CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 41:

    The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients.

    Which of the following is MOST likely the cause of this problem?

    A. TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped.
    B. TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall.
    C. Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped.
    D. The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.

  • Question 42:

    A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs.

    Which of the following will meet this goal without requiring any hardware pass-through implementations?

    A. vTPM
    B. HSM
    C. TPM
    D. INE

  • Question 43:

    An administrator wants to integrate the Credential Security Support Provider (CredSSP) protocol network level authentication (NLA) into the remote desktop terminal services environment. Which of the following are supported authentication or encryption methods to use while implementing this? (Select THREE).

    A. Kerberos
    B. NTLM
    C. RADIUS
    D. TACACS+
    E. TLS
    F. HMAC
    G. Camellia

  • Question 44:

    Which of the following is the information owner responsible for?

    A. Developing policies, standards, and baselines.
    B. Determining the proper classification levels for data within the system.
    C. Integrating security considerations into application and system purchasing decisions.
    D. Implementing and evaluating security controls by validating the integrity of the data.

  • Question 45:

    A security manager has received the following email from the Chief Financial Officer (CFO):

    "While I am concerned about the security of the proprietary financial data in our ERP application, we have had a lot of turnover in the accounting group and I am having a difficult time meeting our monthly performance targets. As things

    currently stand, we do not allow employees to work from home but this is something I am willing to allow so we can get back on track. What should we do first to securely enable this capability for my group?"

    Based on the information provided, which of the following would be the MOST appropriate response to the CFO?

    A. Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed.
    B. Allow VNC access to corporate desktops from personal computers for the users working from home.
    C. Allow terminal services access from personal computers after the CFO provides a list of the users working from home.
    D. Work with the executive management team to revise policies before allowing any remote access.

  • Question 46:

    select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson

    Which of the following types of attacks is the user attempting?

    A. XML injection
    B. Command injection
    C. Cross-site scripting
    D. SQL injection

  • Question 47:

    The Chief Information Officer (CIO) of Company XYZ has returned from a large IT conference where one of the topics was defending against zero day attacks - specifically deploying third party patches to vulnerable software. Two months prior, the majority of the company systems were compromised because of a zero day exploit. Due to budget constraints the company only has operational systems. The CIO wants the Security Manager to research the use of these patches.

    Which of the following is the GREATEST concern with the use of a third party patch to mitigate another un-patched vulnerability?

    A. The company does not have an adequate test environment to validate the impact of the third party patch, introducing unknown risks.
    B. The third party patch may introduce additional unforeseen risks and void the software licenses for the patched applications.
    C. The company's patch management solution only supports patches and updates released directly by the vendor.
    D. Another period of vulnerability will be introduced because of the need to remove the third party patch prior to installing any vendor patch.

  • Question 48:

    After three vendors submit their requested documentation, the CPO and the SPM can better understand what each vendor does and what solutions that they can provide. But now they want to see the intricacies of how these solutions can adequately match the requirements needed by the firm.

    Upon the directive of the CPO, the CISO should submit which of the following to the three submitting firms?

    A. A TandM contract
    B. An RFP
    C. A FFP agreement
    D. A new RFQ

  • Question 49:

    A financial institution has decided to purchase a very expensive resource management system and has selected the product and vendor. The vendor is experiencing some minor, but public, legal issues. Senior management has some concerns on maintaining this system should the vendor go out of business.

    Which of the following should the Chief Information Security Officer (CISO) recommend to BEST limit exposure?

    A. Include a source code escrow clause in the contract for this system.
    B. Require proof-of-insurance by the vendor in the RFP for this system.
    C. Include a penalty clause in the contract for this system.
    D. Require on-going maintenance as part of the SLA for this system.

  • Question 50:

    The security manager is in the process of writing a business case to replace a legacy secure web gateway so as to meet an availability requirement of 99.9% service availability. According to the vendor, the newly acquired firewall has been rated with an MTBF of 10,000 hours and has an MTTR of 2 hours.

    This equates to 1.75 hours per year of downtime. Based on this, which of the following is the MOST accurate statement?

    A. The firewall will meet the availability requirement because availability will be 99.98%.
    B. The firewall will not meet the availability requirement because availability will be 85%.
    C. The firewall will meet the availability requirement because availability will be 99.993%.
    D. The firewall will not meet the availability requirement because availability will be 99.2%.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.