CAS-001 Questions And Answers
$78
Exam Name: CompTIA Advanced Security Practitioner
Updated: 2021-09-20
Q & A: 493
- Reviews
Why Choose PassQuestion CompTIA CAS-001 Exam Questions
Passquestion team uses professional knowledge and experience to provide CompTIA Advanced Security Practitioner CAS-001 Questions and Answers for people ready to participate in CompTIA Advanced Security Practitioner exam. The accuracy rate of CAS-001 exam questions provided by Passquestion are very high and they can 100% guarantee you pass the CompTIA CAS-001 exam successfully in the first attempt. Everyone can get CAS-001 pdf with free test engine to study. PassQuestion can promise you always have the latest version for your CompTIA CAS-001 test preparation and get your CompTIA Advanced Security Practitioner certification easily.
CAS-001 Frequently Asked Questions
Q1: Can I use CAS-001 exam Q&As in my phone?
Yes, PassQuestion provides CompTIA Advanced Security Practitioner CAS-001 pdf Q&As which you can download to study on your computer or mobile device, we also provide CAS-001 pdf free demo which from the full version to check its quality before purchasing.
Q2: What are the formats of your CompTIA CAS-001 exam questions?
PassQuestion provides CompTIA CAS-001 exam questions with pdf format and software format, pdf file will be sent in attachment and software file in a download link, you need to download the link in a week, it will be automatically invalid after a week.
Q3: How can I download my CAS-001 test questions after purchasing?
We will send CompTIA Advanced Security Practitioner CAS-001 test questions to your email once we receive your order, pls make sure your email address valid or leave an alternate email.
Q4: How long can I get my CompTIA Advanced Security Practitioner CAS-001 questions and answers after purchasing?
We will send CompTIA Advanced Security Practitioner CAS-001 questions and answers to your email in 10 minutes in our working time and no less than 12 hours in our off time.
Working Time:
GMT+8: Monday- Saturday 8:00 AM-18:00 PM
GMT: Monday- Saturday 0:00 AM-10:00 AM
Q5: Can I pass my test with your CompTIA Advanced Security Practitioner CAS-001 practice questions only?
Sure! All of PassQuestion CompTIA Advanced Security Practitioner CAS-001 practice questions come from real test. If you can practice well and get a good score in our practice Q&As, we ensure you can pass your CompTIA Advanced Security Practitioner exam easily.
Q6: How can I know my CAS-001 updated?
You can check the number of questions, if it is changed,that means we have updated this exam ,you can contact us anytime to ask for an free update. our sales email : [email protected]
Q7: What is your refund process if I fail CompTIA CAS-001 test?
If you fail your CAS-001 test in 60 days by studying our study material, just scan your score report and send to us in attchment,when we check, we will give you full refund.
Q8. What other payment menthod can I use except Paypal?
If your country don't support Paypal, we offer another Payment method Western Union,it is also safe and fast. Pls contact us for the details, we will send it to your email.
Question No : 1
An IT administrator wants to restrict DNS zone transfers between two geographically dispersed, external company DNS name servers, and has decided to use TSIG.
Which of the following are critical when using TSIG? (Select TWO).
A. Periodic key changes once the initial keys are established between the DNS name servers.
B. Secure exchange of the key values between the two DNS name servers.
C. A secure NTP source used by both DNS name servers to avoid message rejection.
D. DNS configuration files on both DNS name servers must be identically encrypted.
E. AES encryption with a SHA1 hash must be used to encrypt the configuration files on both DNS name servers.
Which of the following are critical when using TSIG? (Select TWO).
A. Periodic key changes once the initial keys are established between the DNS name servers.
B. Secure exchange of the key values between the two DNS name servers.
C. A secure NTP source used by both DNS name servers to avoid message rejection.
D. DNS configuration files on both DNS name servers must be identically encrypted.
E. AES encryption with a SHA1 hash must be used to encrypt the configuration files on both DNS name servers.
Answer: B,C
Question No : 2
An organization recently upgraded its wireless infrastructure to support WPA2 and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only WEP compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the WPA2 requirement.
Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?
A. Create a separate SSID and WEP key to support the legacy clients and enable detection of rogue APs.
B. Create a separate SSID and WEP key on a new network segment and only allow required communication paths.
C. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.
D. Create a separate SSID and require the use of dynamic WEP keys.
Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?
A. Create a separate SSID and WEP key to support the legacy clients and enable detection of rogue APs.
B. Create a separate SSID and WEP key on a new network segment and only allow required communication paths.
C. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.
D. Create a separate SSID and require the use of dynamic WEP keys.
Answer: B
Question No : 3
Some mobile devices are jail-broken by connecting via USB cable and then exploiting software vulnerabilities to get kernel-level access. Which of the following attack types represents this scenario? (Select TWO).
