CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 391:

    Capital Reconnaissance, LLC is building a brand new research and testing location, and the physical security manager wants to deploy IP-based access control and video surveillance. These two systems are essential for keeping the building open for operations.

    Which of the following controls should the security administrator recommend to determine new threats against the new IP-based access control and video surveillance systems?

    A. Develop a network traffic baseline for each of the physical security systems.
    B. Air gap the physical security networks from the administrative and operational networks.
    C. Require separate non-VLANed networks and NIPS for each physical security system network.
    D. Have the Network Operations Center (NOC) review logs and create a CERT to respond to breaches.

  • Question 392:

    A certain script was recently altered by the author to meet certain security requirements, and needs to be executed on several critical servers. Which of the following describes the process of ensuring that the script being used was not altered by anyone other than the author?

    A. Digital encryption
    B. Digital signing
    C. Password entropy
    D. Code signing

  • Question 393:

    A new project initiative involves replacing a legacy core HR system, and is expected to touch many major operational systems in the company. A security administrator is engaged in the project to provide security consulting advice. In addition, there are database, network, application, HR, and transformation management consultants engaged on the project as well. The administrator has established the security requirements.

    Which of the following is the NEXT logical step?

    A. Document the security requirements in an email and move on to the next most urgent task.
    B. Organize for a requirements workshop with the non-technical project members, being the HR and transformation management consultants.
    C. Communicate the security requirements with all stakeholders for discussion and buy-in.
    D. Organize for a requirements workshop with the technical project members, being the database, network, and application consultants.

  • Question 394:

    Which of the following BEST defines the term e-discovery?

    A. A product that provides IT-specific governance, risk management, and compliance.
    B. A form of reconnaissance used by penetration testers to discover listening hosts.
    C. A synonymous term for computer emergency response and incident handling.
    D. A process of producing electronically stored information for use as evidence.

  • Question 395:

    The security administrator is responsible for the confidentiality of all corporate data. The company's servers are located in a datacenter run by a different vendor. The vendor datacenter hosts servers for many different clients, all of whom have access to the datacenter. None of the racks are physically secured. Recently, the company has been the victim of several attacks involving data injection and exfiltatration. The security administrator suspects these attacks are due to several new network based attacks facilitated by having physical access to a system.

    Which of the following BEST describes how to adapt to the threat?

    A. Apply port security to all switches, switch to SCP, and implement IPSec tunnels between devices.
    B. Apply two factor authentication, require point to point VPNs, and enable log auditing on all devices.
    C. Apply port security to all routers, switch to telnet, and implement point to point VPNs on all servers.
    D. Apply three factor authentication, implement IPSec, and enable SNMP.

  • Question 396:

    Customer Need:

    "We need the system to produce a series of numbers with no discernible mathematical progression for use by our Java based, PKI-enabled, customer facing website." Which of the following BEST restates the customer need?

    A. The system shall use a pseudo-random number generator seeded the same every time.
    B. The system shall generate a pseudo-random number upon invocation by the existing Java program.
    C. The system shall generate a truly random number based upon user PKI certificates.
    D. The system shall implement a pseudo-random number generator for use by corporate customers.

  • Question 397:

    An administrator is troubleshooting availability issues on a FCoE based storage array that uses deduplication. An administrator has access to the raw data from the SAN and wants to restore the data to different hardware. Which of the following issues may potentially occur?

    A. The existing SAN may be read-only.
    B. The existing SAN used LUN masking.
    C. The new SAN is not FCoE based.
    D. The data may not be in a usable format.

  • Question 398:

    The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required.

    Which of the following BEST describes the risk assurance officer's concerns?

    A. Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.
    B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.
    C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.
    D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues.

  • Question 399:

    Several business units have requested the ability to use collaborative web-based meeting places with third party vendors. Generally these require user registration, installation of client-based ActiveX or Java applets, and also the ability for the user to share their desktop in read-only or read-write mode.

    In order to ensure that information security is not compromised, which of the following controls is BEST suited to this situation?

    A. Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation.
    B. Hire an outside consultant firm to perform both a quantitative and a qualitative risk-based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur.
    C. Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked.
    D. Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited.

  • Question 400:

    Statement: "The system shall implement measures to notify system administrators prior to a security incident occurring." Which of the following BEST restates the above statement to allow it to be implemented by a team of software developers?

    A. The system shall cease processing data when certain configurable events occur.
    B. The system shall continue processing in the event of an error and email the security administrator the error logs.
    C. The system shall halt on error.
    D. The system shall throw an error when specified incidents pass a configurable threshold.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.