CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 371:

    An administrator receives a notification from legal that an investigation is being performed on members of the finance department. As a precaution, legal has advised a legal hold on all documents for an unspecified period of time. Which of the following policies will MOST likely be violated? (Select TWO).

    A. Data Storage Policy
    B. Data Retention Policy
    C. Corporate Confidentiality Policy
    D. Data Breach Mitigation Policy
    E. Corporate Privacy Policy

  • Question 372:

    SAML entities can operate in a variety of different roles. Valid SAML roles include which of the following?

    A. Attribute authority and certificate authority
    B. Certificate authority and attribute requestor
    C. Identity provider and service provider
    D. Service provider and administrator

  • Question 373:

    A security engineer is troubleshooting a possible virus infection, which may have spread to multiple desktop computers within the organization. The company implements enterprise antivirus software on all desktops, but the enterprise antivirus server's logs show no sign of a virus infection. The border firewall logs show suspicious activity from multiple internal hosts trying to connect to the same external IP address. The security administrator decides to post the firewall logs to a security mailing list and receives confirmation from other security administrators that the firewall logs indicate internal hosts are compromised with a new variant of the Trojan.Ransomcrypt.G malware not yet detected by most antivirus software.

    Which of the following would have detected the malware infection sooner?

    A. The security administrator should consider deploying a signature-based intrusion detection system.
    B. The security administrator should consider deploying enterprise forensic analysis tools.
    C. The security administrator should consider installing a cloud augmented security service.
    D. The security administrator should consider establishing an incident response team.

  • Question 374:

    SIMULATION

    The IDS has detected abnormal behavior on this network. Click on the network devices to view device information. Based on this information, the following tasks should be completed:

    1. Select the server that is a victim of a cross-site scripting (XSS) attack. 2 Select the source of the brute force password attack.

    3. Modify the access control list (ACL) on the router(s) to ONLY block the XSS attack.

    Instructions: Simulations can be reset at anytime to the initial state: however, all selections will be deleted

  • Question 375:

    The database team has suggested deploying a SOA based system across the enterprise. The Chief Information Officer (CIO) has decided to consult the security manager about the risk implications for adopting this architecture. Which of the following are concerns that the security manager should present to the CIO concerning the SOA system? (Select TWO).

    A. Users and services are centralized and only available within the enterprise.
    B. Users and services are distributed, often times over the Internet
    C. SOA centrally manages legacy systems, and opens the internal network to vulnerabilities.
    D. SOA abstracts legacy systems as a virtual device and is susceptible to VMEscape.
    E. SOA abstracts legacy systems as web services, which are often exposed to outside threats.

  • Question 376:

    A systems security consultant is hired by Corporation X to analyze the current enterprise network environment and make recommendations for increasing network security. It is the consultant's first day on the job. Which of the following network design considerations should the consultant consider? (Select THREE).

    A. What hardware and software would work best for securing the network?
    B. What corporate assets need to be protected?
    C. What are the business needs of the organization?
    D. What outside threats are most likely to compromise network security?
    E. What is the budget for this project?
    F. What time and resources are needed to carry out the security plan?

  • Question 377:

    A corporation implements a mobile device policy on smartphones that utilizes a white list for allowed applications. Recently, the security administrator notices that a consumer cloud based storage application has been added to the mobile device white list.

    Which of the following security implications should the security administrator cite when recommending the application's removal from the white list?

    A. Consumer cloud storage systems retain local copies of each file on the smartphone, as well as in the cloud, causing a potential data breach if the phone is lost or stolen.
    B. Smartphones can export sensitive data or import harmful data with this application causing the potential for DLP or malware issues.
    C. Consumer cloud storage systems could allow users to download applications to the smartphone. Installing applications this way would circumvent the application white list.
    D. Smartphones using consumer cloud storage are more likely to have sensitive data remnants on them when they are repurposed.

  • Question 378:

    A Chief Information Security Officer (CISO) is approached by a business unit manager who heard a report on the radio this morning about an employee at a competing firm who shipped a VPN token overseas so a fake employee could log into the corporate VPN. The CISO asks what can be done to mitigate the risk of such an incident occurring within the organization.

    Which of the following is the MOST cost effective way to mitigate such a risk?

    A. Require hardware tokens to be replaced on a yearly basis.
    B. Implement a biometric factor into the token response process.
    C. Force passwords to be changed every 90 days.
    D. Use PKI certificates as part of the VPN authentication process.

  • Question 379:

    An organization determined that each of its remote sales representatives must use a smartphone for email access.

    The organization provides the same centrally manageable model to each person.

    Which of the following mechanisms BEST protects the confidentiality of the resident data?

    A. Require dual factor authentication when connecting to the organization's email server.
    B. Require each sales representative to establish a PIN to access the smartphone and limit email storage to two weeks.
    C. Require encrypted communications when connecting to the organization's email server.
    D. Require a PIN and automatic wiping of the smartphone if someone enters a specific number of incorrect PINs.

  • Question 380:

    There have been some failures of the company's customer-facing website. A security engineer has analyzed the root cause to be the WAF. System logs show that the WAF has been down for 14 total hours over the past month in four separate situations. One of these situations was a two hour scheduled maintenance activity aimed to improve the stability of the WAF.

    Which of the following is the MTTR, based on the last month's performance figures?

    A. 3 hours
    B. 3.5 hours
    C. 4 hours
    D. 4.666 hours

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.