CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 411:

    A security administrator is tasked with securing a company's headquarters and branch offices move to unified communications. The Chief Information Officer (CIO) wants to integrate the corporate users' email, voice mail, telephony, presence and corporate messaging to internal computers, mobile users, and devices.

    Which of the following actions would BEST meet the CIO's goals while providing maximum unified communications security?

    A. Create presence groups, restrict IM protocols to the internal networks, encrypt remote devices, and restrict access to services to local network and VPN clients.
    B. Enable discretionary email forwarding restrictions, utilize QoS and Secure RTP, allow external IM protocols only over TLS, and allow port 2000 incoming to the internal firewall interface for secure SIP
    C. Set presence to invisible by default, restrict IM to invite only, implement QoS on SIP and RTP traffic, discretionary email forwarding, and full disk encryption.
    D. Establish presence privacy groups, restrict all IM protocols, allow secure RTP on session border gateways, enable full disk encryptions, and transport encryption for email security.

  • Question 412:

    The increasing complexity of attacks on corporate networks is a direct result of more and more corporate employees connecting to corporate networks with mobile and personal devices. In most cases simply banning these connections and devices is not practical because they support necessary business needs.

    Which of the following are typical risks and mitigations associated with this new trend?

    A. Risks: Data leakage, lost data on destroyed mobile devices, smaller network attack surface, prohibitive telecommunications costs Mitigations: Device Encryptions, lock screens, certificate based authentication, corporate telecom plans
    B. Risks: Confidentiality leaks through cell conversations, availability of remote corporate data, integrity of data stored on the devices Mitigations: Cellular privacy extensions, mobile VPN clients, over-the-air backups.
    C. Risks: Data exfiltration, loss of data via stolen mobile devices, increased data leakage at the network edge Mitigations: Remote data wipe capabilities, implementing corporate security on personally owned devices
    D. Risks: Theft of mobile devices, unsanctioned applications, minimal device storage, call quality Mitigations: GPS tracking, centralized approved application deployment, over-the-air backups, QoS implementation

  • Question 413:

    A company contracts with a third party to develop a new web application to process credit cards.

    Which of the following assessments will give the company the GREATEST level of assurance for the web application?

    A. Social Engineering
    B. Penetration Test
    C. Vulnerability Assessment
    D. Code Review

  • Question 414:

    The Chief Information Officer (CIO) of a technology company is likely to move away from a de- perimeterized model for employee owned devices. This is because there were too many issues with lack of patching, malware incidents, and data leakage due to lost/stolen devices which did not have full-disk encryption. The `bring your own computing' approach was originally introduced because different business units preferred different operating systems and application stacks.

    Based on the issues and user needs, which of the following is the BEST recommendation for the CIO to make?

    A. The de-perimeterized model should be kept as this is major industry trend and other companies are following this direction. Advise that the issues being faced are standard business as usual concerns in a modern IT environment.
    B. Update the policy to disallow non-company end-point devices on the corporate network. Develop security-focused standard operating environments (SOEs) for all required operating systems and ensure the needs of each business unit are met.
    C. The de-perimeterized model should be kept but update company policies to state that non- company end-points require full disk encryption, anti-virus software, and regular patching.
    D. Update the policy to disallow non-company end-point devices on the corporate network. Allow only one type of outsourced SOE to all users as this will be easier to provision, secure, and will save money on operating costs.

  • Question 415:

    The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project.

    Which of the following is the BEST course of action for the network engineer to take?

    A. Address the security concerns through the network design and security controls.
    B. Implement mitigations to the security risks and address the poor communications on the team with the project manager.
    C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.
    D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.

  • Question 416:

    After implementing port security, restricting all network traffic into and out of a network, migrating to IPv6, installing NIDS, firewalls, spam and application filters, a security administer is convinced that the network is secure. The administrator now focuses on securing the hosts on the network, starting with the servers.

    Which of the following is the MOST complete list of end-point security software the administrator could plan to implement?

    A. Anti-malware/virus/spyware/spam software, as well as a host based firewall and strong, two- factor authentication.
    B. Anti-virus/spyware/spam software, as well as a host based IDS, firewall, and strong three- factor authentication.
    C. Anti-malware/virus/spyware/spam software, as well as a host based firewall and biometric authentication.
    D. Anti-malware/spam software, as well as a host based firewall and strong, three-factor authentication.

  • Question 417:

    A security administrator has finished building a Linux server which will host multiple virtual machines through hypervisor technology. Management of the Linux server, including monitoring server performance, is achieved through a third party web enabled application installed on the Linux server. The security administrator is concerned about vulnerabilities in the web application that may allow an attacker to retrieve data from the virtual machines.

    Which of the following will BEST protect the data on the virtual machines from an attack?

    A. The security administrator must install the third party web enabled application in a chroot environment.
    B. The security administrator must install a software firewall on both the Linux server and the virtual machines.
    C. The security administrator must install anti-virus software on both the Linux server and the virtual machines.
    D. The security administrator must install the data exfiltration detection software on the perimeter firewall.

  • Question 418:

    The internal audit department is investigating a possible breach of security. One of the auditors is sent to interview the following employees:

    Employee A. Works in the accounts receivable office and is in charge of entering data into the finance system.

    Employee B. Works in the accounts payable office and is in charge of approving purchase orders.

    Employee C. Is the manager of the finance department, supervises Employee A and Employee B, and can perform the functions of both Employee A and Employee B.

    Which of the following should the auditor suggest be done to avoid future security breaches?

    A. All employees should have the same access level to be able to check on each others.
    B. The manager should only be able to review the data and approve purchase orders.
    C. Employee A and Employee B should rotate jobs at a set interval and cross-train.
    D. The manager should be able to both enter and approve information.

  • Question 419:

    A company recently experienced a malware outbreak. It was caused by a vendor using an approved non-company device on the company's corporate network that impacted manufacturing lines, causing a week of downtime to recover from the attack.

    Which of the following reduces this threat and minimizes potential impact on the manufacturing lines?

    A. Disable remote access capabilities on manufacturing SCADA systems.
    B. Require a NIPS for all communications to and from manufacturing SCADA systems.
    C. Add anti-virus and client firewall capabilities to the manufacturing SCADA systems.
    D. Deploy an ACL that restricts access from the corporate network to the manufacturing SCADA systems.

  • Question 420:

    An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the- middle attack.

    Which of the following controls should be implemented to mitigate the attack in the future?

    A. Use PAP for secondary authentication on each RADIUS server
    B. Disable unused EAP methods on each RADIUS server
    C. Enforce TLS connections between RADIUS servers
    D. Use a shared secret for each pair of RADIUS servers

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.