Summer Limited Time 55% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 1271b8m643

CAS-004 Exam Dumps - CompTIA Advanced Security Practitioner (CASP+) Exam

Question # 4

A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage.

Which of the following is a security concern that will MOST likely need to be addressed during migration?

A.

Latency

B.

Data exposure

C.

Data loss

D.

Data dispersion

Full Access
Question # 5

An engineering team is developing and deploying a fleet of mobile devices to be used for specialized inventory management purposes. These devices should:

* Be based on open-source Android for user familiarity and ease.

* Provide a single application for inventory management of physical assets.

* Permit use of the camera be only the inventory application for the purposes of scanning

* Disallow any and all configuration baseline modifications.

* Restrict all access to any device resource other than those requirement ?

A.

Set an application wrapping policy, wrap the application, distributes the inventory APK via the MAM tool, and test the application restrictions.

B.

Write a MAC sepolicy that defines domains with rules, label the inventory application, build the policy, and set to enforcing mode.

C.

Swap out Android Linux kernel version for >2,4,0, but the internet build Android, remove unnecessary functions via MDL, configure to block network access, and perform integration testing

D.

Build and install an Android middleware policy with requirements added, copy the file into/ user/init, and then built the inventory application.

Full Access
Question # 6

An organization’s assessment of a third-party, non-critical vendor reveals that the vendor does not have cybersecurity insurance and IT staff turnover is high. The organization uses the vendor to move customer office equipment from one service location to another. The vendor acquires customer data and access to the business via an API.

Given this information, which of the following is a noted risk?

A.

Feature delay due to extended software development cycles

B.

Financial liability from a vendor data breach

C.

Technical impact to the API configuration

D.

The possibility of the vendor’s business ceasing operations

Full Access
Question # 7

A vulnerability analyst identified a zero-day vulnerability in a company’s internally developed software. Since the current vulnerability management system does not have any checks for this vulnerability, an engineer has been asked to create one.

Which of the following would be BEST suited to meet these requirements?

A.

ARF

B.

ISACs

C.

Node.js

D.

OVAL

Full Access
Question # 8

A large number of emails have been reported, and a security analyst is reviewing the following information from the emails:

As part of the image process, which of the following is the FIRST step the analyst should take?

A.

Block the email address carl b@comptia1 com, as it is sending spam to subject matter experts

B.

Validate the final "Received" header against the DNS entry of the domain.

C.

Compare the 'Return-Path" and "Received" fields.

D.

Ignore the emails, as SPF validation is successful, and it is a false positive

Full Access
Question # 9

As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents.

Which of the following BEST describes this kind of risk response?

A.

Risk rejection

B.

Risk mitigation

C.

Risk transference

D.

Risk avoidance

Full Access
Question # 10

An analyst execute a vulnerability scan against an internet-facing DNS server and receives the following report:

Which of the following tools should the analyst use FIRST to validate the most critical vulnerability?

A.

Password cracker

B.

Port scanner

C.

Account enumerator

D.

Exploitation framework

Full Access
Question # 11

The Chief information Officer (CIO) wants to establish a non-banding agreement with a third party that outlines the objectives of the mutual arrangement dealing with data transfers between both organizations before establishing a format partnership. Which of the follow would MOST likely be used?

A.

MOU

B.

OLA

C.

NDA

D.

SLA

Full Access
Question # 12

A security engineer thinks the development team has been hard-coding sensitive environment variables in its code.

Which of the following would BEST secure the company’s CI/CD pipeline?

A.

Utilizing a trusted secrets manager

B.

Performing DAST on a weekly basis

C.

Introducing the use of container orchestration

D.

Deploying instance tagging

Full Access
Question # 13

A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process memory location.

Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?

A.

Execute never

B.

No-execute

C.

Total memory encryption

D.

Virtual memory encryption

Full Access
Question # 14

An organization recently experienced a ransomware attack. The security team leader is concerned about the attack reoccurring. However, no further security measures have been implemented.

Which of the following processes can be used to identify potential prevention recommendations?

A.

Detection

B.

Remediation

C.

Preparation

D.

Recovery

Full Access
Question # 15

A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization.

Which of the following should be the analyst’s FIRST action?

A.

Create a full inventory of information and data assets.

B.

Ascertain the impact of an attack on the availability of crucial resources.

C.

Determine which security compliance standards should be followed.

D.

Perform a full system penetration test to determine the vulnerabilities.

Full Access
Question # 16

Due to locality and budget constraints, an organization’s satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.

Which of the following would be the BEST option to implement?

A.

Distributed connection allocation

B.

Local caching

C.

Content delivery network

D.

SD-WAN vertical heterogeneity

Full Access
Question # 17

A healthcare system recently suffered from a ransomware incident As a result the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits and had open RDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would BEST solve these challenges? (Select THREE).

A.

SD-WAN

B.

PAM

C.

Remote access VPN

D.

MFA

E.

Network segmentation

F.

BGP

G.

NAC

Full Access
Question # 18

A security engineer needs 10 implement a CASB to secure employee user web traffic. A Key requirement is mat relevant event data must be collected from existing on-premises infrastructure components and consumed by me CASB to expand traffic visibility. The solution must be nighty resilient to network outages. Which of the following architectural components would BEST meet these requirements?

A.