A. Session management attack
B. Protocol fuzzing
C. Root-kit compromise
D. Physical attack
E. Privilege escalation
F. Man-in-the-middle
A. Session management attack
B. Protocol fuzzing
C. Root-kit compromise
D. Physical attack
E. Privilege escalation
F. Man-in-the-middle
Answer: D,E
Question No : 4
A security manager at Company ABC, needs to perform a risk assessment of a new mobile device which the Chief Information Officer (CIO) wants to immediately deploy to all employees in the company. The product is commercially available, runs a popular mobile operating system, and can connect to IPv6 networks wirelessly. The model the CIO wants to procure also includes the upgraded 160GB solid state hard drive. The producer of the device will not reveal exact numbers but experts estimate that over 73 million of the devices have been sold worldwide.
Which of the following is the BEST list of factors the security manager should consider while performing a risk assessment?
A. Ability to remotely wipe the devices, apply security controls remotely, and encrypt the SSD; the track record of the vendor in publicizing and correcting security flaws in their products; predicted costs associated with maintaining, integrating and securing the devices.
B. Ability to remotely administer the devices, apply security controls remotely, and remove the SSD; the track record of the vendor in securely implementing IPv6 with IPSec; predicted costs associated with securing the devices.
C. Ability to remotely monitor the devices, remove security controls remotely, and decrypt the SSD; the track record of the vendor in publicizing and preventing security flaws in their products; predicted costs associated with maintaining, destroying and tracking the devices.
D. Ability to remotely sanitize the devices, apply security controls locally, encrypt the SSD; the track record of the vendor in adapting the open source operating system to their platform; predicted costs associated with inventory management, maintaining, integrating and securing the devices.
Which of the following is the BEST list of factors the security manager should consider while performing a risk assessment?
A. Ability to remotely wipe the devices, apply security controls remotely, and encrypt the SSD; the track record of the vendor in publicizing and correcting security flaws in their products; predicted costs associated with maintaining, integrating and securing the devices.
B. Ability to remotely administer the devices, apply security controls remotely, and remove the SSD; the track record of the vendor in securely implementing IPv6 with IPSec; predicted costs associated with securing the devices.
C. Ability to remotely monitor the devices, remove security controls remotely, and decrypt the SSD; the track record of the vendor in publicizing and preventing security flaws in their products; predicted costs associated with maintaining, destroying and tracking the devices.
D. Ability to remotely sanitize the devices, apply security controls locally, encrypt the SSD; the track record of the vendor in adapting the open source operating system to their platform; predicted costs associated with inventory management, maintaining, integrating and securing the devices.
Answer: A
Question No : 5
After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position?
A. Least privilege
B. Job rotation
C. Mandatory vacation
D. Separation of duties
A. Least privilege
B. Job rotation
C. Mandatory vacation
D. Separation of duties
Answer: B
Question No : 6
A UNIX administrator notifies the storage administrator that extra LUNs can be seen on a UNIX server. The LUNs appear to be NTFS file systems. Which of the following MOST likely happened?
A. The iSCSI initiator was not restarted.
B. The NTFS LUNs are snapshots.
C. The HBA allocation is wrong.
D. The UNIX server is multipathed.
A. The iSCSI initiator was not restarted.
B. The NTFS LUNs are snapshots.
C. The HBA allocation is wrong.
D. The UNIX server is multipathed.
Answer: C
Question No : 7
A Chief Information Security Officer (CISO) has been trying to eliminate some IT security risks for several months. These risks are not high profile but still exist. Furthermore, many of these risks have been mitigated with innovative solutions. However, at this point in time, the budget is insufficient to deal with the risks.
Which of the following risk strategies should be used?
A. Transfer the risks
B. Avoid the risks
C. Accept the risks
D. Mitigate the risks
Which of the following risk strategies should be used?
A. Transfer the risks
B. Avoid the risks
C. Accept the risks
D. Mitigate the risks
Answer: C
Question No : 8
A number of security incidents have been reported involving mobile web-based code developed by a consulting company. Performing a root cause analysis, the security administrator of the consulting company discovers that the problem is a simple programming error that results in extra information being loaded into the memory when the proper format is selected by the user. After repeating the process several times, the security administrator is able to execute unintentional instructions through this method.
Which of the following BEST describes the problem that is occurring, a good mitigation technique to use to prevent future occurrences, and why it a security concern?
A. Problem: Cross-site scripting Mitigation Technique. Input validation Security Concern: Decreases the company¡¯s profits and cross-site scripting can enable malicious actors to compromise the confidentiality of network connections or interrupt the availability of the network.
B. Problem: Buffer overflow Mitigation Technique. Secure coding standards Security Concern: Exposes the company to liability buffer overflows and can enable malicious actors to compromise the confidentiality/availability of the data.
C. Problem: SQL injection Mitigation Technique. Secure coding standards Security Concern: Exposes the company to liability SQL injection and can enable malicious actors to compromise the confidentiality of data or interrupt the availability of a system.
D. Problem: Buffer overflow Mitigation Technique. Output validation Security Concern: Exposing the company to public scrutiny buffer overflows can enable malicious actors to interrupt the availability of a system.
Which of the following BEST describes the problem that is occurring, a good mitigation technique to use to prevent future occurrences, and why it a security concern?
A. Problem: Cross-site scripting Mitigation Technique. Input validation Security Concern: Decreases the company¡¯s profits and cross-site scripting can enable malicious actors to compromise the confidentiality of network connections or interrupt the availability of the network.
