CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 341:

    A company has migrated its data and application hosting to a cloud service provider (CSP). To meet its future needs, the company considers an IdP. Why might the company want to select an IdP that is separate from its CSP? (Select TWO).

    A. A circle of trust can be formed with all domains authorized to delegate trust to an IdP
    B. Identity verification can occur outside the circle of trust if specified or delegated
    C. Replication of data occurs between the CSP and IdP before a verification occurs
    D. Greater security can be provided if the circle of trust is formed within multiple CSP domains
    E. Faster connections can occur between the CSP and IdP without the use of SAML

  • Question 342:

    When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard. Which of the following BEST describes why this is necessary?

    A. The user needs a non-repudiation data source in order for the application to generate the key pair.
    B. The user is providing entropy so the application can use random data to create the key pair.
    C. The user is providing a diffusion point to the application to aid in creating the key pair.
    D. The application is requesting perfect forward secrecy from the user in order to create the key pair.

  • Question 343:

    Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim's privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed.

    Which of the following BEST describes the application issue?

    A. Integer overflow
    B. Click-jacking
    C. Race condition
    D. SQL injection
    E. Use after free
    F. Input validation

  • Question 344:

    A university Chief Information Security Officer is analyzing various solutions for a new project involving the upgrade of the network infrastructure within the campus. The campus has several dorms (two-four person rooms) and administrative buildings. The network is currently setup to provide only two network ports in each dorm room and ten network ports per classroom. Only administrative buildings provide 2.4 GHz wireless coverage. The following three goals must be met after the new implementation:

    1.

    Provide all users (including students in their dorms) connections to the Internet.

    2.

    Provide IT department with the ability to make changes to the network environment to improve performance.

    3.

    Provide high speed connections wherever possible all throughout campus including sporting event areas.

    Which of the following risk responses would MOST likely be used to reduce the risk of network outages and financial expenditures while still meeting each of the goals stated above?

    A. Avoid any risk of network outages by providing additional wired connections to each user and increasing the number of data ports throughout the campus.
    B. Transfer the risk of network outages by hiring a third party to survey, implement and manage a 5.0 GHz wireless network.
    C. Accept the risk of possible network outages and implement a WLAN solution to provide complete 5.0 GHz coverage in each building that can be managed centrally on campus.
    D. Mitigate the risk of network outages by implementing SOHO WiFi coverage throughout the dorms and upgrading only the administrative buildings to 5.0 GHz coverage using a one for one AP replacement.

  • Question 345:

    The element in SAML can be provided in which of the following predefined formats? (Select TWO).

    A. X.509 subject name
    B. PTR DNS record
    C. EV certificate OID extension
    D. Kerberos principal name
    E. WWN record name

  • Question 346:

    During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company.

    Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

    A. Implement an IPS to block the application on the network
    B. Implement the remote application out to the rest of the servers
    C. Implement SSL VPN with SAML standards for federation
    D. Implement an ACL on the firewall with NAT for remote access

  • Question 347:

    An organization has had six security incidents over the past year against their main web application. Each time the organization was able to determine the cause of the incident and restore operations within a few hours to a few days. Which of the following provides the MOST comprehensive method for reducing the time to recover?

    A. Create security metrics that provide information on response times and requirements to determine the best place to focus time and money.
    B. Conduct a loss analysis to determine which systems to focus time and money towards increasing security.
    C. Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation.
    D. Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics.

  • Question 348:

    A security administrator of a large private firm is researching and putting together a proposal to purchase an IPS. The specific IPS type has not been selected, and the security administrator needs to gather information from several vendors to determine a specific product.

    Which of the following documents would assist in choosing a specific brand and model?

    A. RFC
    B. RTO
    C. RFQ
    D. RFI

  • Question 349:

    Company ABC will test connecting networks with Company XYZ as part of their upcoming merger and are both concerned with minimizing security exposures to each others network throughout the test. Which of the following is the FIRST thing both sides should do prior to connecting the networks?

    A. Create a DMZ to isolate the two companies and provide a security inspection point for all inter-company network traffic.
    B. Determine the necessary data flows between the two companies.
    C. Implement a firewall that restricts everything except the IPSec VPN traffic connecting the two companies.
    D. Implement inline NIPS on the connection points between the two companies.

  • Question 350:

    A bank has just outsourced the security department to a consulting firm, but retained the security architecture group. A few months into the contract the bank discovers that the consulting firm has sub-contracted some of the security functions to another provider. Management is pressuring the sourcing manager to ensure adequate protections are in place to insulate the bank from legal and service exposures.

    Which of the following is the MOST appropriate action to take?

    A. Directly establish another separate service contract with the sub-contractor to limit the risk exposure and legal implications.
    B. Ensure the consulting firm has service agreements with the sub-contractor; if the agreement does not exist, exit the contract when possible.
    C. Log it as a risk in the business risk register and pass the risk to the consulting firm for acceptance and responsibility.
    D. Terminate the contract immediately and bring the security department in-house again to reduce legal and regulatory exposure.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.