CompTIA CAS-004 Online Practice Questions and Exam Preparation

CompTIA CAS-004 Online Questions & Answers

• Question 291:

  An organization recently recovered from an attack that featured an adversary injecting Malicious logic into OS bootloaders on endpoint devices Therefore, the organization decided to require the use of TPM for measured boot and attestation, monitoring each component from the IJEFI through the full loading of OS components. of the following TPM structures enables this storage functionality?

  A. Endorsement tickets
  B. Clock/counter structures
  C. Command tag structures with MAC schemes
  D. Platform configuration registers
  D. Platform configuration registers

  ---

  Explanation

• Question 292:

  A security architect discovers the following page while testing a website for vulnerabilities:

  404 - page not found: /gy67162 The page you have requested is no. avai.able on .his server. Apache Tomcat 7.0.52

  Which of the following best describes why this issue should be corrected?

  A. The website is generating a server error.
  B. The URL for this page can be used for directory traversal.
  C. The website fuzzing tool has overloaded the server's capacity.
  D. The information can be used for more targeted attacks.
  D. The information can be used for more targeted attacks.

  ---

  Explanation

  The information disclosed in the error message (e.g., "Apache Tomcat 7.0.52") provides attackers insights into the software version, which may have known vulnerabilities. Correcting this issue ensures that attackers cannot use the disclosed

  information to tailor more sophisticated or targeted attacks.

  Best practices include suppressing unnecessary error details to mitigate the risk of information disclosure.

  CASP+ Exam Objectives 5.3 ?Mitigate vulnerabilities related to service information leakage.

• Question 293:

  A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization. Which of the following should be the analyst's FIRST action?

  A. Create a full inventory of information and data assets.
  B. Ascertain the impact of an attack on the availability of crucial resources.
  C. Determine which security compliance standards should be followed.
  D. Perform a full system penetration test to determine the vulnerabilities.
  A. Create a full inventory of information and data assets.

  ---

  Explanation

• Question 294:

  A penetration tester is given an assignment to gam physical access to a secure facility with perimeter cameras. The secure facility does not accept visitors, and entry is available only through a door protected by an RFID key and a guard stationed inside the door.

  Which of the following would be BEST for the penetration tester to attempt?

  A. Gain entry into the building by posing as a contractor who is performing routine building maintenance
  B. Tailgate into the facility with an employee who has a valid RFID badge to enter
  C. Duplicate an employee's RFID badge and use an IR camera to see when the guard leaves the post
  D. Look for an open window that can be used to gain unauthorized entry into the facility.
  C. Duplicate an employee's RFID badge and use an IR camera to see when the guard leaves the post

  ---

  Explanation

• Question 295:

  A security analyst discovered that the company's WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests:

  

  Which of the following would BEST mitigate this vulnerability?

  A. CAPTCHA
  B. Input validation
  C. Data encoding
  D. Network intrusion prevention
  B. Input validation

  ---

  Explanation

  https://hdivsecurity.com/owasp-xml-external-entities-xxe

• Question 296:

  An internal security audit determines that Telnet is currently being used within the environment to manage network switches. Which of the following tools should be utilized to identify credentials in plaintext that are used to log in to these devices?

  A. Fuzzer
  B. Network traffic analyzer
  C. HTTP interceptor
  D. Port scanner
  E. Password cracker
  B. Network traffic analyzer

  ---

  Explanation

  A network traffic analyzer (also known as a packet sniffer or protocol analyzer) captures and inspects the data packets traveling over the network. Since Telnet transmits data, including credentials, in plaintext, a network traffic analyzer can be used to capture the packets containing the login credentials as they are sent over the network. Tools like Wireshark are commonly used for this purpose and can help identify and analyze the plaintext credentials.

• Question 297:

  A networking team asked a security administrator to enable Flash on its web browser. The networking team explained that an important legacy embedded system gathers SNMP information from various devices. The system can only be managed through a web browser running Flash. The embedded system will be replaced within the year but is still critical at the moment.

  Which of the following should the security administrator do to mitigate the risk?

  A. Explain to the networking team the reason Flash is no longer available and insist the team move up the timetable for replacement.
  B. Air gap the legacy system from the network and dedicate a laptop with an end-of-life OS on it to connect to the system via crossover cable for management.
  C. Suggest that the networking team contact the original embedded system's vendor to get an update to the system that does not require Flash.
  D. Isolate the management interface to a private VLAN where a legacy browser in a VM can be used as needed to manage the system.
  D. Isolate the management interface to a private VLAN where a legacy browser in a VM can be used as needed to manage the system.

  ---

  Explanation

• Question 298:

  A security engineer is assessing a new tool to segment data and communications between domains. The assessment must determine how data transmission controls can be bypassed without detection. Which of the following techniques should the security engineer use?

  A. Machine-learning statistical analysis
  B. Fuzz testing
  C. Covert channel analysis
  D. Protocol analysis
  C. Covert channel analysis

  ---

  Explanation

• Question 299:

  A security administrator is confirming specific ports and IP addresses that are monitored by the IPS- IDS system as well as the firewall placement on the perimeter network between the company and a new business partner Which of the following business documents defines the parameters the security administrator must confirm?

  A. BIA
  B. ISA
  C. NDA
  D. MOU
  B. ISA

  ---

  Explanation

  ISA (Interconnection Security Agreement): An ISA is a formal agreement between two organizations that details how they will securely connect and exchange information.

• Question 300:

  An organization is preparing to migrate its production environment systems from an on-premises environment to a cloud service. The lead security architect is concerned that the organization's current methods for addressing risk may not be possible in the cloud environment.

  Which of the following BEST describes the reason why traditional methods of addressing risk may not be possible in the cloud?

  A. Migrating operations assumes the acceptance of all risk.
  B. Cloud providers are unable to avoid risk.
  C. Specific risks cannot be transferred to the cloud provider.
  D. Risks to data in the cloud cannot be mitigated.
  C. Specific risks cannot be transferred to the cloud provider.

  ---

  Explanation

  A makes no sense since the CSP isn't the data owner

  B: Cloud providers could avoid the risk via contract

  C: Cloud migrations are always a shared risk responsibility but ultimately the data owner/user has the most risk because they have the most to lose.

  D: You can mitigate risks with technical and administrative controls in both cloud and on-premises