CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 311:

    As part of a new wireless implementation, the Chief Information Officer's (CIO's) main objective is to immediately deploy a system that supports the 802.11r standard, which will help wireless VoIP devices in moving vehicles. However, the 802.11r standard was not ratified by the IETF. The wireless vendor's products do support the pre-ratification version of 802.11r. The security and network administrators have tested the product and do not see any security or compatibility issues; however, they are concerned that the standard is not yet final.

    Which of the following is the BEST way to proceed?

    A. Purchase the equipment now, but do not use 802.11r until the standard is ratified.
    B. Do not purchase the equipment now as the client devices do not yet support 802.11r.
    C. Purchase the equipment now, as long as it will be firmware upgradeable to the final 802.11r standard.
    D. Do not purchase the equipment now; delay the implementation until the IETF has ratified the final 802.11r standard.

  • Question 312:

    The Chief Executive Officer (CEO) of a corporation purchased the latest mobile device and connected it to the internal network. The CEO proceeded to download sensitive financial documents through their email. The device was then lost in transit to a conference. The CEO notified the company helpdesk about the lost device and another one was shipped out, after which the helpdesk ticket was closed stating the issue was resolved.

    This data breach was not properly reported due to insufficient training surrounding which of the following processes?

    A. E-Discovery
    B. Data handling
    C. Incident response
    D. Data recovery and storage

  • Question 313:

    In an effort to reduce internal email administration costs, a company is determining whether to outsource its email to a managed service provider that provides email, spam, and malware protection. The security manager is asked to provide input regarding any security implications of this change.

    Which of the following BEST addresses risks associated with disclosure of intellectual property?

    A. Require the managed service provider to implement additional data separation.
    B. Require encrypted communications when accessing email.
    C. Enable data loss protection to minimize emailing PII and confidential data.
    D. Establish an acceptable use policy and incident response policy.

  • Question 314:

    A security engineer is implementing a new solution designed to process e-business transactions and record them in a corporate audit database. The project has multiple technical stakeholders. The database team controls the physical database resources, the internal audit division controls the audit records in the database, the web hosting team is responsible for implementing the website front end and shopping cart application, and the accounting department is responsible for processing the transaction and interfacing with the payment processor.

    As the solution owner, the security engineer is responsible for ensuring which of the following?

    A. Ensure the process functions in a secure manner from customer input to audit review.
    B. Security solutions result in zero additional processing latency.
    C. Ensure the process of storing audit records is in compliance with applicable laws.
    D. Web transactions are conducted in a secure network channel.

  • Question 315:

    An ecommerce application on a Linux server does not properly track the number of incoming connections to the server and may leave the server vulnerable to which of following?

    A. Buffer Overflow Attack
    B. Storage Consumption Attack
    C. Denial of Service Attack
    D. Race Condition

  • Question 316:

    The Chief Information Officer (CIO) comes to the security manager and asks what can be done to reduce the potential of sensitive data being emailed out of the company. Which of the following is an active security measure to protect against this threat?

    A. Require a digital signature on all outgoing emails.
    B. Sanitize outgoing content.
    C. Implement a data classification policy.
    D. Implement a SPAM filter.

  • Question 317:

    A telecommunication company has recently upgraded their teleconference systems to multicast. Additionally, the security team has instituted a new policy which requires VPN to access the company's video conference. All parties must be issued a VPN account and must connect to the company's VPN concentrator to participate in the remote meetings.

    Which of the following settings will increase bandwidth utilization on the VPN concentrator during the remote meetings?

    A. IPSec transport mode is enabled
    B. ICMP is disabled
    C. Split tunneling is disabled
    D. NAT-traversal is enabled

  • Question 318:

    A network administrator with a company's NSP has received a CERT alert for targeted adversarial behavior at the company.

    In addition to the company's physical security, which of the following can the network administrator use to scan and detect the presence of a malicious actor physically accessing the company's network or information systems from within? (Select TWO).

    A. RAS
    B. Vulnerability scanner
    C. HTTP intercept
    D. HIDS
    E. Port scanner
    F. Protocol analyzer

  • Question 319:

    SIMULATION

    The IDS has detected abnormal behavior on this network Click on the network devices to view device information Based on this information, the following tasks need to be completed:

    1. Select the server that is a victim of a SQL injection attack. 2 Select the source of the buffer overflow attack.

    3. Modify the access control list (ACL) on the router(s) to ONLY block the buffer overflow attack. Instructions: Simulations can be reset at any time to the initial state: however, all selections will be deleted.

  • Question 320:

    The manager of the firewall team is getting complaints from various IT teams that firewall changes are causing issues. Which of the following should the manager recommend to BEST address these issues?

    A. Set up a weekly review for relevant teams to discuss upcoming changes likely to have a broad impact.
    B. Update the change request form so that requesting teams can provide additional details about the requested changes.
    C. Require every new firewall rule go through a secondary firewall administrator for review before pushing the firewall policy.
    D. Require the firewall team to verify the change with the requesting team before pushing the updated firewall policy.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.