Give consideration when you are need for CompTIA or CompTIA accreditation or intending to buy one. Choosing and deciding ratification. Many people might this doesn?¡¥t make a difference in anyway, which can be basically inappropriate. Not until you set an objective could you move forward. Measure your own personal skill and practical experience, then find the space involving the own personal skill at the moment knowning that necessary for CompTIA CAS-001 examination. * Study and prepare. An individual) Keep an eye publications primary, since the ebook is a good tutor. Other than, guides happen to be types of cheap and simple. * 3. Explore the CompTIA Advanced Security Practitioner zone of disscusion during the That discussion boards typically as they can, where you could write about ones practical experience and tutorial through the CompTIA CAS-001 lab tests together with additional examinees. * chemical) Should you have plenty of time and funds, having a training curriculum is a superb alternative. * 4¡ê?Try several on-line evaluation. You will find evaluation queries of CAS-001 variety effortlessly. Conduct far more exercise routines and have informed about test. * Five, Browse CompTIA offical internet site typically, the newest media for the accreditation usually be published generally there. And then, register and take test. At this point sign up is rather effortless, and web-based sign up possesses bocome the normal means.
2021 Sep CAS-001 real exam
Q211. - (Topic 4)
Which of the following protocols only facilitates access control?
A. XACML
B. Kerberos
C. SPML
D. SAML
Answer: A
Q212. - (Topic 4)
Company XYZ has employed a consultant to perform a controls assessment of the HR system, backend business operations, and the SCADA system used in the factory. Which of the following correctly states the risk management options that the consultant should use during the assessment?
A. Risk reduction, risk sharing, risk retention, and risk acceptance.
B. Avoid, transfer, mitigate, and accept.
C. Risk likelihood, asset value, and threat level.
D. Calculate risk by determining technical likelihood and potential business impact.
Answer: B
Q213. - (Topic 5)
The Chief Information Officer (CIO) is focused on improving IT governance within the organization to reduce system downtime. The CIO has mandated that the following improvements be implemented:
-All business units must now identify IT risks and include them in their business risk profiles.
-Key controls must be identified and monitored.
-Incidents and events must be recorded and reported with management oversight.
-Exemptions to the information security policy must be formally recorded, approved, and managed.
-IT strategy will be reviewed to ensure it is aligned with the businesses strategy and objectives.
In addition to the above, which of the following would BEST help the CIO meet the requirements?
A. Establish a register of core systems and identify technical service owners
B. Establish a formal change management process
C. Develop a security requirement traceability matrix
D. Document legacy systems to be decommissioned and the disposal process
Answer: B
Q214. - (Topic 2)
The security administrator reports that the physical security of the Ethernet network has been breached, but the fibre channel storage network was not breached. Why might this still concern the storage administrator? (Select TWO).
A. The storage network uses FCoE.
B. The storage network uses iSCSI.
C. The storage network uses vSAN.
D. The storage network uses switch zoning.
E. The storage network uses LUN masking.
Answer: A,B
Q215. - (Topic 3)
The Linux server at Company A hosts a graphical application widely used by the company designers. One designer regularly connects to the server from a Mac laptop in the designer’s office down the hall. When the security engineer learns of this it is discovered the connection is not secured and the password can easily be obtained via network sniffing. Which of the following would the security engineer MOST likely implement to secure this connection?
Linux Server: 192.168.10.10/24
Mac Laptop: 192.168.10.200/24
A. From the server, establish an SSH tunnel to the Mac and VPN to 192.168.10.200.
B. From the Mac, establish a remote desktop connection to 192.168.10.10 using Network Layer Authentication and the CredSSP security provider.
C. From the Mac, establish a VPN to the Linux server and connect the VNC to 127.0.0.1.
D. From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to
127.0.0.1.
Answer: D
Far out CAS-001 sample question:
Q216. - (Topic 2)
The Chief Information Officer (CIO) of Company XYZ has returned from a large IT conference where one of the topics was defending against zero day attacks – specifically deploying third party patches to vulnerable software. Two months prior, the majority of the company systems were compromised because of a zero day exploit. Due to budget constraints the company only has operational systems. The CIO wants the Security Manager to research the use of these patches. Which of the following is the GREATEST concern with the use of a third party patch to mitigate another un-patched vulnerability?
A. The company does not have an adequate test environment to validate the impact of the third party patch, introducing unknown risks.
B. The third party patch may introduce additional unforeseen risks and void the software licenses for the patched applications.
C. The company’s patch management solution only supports patches and updates released directly by the vendor.
D. Another period of vulnerability will be introduced because of the need to remove the third party patch prior to installing any vendor patch.
Answer: A
Q217. - (Topic 5)
Noticing latency issues at its connection to the Internet, a company suspects that it is being targeted in a Distributed Denial of Service attack. A security analyst discovers numerous inbound monlist requests coming to the company’s NTP servers. Which of the following mitigates this activity with the LEAST impact to existing operations?
A. Block in-bound connections to the company’s NTP servers.
B. Block IPs making monlist requests.
C. Disable the company’s NTP servers.
D. Disable monlist on the company’s NTP servers.
Answer: D
Q218. - (Topic 2)
The database team has suggested deploying a SOA based system across the enterprise. The Chief Information Officer (CIO) has decided to consult the security manager about the risk implications for adopting this architecture. Which of the following are concerns that the
security manager should present to the CIO concerning the SOA system? (Select TWO).
A. Users and services are centralized and only available within the enterprise.
B. Users and services are distributed, often times over the Internet
C. SOA centrally manages legacy systems, and opens the internal network to vulnerabilities.
D. SOA abstracts legacy systems as a virtual device and is susceptible to VMEscape.
E. SOA abstracts legacy systems as web services, which are often exposed to outside threats.
Answer: B,E
Q219. - (Topic 4)
Part of the procedure for decommissioning a database server is to wipe all local disks, as well as SAN LUNs allocated to the server, even though the SAN itself is not being decommissioned. Which of the following is the reason for wiping the SAN LUNs?
A. LUN masking will prevent the next server from accessing the LUNs.
B. The data may be replicated to other sites that are not as secure.
C. Data remnants remain on the LUN that could be read by other servers.
D. The data is not encrypted during transport.
Answer: C
Q220. - (Topic 2)
The new security policy states that only authorized software will be allowed on the corporate network and all personally owned equipment needs to be configured by the IT security staff before being allowed on the network. The security administrator creates standard images with all the required software and proper security controls. These images are required to be loaded on all personally owned equipment prior to connecting to the corporate network. These measures ensure compliance with the new security policy. Which of the following security risks still needs to be addressed in this scenario?
A. An employee copying gigabytes of personal video files from the employee’s personal laptop to their company desktop to share files.
B. An employee connecting their personal laptop to use a non-company endorsed accounting application that the employee used at a previous company.
C. An employee using a corporate FTP application to transfer customer lists and other proprietary files to an external computer and selling them to a competitor.
D. An employee accidentally infecting the network with a virus by connecting a USB drive to the employee’s personal laptop.
Answer: C