based on the total cost of ownership.
    D. Develop a service level agreement to ensure the selected NIPS meets all performance requirements.

  • Question 27:

    If a technician must take an employee's workstation into custody in response to an investigation, which of the following can BEST reduce the likelihood of related legal issues?

    A. A formal letter from the company's president approving the seizure of the workstation.
    B. A formal training and awareness program on information security for all company managers.
    C. A screen displayed at log in that informs users of the employer's rights to seize, search, and monitor company devices.
    D. A printout of an activity log, showing that the employee has been spending substantial time on non-work related websites.

  • Question 28:

    Company GHI consolidated their network distribution so twelve network VLANs would be available over dual fiber links to a modular L2 switch in each of the company's six IDFs. The IDF modular switches have redundant switch fabrics and power supplies.

    Which of the following threats will have the GREATEST impact on the network and what is the appropriate remediation step?

    A. Threat: 802.1q trunking attack Remediation: Enable only necessary VLANs for each port
    B. Threat: Bridge loop Remediation: Enable spanning tree
    C. Threat: VLAN hopping Remediation: Enable only necessary VLANs for each port
    D. Threat: VLAN hopping Remediation: Enable ACLs on the IDF switch

  • Question 29:

    A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE).

    A. Security of data storage
    B. The cost of the solution
    C. System availability
    D. User authentication strategy
    E. PBX integration of the service
    F. Operating system compatibility

  • Question 30:

    The Chief Executive Officer (CEO) has decided to outsource systems which are not core business functions; however, a recent review by the risk officer has indicated that core business functions are dependent on the outsourced systems. The risk officer has requested that the IT department calculates the priority of restoration for all systems and applications under the new business model.

    Which of the following is the BEST tool to achieve this?

    A. Business impact analysis
    B. Annualized loss expectancy analysis
    C. TCO analysis
    D. Residual risk and gap analysis

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.