CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 441:

    A Chief Information Security Officer (CISO) of a major consulting firm has significantly increased the company's security posture; however, the company is still plagued by data breaches of misplaced assets. These data breaches as a result have led to the compromise of sensitive corporate and client data on at least 25 occasions. Each employee in the company is provided a laptop to perform company business.

    Which of the following actions can the CISO take to mitigate the breaches?

    A. Reload all user laptops with full disk encryption software immediately.
    B. Implement full disk encryption on all storage devices the firm owns.
    C. Implement new continuous monitoring procedures.
    D. Implement an open source system which allows data to be encrypted while processed.

  • Question 442:

    A security officer is leading a lessons learned meeting.

    Which of the following should be components of that meeting? (Select TWO).

    A. Demonstration of IPS system
    B. Review vendor selection process
    C. Calculate the ALE for the event
    D. Discussion of event timeline
    E. Assigning of follow up items

  • Question 443:

    A system administrator needs to develop a policy for when an application server is no longer needed. Which of the following policies would need to be developed?

    A. Backup policy
    B. De-provisioning policy
    C. Data retention policy
    D. Provisioning policy

  • Question 444:

    Within the company, there is executive management pressure to start advertising to a new target market. Due to the perceived schedule and budget inefficiencies of engaging a technology business unit to commission a new micro-site, the marketing department is engaging third parties to develop the site in order to meet time-to-market demands.

    From a security perspective, which of the following options BEST balances the needs between marketing and risk management?

    A. The third party should be contractually obliged to perform adequate security activities, and evidence of those activities should be confirmed by the company prior to launch.
    B. Outsourcing is a valid option to increase time-to-market. If a security incident occurs, it is not of great concern as the reputational damage will be the third party's responsibility.
    C. The company should never outsource any part of the business that could cause a security or privacy incident. It could lead to legal and compliance issues.
    D. If the third party has an acceptable record to date on security compliance and is provably faster and cheaper, then it makes sense to outsource in this specific situation.

  • Question 445:

    A small company's Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company's security posture with regard to targeted attacks. Which of the following should the CSO conduct FIRST?

    A. Survey threat feeds from analysts inside the same industry.
    B. Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic.
    C. Conduct an internal audit against industry best practices to perform a gap analysis.
    D. Deploy a UTM solution that receives frequent updates from a trusted industry vendor.

  • Question 446:

    A company is developing a new web application for its Internet users and is following a secure coding methodology.

    Which of the following methods would BEST assist the developers in determining if any unknown vulnerabilities are present?

    A. Conduct web server load tests.
    B. Conduct static code analysis.
    C. Conduct fuzzing attacks.
    D. Conduct SQL injection and XSS attacks.

  • Question 447:

    At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company.

    At 10:45 a.m. the security administrator received multiple alerts from the company's statistical anomaly-based IDS about a company database administrator performing unusual transactions.

    At 10:55 a.m. the security administrator resets the database administrator's password.

    At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user.

    Which of the following is MOST likely the cause of the alerts?

    A. The IDS logs are compromised.
    B. The new password was compromised.
    C. An input validation error has occurred.
    D. A race condition has occurred.

  • Question 448:

    Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZ's hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal.

    Which of the following BEST describes the core concerns of the security architect?

    A. Most of company XYZ's customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.
    B. The availability requirements in SLAs with each hosted customer would have to be re-written to account for the transfer of virtual machines between physical platforms for regular maintenance.
    C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.
    D. Not all of company XYZ's customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.

  • Question 449:

    Which of the following attacks does Unicast Reverse Path Forwarding prevent?

    A. Man in the Middle
    B. ARP poisoning
    C. Broadcast storm
    D. IP Spoofing

  • Question 450:

    A system administrator has a responsibility to maintain the security of the video teleconferencing system. During a self-audit of the video teleconferencing room, the administrator notices that speakers and microphones are hard-wired and wireless enabled.

    Which of the following security concerns should the system administrator have about the existing technology in the room?

    A. Wired transmissions could be intercepted by remote users.
    B. Bluetooth speakers could cause RF emanation concerns.
    C. Bluetooth is an unsecure communication channel.
    D. Wireless transmission causes interference with the video signal.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.