CompTIA CAS-004 Online Practice Questions and Exam Preparation

CompTIA CAS-004 Online Questions & Answers

• Question 561:

  A company was recently infected by malware. During the root cause analysis. the company determined that several users were installing their own applications. TO prevent further compromises, the company has decided it will only allow authorized applications to run on its systems. Which Of the following should the company implement?

  A. Signing
  B. Access control
  C. HIPS
  D. Permit listing
  D. Permit listing

  ---

  Explanation

• Question 562:

  Which of the following is MOST commonly found in a network SLA contract?

  A. Price for extra services
  B. Performance metrics
  C. Service provider responsibility only
  D. Limitation of liability
  E. Confidentiality and non-disclosure
  B. Performance metrics

  ---

  Explanation

• Question 563:

  A security analyst is attempting to identify code that is vulnerable to butler and integer overflow attacks. Which of the following code snippets is safe from these types of attacks?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  B. Option B

  ---

  Explanation

• Question 564:

  A security tester is performing a black-box assessment of an RFID access control system. The tester has a handful of RFID tags and is able to access the reader. However the tester cannot disassemble the reader because it is in use by the

  company.

  Which of the following shows the steps the tester should take to assess the RFID access control system in the correct order?

  A. 1 Attempt to eavesdrop and replay RFID communications. 2.Determine the protocols being used between the tag and the reader. 3.Retrieve the RFID tag identifier and manufacturer details. 4.Take apart an RFID tag and analyze the chip.
  B. 1. Determine the protocols being used between the tag and the reader. 2.Take apart an RFID tag and analyze the chip. 3.Retrieve the RFID tag identifier and manufacturer details. 4.Attempt to eavesdrop and replay RFID communications.
  C. 1. Retrieve the RFID tag identifier and manufacturer details. 2. Determine the protocols is being used between the tag and the reader. 3 Attempt to eavesdrop and replay RFID communications. 4. Take apart an RFID tag and analyze the chip.
  D. 1 Take apart an RFID tag and analyze the chip. 2.Retrieve the RFID tag identifier and manufacturer details. 3.Determine the protocols being used between the tag and the reader. 4.Attempt to eavesdrop and replay RFID communications.
  B. 1. Determine the protocols being used between the tag and the reader. 2.Take apart an RFID tag and analyze the chip. 3.Retrieve the RFID tag identifier and manufacturer details. 4.Attempt to eavesdrop and replay RFID communications.

  ---

  Explanation

• Question 565:

  A company recently implemented a CI/CD pipeline and is now concerned with the current state of its software development processes. The company wants to augment its CI/CD pipeline with a solution to:

  1.Prevent code configuration drifts.

  2.Ensure coding standards are followed.

  Which of the following should the company implement to address these concerns? (Choose two.)

  A. Code signing
  B. Fuzzers
  C. Dynamic code analysis
  D. Manual approval processes
  E. Linters
  F. Regression testing
  E. Linters
  F. Regression testing

  ---

  Explanation

  linters will ensure good coding practice are implement Linters are tools that analyze the source code of a software program and check for errors, bugs, style, or quality issues. Linters can help developers write better, cleaner, and more consistent code, as well as prevent potential security vulnerabilities or performance problems. Linters can be integrated with various development environments, such as IDEs, editors, or CI/CD pipelines, and can be configured with different rules and standards, depending on the programming language, framework regression testing will prevent code configuration drift, unauthorized modification

• Question 566:

  A security architect discovers the following while reviewing code for a company's website: selection = "SELECT Item FROM Catalog WHERE ItemID * " and Request("ItemID")

  Which of the following should the security architect recommend?

  A. Client-side processing
  B. Query parameterization
  C. Data normalization
  D. Escape character blocking
  E. URL encoding
  B. Query parameterization

  ---

  Explanation

  Query parameterization prevents SQL injection attacks by separating SQL commands from data inputs. This ensures that user-supplied input cannot be executed as part of a SQL query. In the given code, lack of parameterization could allow attackers to manipulate the ItemID parameter maliciously. This aligns with CASP+ objective 1.5, focusing on secure coding practices to mitigate application vulnerabilities.

• Question 567:

  A new, online file hosting service is being offered. The service has the following security requirements:

  1.Threats to customer data integrity and availability should be remediated first.

  2.The environment should be dynamic to match increasing customer demands.

  3.The solution should not interfere with customers' ability to access their data at anytime.

  4.Security analysts should focus on high-risk items.

  Which of the following would BEST satisfy the requirements?

  A. Expanding the use of IPS and NGFW devices throughout the environment
  B. Increasing the number of analysts to identify risks that need remediation
  C. Implementing a SOAR solution to address known threats
  D. Integrating enterprise threat feeds in the existing SIEM
  C. Implementing a SOAR solution to address known threats

  ---

  Explanation

• Question 568:

  A security technician is trying to connect a remote site to the central office over a site-to-site VPN. The technician has verified the source and destination IP addresses are correct, but the technician is unable to get the remote site to connect. The following error message keeps repeating:

  An error has occurred during Phase 1 handshake. Deleting keys and retrying...

  Which of the following is most likely the reason the connection is failing?

  A. The IKE hashing algorithm uses different key lengths on each VPN device.
  B. The IPSec settings allow more than one cipher suite on both devices.
  C. The Diffie-Hellman group on both sides matches but is a legacy group.
  D. The remote VPN is attempting to connect with a protocol other than SSL/TLS.
  A. The IKE hashing algorithm uses different key lengths on each VPN device.

  ---

  Explanation

• Question 569:

  A software developer needs to add an authentication method to a web application. The following requirements must be met:

  1.The web application needs to use well-supported standards.

  2.The initial login to the web application should rely on an outside, trusted third party.

  3.The login needs to be maintained for up to six months.

  Which of the following would best support these requirements? (Select two).

  A. SAML
  B. Kerberos
  C. JWT
  D. RADIUS
  E. EAP
  F. Remote attestation
  A. SAML
  C. JWT

  ---

  Explanation

  To meet the requirements for authentication using trusted third parties and session maintenance, SAML (Security Assertion Markup Language) and JWT (JSON Web Token) are the best options. SAML is widely used for single sign-on (SSO)

  and federated authentication, allowing users to authenticate with an external identity provider (trusted third party). JWT is commonly used for maintaining authenticated sessions across web applications and is well-suited for long-term session

  management, like the six-month duration mentioned. Together, these solutions meet the requirements for standards-based authentication and long-lasting sessions. CASP+ discusses the role of SAML in federated identity management and

  JWT in token-based authentication.

  References:

  CASP+ CAS-004 Exam Objectives: Domain 2.0

  Enterprise Security Operations (Federated Identity Management, JWT, SAML)

  CompTIA CASP+ Study Guide: Web Application Authentication with SAML and JWT

• Question 570:

  Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?

  A. Importing the availability of messages
  B. Ensuring non-repudiation of messages
  C. Enforcing protocol conformance for messages
  D. Assuring the integrity of messages
  D. Assuring the integrity of messages

  ---

  Explanation