CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 401:

    A security administrator is redesigning, and implementing a service-oriented architecture to replace an old, in-house software processing system, tied to a corporate sales website. After performing the business process analysis, the administrator decides the services need to operate in a dynamic fashion. The company has also been the victim of data injection attacks in the past and needs to build in mitigation features.

    Based on these requirements and past vulnerabilities, which of the following needs to be incorporated into the SOA?

    A. Point to point VPNs for all corporate intranet users.
    B. Cryptographic hashes of all data transferred between services.
    C. Service to service authentication for all workflows.
    D. Two-factor authentication and signed code

  • Question 402:

    An employee of a company files a complaint with a security administrator. While sniffing network traffic, the employee discovers that financially confidential emails were passing between two warehouse users. The two users deny sending confidential emails to each other.

    Which of the following security practices would allow for non-repudiation and prevent network sniffers from reading the confidential mail? (Select TWO).

    A. Transport encryption
    B. Authentication hashing
    C. Digital signature
    D. Legal mail hold
    E. TSIG code signing

  • Question 403:

    The company's marketing department needs to provide more real-time interaction with its partners and consumers and decides to move forward with a presence on multiple social networking sites for sharing information. Which of the following minimizes the potential exposure of proprietary information?

    A. Require each person joining the company's social networking initiative to accept a non- disclosure agreement.
    B. Establish a specific set of trained people that can release information on the organization's behalf.
    C. Require a confidential statement be attached to all information released to the social networking sites.
    D. Establish a social media usage policy and provide training to all marketing employees.

  • Question 404:

    A growing corporation is responding to the needs of its employees to access corporate email and other resources while traveling. The company is implementing remote access for company laptops.

    Which of the following security systems should be implemented for remote access? (Select TWO).

    A. Virtual Private Network
    B. Secure Sockets Layer for web servers
    C. Network monitoring
    D. Multifactor authentication for users
    E. Full disk encryption
    F. Intrusion detection systems

  • Question 405:

    A company is planning to deploy an in-house Security Operations Center (SOC). One of the new requirements is to deploy a NIPS solution into the Internet facing environment. The SOC highlighted the following requirements:

    Perform fingerprinting on unfiltered inbound traffic to the company

    Monitor all inbound and outbound traffic to the DMZ's

    In which of the following places should the NIPS be placed in the network?

    A. In front of the Internet firewall and in front of the DMZs
    B. In front of the Internet firewall and in front of the internal firewall
    C. In front of the Internet firewall and behind the internal firewall
    D. Behind the Internet firewall and in front of the DMZs

  • Question 406:

    The Universal Research Association has just been acquired by the Association of Medical Business Researchers. The new conglomerate has funds to upgrade or replace hardware as part of the acquisition, but cannot fund labor for major software projects.

    Which of the following will MOST likely result in some IT resources not being integrated?

    A. One of the companies may use an outdated VDI.
    B. Corporate websites may be optimized for different web browsers.
    C. Industry security standards and regulations may be in conflict.
    D. Data loss prevention standards in one company may be less stringent.

  • Question 407:

    The Chief Information Security Officer (CISO) of a small bank wants to embed a monthly testing regiment into the security management plan specifically for the development area. The CISO's requirements are that testing must have a low risk of impacting system stability, can be scripted, and is very thorough. The development team claims that this will lead to a higher degree of test script maintenance and that it would be preferable if the testing was outsourced to a third party. The

    CISO still maintains that third-party testing would not be as thorough as the third party lacks the introspection of the development team.

    Which of the following will satisfy the CISO requirements?

    A. Grey box testing performed by a major external consulting firm who have signed a NDA.
    B. Black box testing performed by a major external consulting firm who have signed a NDA.
    C. White box testing performed by the development and security assurance teams.
    D. Grey box testing performed by the development and security assurance teams.

  • Question 408:

    Which of the following activities is commonly deemed "OUT OF SCOPE" when undertaking a penetration test?

    A. Test password complexity of all login fields and input validation of form fields
    B. Reverse engineering any thick client software that has been provided for the test
    C. Undertaking network-based denial of service attacks in production environment
    D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks
    E. Running a vulnerability scanning tool to assess network and host weaknesses

  • Question 409:

    During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance to regulations. The audit discovers that 40% of the desktops do not meet requirements.

    Which of the following is the cause of the noncompliance?

    A. The devices are being modified and settings are being overridden in production.
    B. The patch management system is causing the devices to be noncompliant after issuing the latest patches.
    C. The desktop applications were configured with the default username and password.
    D. 40% of the devices have been compromised.

  • Question 410:

    A newly-hired Chief Information Security Officer (CISO) is faced with improving security for a company with low morale and numerous disgruntled employees. After reviewing the situation for several weeks the CISO publishes a more comprehensive security policy with associated standards.

    Which of the following issues could be addressed through the use of technical controls specified in the new security policy?

    A. Employees publishing negative information and stories about company management on social network sites and blogs.
    B. An employee remotely configuring the email server at a relative's company during work hours.
    C. Employees posting negative comments about the company from personal phones and PDAs.
    D. External parties cloning some of the company's externally facing web pages and creating look-alike sites.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.