CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 451:

    SIMULATION

  • Question 452:

    A new vendor product has been acquired to replace a legacy perimeter security product. There are significant time constraints due to the existing solution nearing end-of-life with no options for extended support. It has been emphasized that only essential activities be performed.

    Which of the following sequences BEST describes the order of activities when balancing security posture and time constraints?

    A. Install the new solution, migrate to the new solution, and test the new solution.
    B. Purchase the new solution, test the new solution, and migrate to the new solution.
    C. Decommission the old solution, install the new solution, and test the new solution.
    D. Test the new solution, migrate to the new solution, and decommission the old solution.

  • Question 453:

    During a software development project review, the cryptographic engineer advises the project manager that security can be greatly improved by significantly slowing down the runtime of a hashing algorithm and increasing the entropy by passing the input and salt back during each iteration.

    Which of the following BEST describes what the engineer is trying to achieve?

    A. Monoalphabetic cipher
    B. Confusion
    C. Root of trust
    D. Key stretching
    E. Diffusion

  • Question 454:

    Which of the following BEST describes the implications of placing an IDS device inside or outside of the corporate firewall?

    A. Placing the IDS device inside the firewall will allow it to monitor potential internal attacks but may increase the load on the system.
    B. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks while still allowing the firewall to block the attack.
    C. Placing the IDS device inside the firewall will allow it to monitor potential remote attacks but may increase the load on the system.
    D. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks but the firewall will not be able to block the attacks.

  • Question 455:

    An administrator of a secure web server has several clients with top security clearance and prefers security over performance. By default, which of the following cipher suites would provide strong security, but at the same time the worst performance?

    A. 3DES - SHA
    B. DES - MD5
    C. Camellia - SHA
    D. RC4 - MD5

  • Question 456:

    A forensic analyst receives a hard drive containing malware quarantined by the antivirus application.

    After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected?

    A. The malware file's modify, access, change time properties.
    B. The timeline analysis of the file system.
    C. The time stamp of the malware in the swap file.
    D. The date/time stamp of the malware detection in the antivirus logs.

  • Question 457:

    Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption.

    Which of the following solutions minimizes the performance impact on the router?

    A. Deploy inline network encryption devices
    B. Install an SSL acceleration appliance
    C. Require all core business applications to use encryption
    D. Add an encryption module to the router and configure IPSec

  • Question 458:

    A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again.

    Which of the following denotes the BEST way to mitigate future malware risk?

    A. Deploy new perimeter firewalls at all stores with UTM functionality.
    B. Change antivirus vendors at the store and the corporate office.
    C. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution.
    D. Deploy a proxy server with content filtering at the corporate office and route all traffic through it.

  • Question 459:

    The security administrator has noticed a range of network problems affecting the proxy server. Based on reviewing the logs, the administrator notices that the firewall is being targeted with various web attacks at the same time that the network problems are occurring.

    Which of the following strategies would be MOST effective in conducting an in-depth assessment and remediation of the problems?

    A. 1. Deploy an HTTP interceptor on the switch span port; 2. Adjust the external facing NIDS; 3. Reconfigure the firewall ACLs to block the all traffic above port 2000; 4. Verify the proxy server is configured correctly and hardened; 5. Review the logs weekly in the future.
    B. 1. Deploy a protocol analyzer on the switch span port; 2. Adjust the internal HIDS; 3. Reconfigure the firewall ACLs to block outbound HTTP traffic; 4. Reboot the proxy server; 5. Continue to monitor the network.
    C. 1. Deploy a protocol analyzer on the switch span port; 2. Adjust the external facing IPS; 3. Reconfigure the firewall ACLs to block unnecessary ports; 4. Verify the proxy server is configured correctly and hardened; 5. Continue to monitor the network.
    D. 1. Deploy a network fuzzer on the switch span port; 2. Adjust the external facing IPS; 3. Reconfigure the proxy server to block the attacks; 4. Verify the firewall is configured correctly and hardened.

  • Question 460:

    A medium-sized company has recently launched an online product catalog. It has decided to keep the credit card purchasing in-house as a secondary potential income stream has been identified in relation to sales leads. The company has decided to undertake a PCI assessment in order to determine the amount of effort required to meet the business objectives.

    Which compliance category would this task be part of?

    A. Government regulation
    B. Industry standard
    C. Company guideline
    D. Company policy

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.