B. Problem: Buffer overflow Mitigation Technique. Secure coding standards Security Concern: Exposes the company to liability buffer overflows and can enable malicious actors to compromise the confidentiality/availability of the data.
C. Problem: SQL injection Mitigation Technique. Secure coding standards Security Concern: Exposes the company to liability SQL injection and can enable malicious actors to compromise the confidentiality of data or interrupt the availability of a system.
D. Problem: Buffer overflow Mitigation Technique. Output validation Security Concern: Exposing the company to public scrutiny buffer overflows can enable malicious actors to interrupt the availability of a system.
Answer: B
Question No : 9
A security administrator is investigating the compromise of a SCADA network that is not physically connected to any other network. Which of the following is the MOST likely cause of the compromise?
A. Outdated antivirus definitions
B. Insecure wireless
C. Infected USB device
D. SQL injection
A. Outdated antivirus definitions
B. Insecure wireless
C. Infected USB device
D. SQL injection
Answer: C
Question No : 10
An extensible commercial software system was upgraded to the next minor release version to patch a security vulnerability. After the upgrade, an unauthorized intrusion into the system was detected. The software vendor is called in to troubleshoot the issue and reports that all core components were updated properly. Which of the following has been overlooked in securing the system? (Select TWO).
A. The company¡¯s IDS signatures were not updated.
B. The company¡¯s custom code was not patched.
C. The patch caused the system to revert to http.
D. The software patch was not cryptographically signed.
E. The wrong version of the patch was used.
F. Third-party plug-ins were not patched.
A. The company¡¯s IDS signatures were not updated.
B. The company¡¯s custom code was not patched.
C. The patch caused the system to revert to http.
D. The software patch was not cryptographically signed.
E. The wrong version of the patch was used.
F. Third-party plug-ins were not patched.
Answer: B,F
Question No : 11
A network administrator notices a security intrusion on the web server.
Which of the following is noticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2 in the log file?
A. Buffer overflow
B. Click jacking
C. SQL injection
D. XSS attack
Which of the following is noticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2 in the log file?
A. Buffer overflow
B. Click jacking
C. SQL injection
D. XSS attack
Answer: D
Question No : 12
The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company¡¯s contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO).
A. Block traffic from the ISP¡¯s networks destined for blacklisted IPs.
B. Prevent the ISP¡¯s customers from querying DNS servers other than those hosted by the ISP.
C. Block traffic with a source IP not allocated to the ISP from exiting the ISP¡¯s network.
D. Scan the ISP¡¯s customer networks using an up-to-date vulnerability scanner.
E. Notify customers when services they run are involved in an attack.
A. Block traffic from the ISP¡¯s networks destined for blacklisted IPs.
B. Prevent the ISP¡¯s customers from querying DNS servers other than those hosted by the ISP.
C. Block traffic with a source IP not allocated to the ISP from exiting the ISP¡¯s network.
D. Scan the ISP¡¯s customer networks using an up-to-date vulnerability scanner.
E. Notify customers when services they run are involved in an attack.
Answer: C,E
Question No : 13
A security manager is developing new policies and procedures.
Which of the following is a best practice in end user security?
A. Employee identity badges and physical access controls to ensure only staff are allowed onsite.
B. A training program that is consistent, ongoing, and relevant.
C. Access controls to prevent end users from gaining access to confidential data.
D. Access controls for computer systems and networks with two-factor authentication.
Which of the following is a best practice in end user security?
A. Employee identity badges and physical access controls to ensure only staff are allowed onsite.
B. A training program that is consistent, ongoing, and relevant.
C. Access controls to prevent end users from gaining access to confidential data.
D. Access controls for computer systems and networks with two-factor authentication.
Answer: B
Question No : 14
A project has been established in a large bank to develop a new secure online banking platform. Half way through the development it was discovered that a key piece of software used as part of the base platform is now susceptible to recently published exploits.
Who should be contacted FIRST by the project team to discuss potential changes to the platform requirements?
A. Engineers
B. Facilities Manager
C. Stakeholders
D. Human Resources
Who should be contacted FIRST by the project team to discuss potential changes to the platform requirements?
A. Engineers
B. Facilities Manager
C. Stakeholders
D. Human Resources
Answer: C
Question No : 15
An organization is preparing to upgrade its firewall and NIPS infrastructure and has narrowed the vendor choices down to two platforms. The integrator chosen to assist the organization with the deployment has many clients running a mixture of the possible combinations of environments.
Which of the following is the MOST comprehensive method for evaluating the two platforms?
A. Benchmark each possible solution with the integrators existing client deployments.
B. Develop testing criteria and evaluate each environment in-house.
C. Run virtual test scenarios to validate the potential solutions.
D. Use results from each vendor¡¯s test labs to determine adherence to project requirements.
Which of the following is the MOST comprehensive method for evaluating the two platforms?
A. Benchmark each possible solution with the integrators existing client deployments.
B. Develop testing criteria and evaluate each environment in-house.
C. Run virtual test scenarios to validate the potential solutions.
D. Use results from each vendor¡¯s test labs to determine adherence to project requirements.
Answer: B