CAS-001 Exam Details

  • Exam Code
    :CAS-001
  • Exam Name
    :CompTIA Advanced Security Practitioner
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :493 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-001 Online Questions & Answers

  • Question 51:

    A manufacturing company is having issues with unauthorized access and modification of the controls operating the production equipment. A communication requirement is to allow the free flow of data between all network segments at the site.

    Which of the following BEST remediates the issue?

    A. Implement SCADA security measures.
    B. Implement NIPS to prevent the unauthorized activity.
    C. Implement an AAA solution.
    D. Implement a firewall to restrict access to only a single management station.

  • Question 52:

    A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplify the underlying complexity.

    Which of the following is the MOST suitable integration platform to provide event-driven and standards-based secure software architecture?

    A. Service oriented architecture (SOA)
    B. Federated identities
    C. Object request broker (ORB)
    D. Enterprise service bus (ESB)

  • Question 53:

    A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention.

    Which of the following recommendations should the consultant provide to the security administrator?

    A. Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.
    B. Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.
    C. Disable AH. Enable ESP on the internal network, and use NIPS on both networks.
    D. Enable ESP on the internal network, and place NIPS on both networks.

  • Question 54:

    The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction.

    Which of the following designs BEST supports the given requirements?

    A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator.
    B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud.
    C. A SaaS based firewall which logs to the company's local storage via SSL, and is managed by the change control team.
    D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware.

  • Question 55:

    Which of the following should be used with caution because of its ability to provide access to block level data instead of file level data?

    A. CIFS
    B. NFS
    C. iSCSI
    D. NAS

  • Question 56:

    The Chief Information Security Officer (CISO) regularly receives reports of a single department repeatedly violating the corporate security policy. The head of the department in question informs the CISO that the offending behaviors are a result of necessary business activities. The CISO assigns a junior security administrator to solve the issue.

    Which of the following is the BEST course of action for the junior security administrator to take?

    A. Work with the department head to find an acceptable way to change the business needs so the department no longer violates the corporate security policy.
    B. Draft an RFP for the purchase of a COTS product or consulting services to solve the problem through implementation of technical controls.
    C. Work with the CISO and department head to create an SLA specifying the response times of the IT security department when incidents are reported.
    D. Draft an MOU for the department head and CISO to approve, documenting the limits of the necessary behavior, and actions to be taken by both teams.

  • Question 57:

    A company has asked their network engineer to list the major advantages for implementing a virtual environment in regards to cost. Which of the following would MOST likely be selected?

    A. Ease of patch testing
    B. Reducing physical footprint
    C. Reduced network traffic
    D. Isolation of applications

  • Question 58:

    The organization has an IT driver on cloud computing to improve delivery times for IT solution provisioning. Separate to this initiative, a business case has been approved for replacing the existing banking platform for credit card processing with a newer offering. It is the security practitioner's responsibility to evaluate whether the new credit card processing platform can be hosted within a cloud environment.

    Which of the following BEST balances the security risk and IT drivers for cloud computing?

    A. A third-party cloud computing platform makes sense for new IT solutions. This should be endorsed going forward so as to align with the IT strategy. However, the security practitioner will need to ensure that the third-party cloud provider does regular penetration tests to ensure that all data is secure.
    B. Using a third-party cloud computing environment should be endorsed going forward. This aligns with the organization's strategic direction. It also helps to shift any risk and regulatory compliance concerns away from the company's internal IT department. The next step will be to evaluate each of the cloud computing vendors, so that a vendor can then be selected for hosting the new credit card processing platform.
    C. There may be regulatory restrictions with credit cards being processed out of country or processed by shared hosting providers. A private cloud within the company should be considered. An options paper should be created which outlines the risks, advantages, disadvantages of relevant choices and it should recommended a way forward.
    D. Cloud computing should rarely be considered an option for any processes that need to be significantly secured. The security practitioner needs to convince the stakeholders that the new platform can only be delivered internally on physical infrastructure.

  • Question 59:

    A corporation relies on a server running a trusted operating system to broker data transactions between different security zones on their network. Each zone is a separate domain and the only connection between the networks is via the

    trusted server.

    The three zones at the corporation are as followeD.

    Zone A connects to a network, which is also connected to the Internet through a router.

    Zone B to a closed research and development network.

    Zone C to an intermediary switch supporting a SAN, dedicated to long- term audit log and file storage, so the corporation meets compliance requirements.

    A firewall is deployed on the inside edge of the Internet connected router.

    Which of the following is the BEST location to place other security equipment?

    A. HIPS on all hosts in Zone A and B, and an antivirus and patch server in Zone C.
    B. A WAF on the switch in Zone C, an additional firewall in Zone A, and an antivirus server in Zone B.
    C. A NIPS on the switch in Zone C, an antivirus server in Zone A, and a patch server in Zone B.
    D. A NIDS on the switch in Zone C, a WAF in Zone A, and a firewall in Zone B.

  • Question 60:

    Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. Which of the following would be the advantage of conducting this kind of penetration test?

    A. The risk of unplanned server outages is reduced.
    B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on.
    C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness.
    D. The results should reflect what attackers may be able to learn about the company.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.