Log collection

B.

Reverse proxy

C.

AWAF

D.

API mode

Full Access
Question # 19

Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?

A.

Importing the availability of messages

B.

Ensuring non-repudiation of messages

C.

Enforcing protocol conformance for messages

D.

Assuring the integrity of messages

Full Access
Question # 20

A small business would like to provide guests who are using mobile devices encrypted WPA3 access without first distributing PSKs or other credentials. Which of the following features will enable the business to meet this objective?

A.

Simultaneous Authentication of Equals

B.

Enhanced open

C.

Perfect forward secrecy

D.

Extensible Authentication Protocol

Full Access
Question # 21

A customer reports being unable to connect to a website at www.test.com to consume services. The customer notices the web application has the following published cipher suite:

Which of the following is the MOST likely cause of the customer’s inability to connect?

A.

Weak ciphers are being used.

B.

The public key should be using ECDSA.

C.

The default should be on port 80.

D.

The server name should be test.com.

Full Access
Question # 22

An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access.

Which of the following describes the administrator’s discovery?

A.

A vulnerability

B.

A threat

C.

A breach

D.

A risk

Full Access
Question # 23

A security analyst is researching containerization concepts for an organization. The analyst is concerned about potential resource exhaustion scenarios on the Docker host due to a single application that is overconsuming available resources.

Which of the following core Linux concepts BEST reflects the ability to limit resource allocation to containers?

A.

Union filesystem overlay

B.

Cgroups

C.

Linux namespaces

D.

Device mapper

Full Access
Question # 24

A company's finance department acquired a new payment system that exports data to an unencrypted file on the system. The company implemented controls on the file so only appropriate personnel are allowed access. Which of the following risk techniques did the department use in this situation?

A.

Accept

B.

Avoid

C.

Transfer

D.

Mitigate

Full Access
Question # 25

A security analyst is reviewing the following output:

Which of the following would BEST mitigate this type of attack?

A.

Installing a network firewall

B.

Placing a WAF inline

C.

Implementing an IDS

D.

Deploying a honeypot

Full Access
Question # 26

A security consultant needs to set up wireless security for a small office that does not have Active Directory. Despite the lack of central account management, the office manager wants to ensure a high level of defense to prevent brute-force attacks against wireless authentication.

Which of the following technologies would BEST meet this need?

A.

Faraday cage

B.

WPA2 PSK

C.

WPA3 SAE

D.

WEP 128 bit

Full Access
Question # 27

A company wants to improve Its active protection capabilities against unknown and zero-day malware. Which of the following Is the MOST secure solution?

A.

NIDS

B.

Application allow list

C.

Sandbox detonation

D.

Endpoint log collection

E.

HIDS

Full Access
Question # 28

The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties. Which of the following should be implemented to BEST manage the risk?

A.

Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier’s post-contract renewal with a dedicated risk management team.

B.

Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference.

C.

Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management.

D.

Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier’s rating. Report finding units that rely on the suppliers and the various risk teams.

Full Access
Question # 29

A vulnerability assessment endpoint generated a report of the latest findings. A security analyst needs to review the report and create a priority list of items that must be addressed. Which of the following should the analyst use to create the list quickly?

A.

Business impact rating

B.

CVE dates

C.

CVSS scores

D.

OVAL

Full Access
Question # 30

A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server. To further investigate, the analyst pulls the event logs directly from /var/log/auth.log: graphic.ssh_auth_log.

Which of the following actions would BEST address the potential risks by the activity in the logs?

A.

Alerting the misconfigured service account password

B.

Modifying the AllowUsers configuration directive

C.

Restricting external port 22 access

D.

Implementing host-key preferences

Full Access
Question # 31

A company security engineer arrives at work to face the following scenario:

1) Website defacement

2) Calls from the company president indicating the website needs to be fixed Immediately because It Is damaging the brand

3) A Job offer from the company's competitor

4) A security analyst's investigative report, based on logs from the past six months, describing how lateral movement across the network from various IP addresses originating from a foreign adversary country resulted in exfiltrated data

Which of the following threat actors Is MOST likely involved?

A.

Organized crime

B.

Script kiddie

C.

APT/nation-state

D.

Competitor

Full Access
Question # 32

A security engineer was auditing an organization’s current software development practice and discovered that multiple open-source libraries were Integrated into the organization’s software. The organization currently performs SAST and DAST on the software it develops.

Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?

A.

Perform additional SAST/DAST on the open-source libraries.

B.

Implement the SDLC security guidelines.

C.

Track the library versions and monitor the CVE website for related vulnerabilities.

D.

Perform unit testing of the open-source libraries.

Full Access
Question # 33

A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the company is concerned about HTTPS interception attacks.

Which of the following would be the BEST solution against this type of attack?

A.

Cookies

B.

Wildcard certificates

C.

HSTS

D.

Certificate pinning

Full Access
Question # 34

A security engineer at a company is designing a system to mitigate recent setbacks caused competitors that are beating the company to market with the new products. Several of the products incorporate propriety enhancements developed by the engineer’s company. The network already includes a SEIM and a NIPS and requires 2FA for all user access. Which of the following system should the engineer consider NEXT to mitigate the associated risks?

A.

DLP

B.

Mail gateway

C.

Data flow enforcement

D.

UTM

Full Access