Uploaded by xet50030

CompTIA-CAS-003

advertisement
CompTIA
CAS-003
CompTIA Advanced Security Practitioner
(CASP)
Web: www.exactinside.com
Version: Demo
Email: support@exactinside.com
[ Total Questions: 10]
IMPORTANT NOTICE
Feedback
We have developed quality product and state-of-art service to ensure our customers interest. If you have any
suggestions, please feel free to contact us at feedback@exactinside.com
Support
If you have any questions about our product, please provide the following items:
exam code
screenshot of the question
login id/email
please contact us at support@exactinside.com and our technical experts will provide support within 24 hours.
Copyright
The product of each order has its own encryption code, so you should use it independently. Any unauthorized
changes will inflict legal punishment. We reserve the right of final explanation for this statement.
Exact Questions
CompTIA - CAS-003
Question #:1
A security administrator is reviewing the following output from an offline password audit:
Which of the following should the systems administrator implement to BEST address this audit finding?
(Choose two.)
A. Cryptoprocessor
B. Bcrypt
C. SHA-256
D. PBKDF2
E. Message authentication
Answer: B D
Question #:2
An enterprise is configuring an SSL client-based VPN for certificate authentication. The trusted root certificate
from the CA is imported into the firewall, and the VPN configuration in the firewall is configured for
certificate authentication. Signed certificates from the trusted CA are distributed to user devices. The CA
certificate is set as trusted on the end-user devices, and the VPN client is configured on the end-user devices
When the end users attempt to connect however, the firewall rejects the connection after a brief period Which
of the following is the MOST likely reason the firewall rejects the connection?
A. In the firewall, compatible cipher suites must be enabled
B. In the VPN client, the CA CRL address needs to be specified manually
C. In the router, IPSec traffic needs to be allowed in bridged mode
D. In the CA. the SAN field must be set for the root CA certificate and then reissued
Answer: A
Question #:3
A security engineer is deploying an IdP to broker authentication between applications. These applications all
Find Everything , Exactly in your Exam
1 of 7
Exact Questions
CompTIA - CAS-003
utilize SAML 2.0 for authentication. Users log into the IdP with their credentials and are given a list of
applications they may access. One of the application’s authentications is not functional when a user initiates an
authentication attempt from the IdP. The engineer modifies the configuration so users browse to the
application first, which corrects the issue. Which of the following BEST describes the root cause?
A. The application only supports SP-initiated authentication.
B. The IdP only supports SAML 1.0
C. There is an SSL certificate mismatch between the IdP and the SaaS application.
D. The user is not provisioned correctly on the IdP.
Answer: A
Question #:4
A penetration tester is trying to gain access to a remote system. The tester is able to see the secure login page
and knows one user account and email address, but has not yet discovered a password.
Which of the following would be the EASIEST method of obtaining a password for the known account?
A. Man-in-the-middle
B. Reverse engineering
C. Social engineering
D. Hash cracking
Answer: C
Question #:5
A SaaS-based email service provider often receives reports from legitimate customers that their IP netblocks
are on blacklists and they cannot send email. The SaaS has confirmed that affected customers typically have IP
addresses within broader network ranges and some abusive customers within the same IP ranges may have
performed spam campaigns. Which of the following actions should the SaaS provider perform to minimize
legitimate customer impact?
A. Inform the customer that the service provider does not have any control over third-party blacklist
entries. The customer should reach out to the blacklist operator directly
B. Perform a takedown of any customer accounts that have entries on email blacklists because this is a
strong indicator of hostile behavior
C. Work with the legal department and threaten legal action against the blacklist operator if the netblocks
Find Everything , Exactly in your Exam
2 of 7
Exact Questions
CompTIA - CAS-003
C.
are not removed because this is affecting legitimate traffic
D. Establish relationship with a blacklist operators so broad entries can be replaced with more granular
entries and incorrect entries can be quickly pruned
Answer: D
Question #:6
A security analyst sees some suspicious entries in a log file from a web server website, which has a form that
allows customers to leave feedback on the company’s products. The analyst believes a malicious actor is
scanning the web form. To know which security controls to put in place, the analyst first needs to determine
the type of activity occurring to design a control. Given the log below:
Find Everything , Exactly in your Exam
3 of 7
Exact Questions
CompTIA - CAS-003
Which of the following is the MOST likely type of activity occurring?
A. SQL injection
B. XSS scanning
C. Fuzzing
D. Brute forcing
Answer: A
Find Everything , Exactly in your Exam
4 of 7
Exact Questions
CompTIA - CAS-003
Question #:7
A pharmacy gives its clients online access to their records and the ability to review bills and make payments.
A new SSL vulnerability on a special platform was discovered, allowing an attacker to capture the data
between the end user and the web server providing these services. After invest the new vulnerability, it was
determined that the web services providing are being impacted by this new threat. Which of the following data
types a MOST likely at risk of exposure based on this new threat? (Select TWO)
A. Cardholder data
B. intellectual property
C. Personal health information
D. Employee records
E. Corporate financial data
Answer: A C
Question #:8
Given the code snippet below:
Find Everything , Exactly in your Exam
5 of 7
Exact Questions
CompTIA - CAS-003
Which of the following vulnerability types in the MOST concerning?
A. Only short usernames are supported, which could result in brute forcing of credentials.
B. Buffer overflow in the username parameter could lead to a memory corruption vulnerability.
C. Hardcoded usernames with different code paths taken depend on which user is entered.
D. Format string vulnerability is present for admin users but not for standard users.
Answer: B
Question #:9
Find Everything , Exactly in your Exam
6 of 7
Exact Questions
CompTIA - CAS-003
A security assessor is working with an organization to review the policies and procedures associated with
managing the organization’s virtual infrastructure. During a review of the virtual environment, the assessor
determines the organization is using servers to provide more than one primary function, which violates a
regulatory requirement. The assessor reviews hardening guides and determines policy allows for this
configuration. It would be MOST appropriate for the assessor to advise the organization to:
A. segment dual-purpose systems on a hardened network segment with no external access
B. assess the risks associated with accepting non-compliance with regulatory requirements
C. update system implementation procedures to comply with regulations
D. review regulatory requirements and implement new policies on any newly provisioned servers
Answer: A
Question #:10
A database administrator is required to adhere to and implement privacy principles when executing daily tasks.
A manager directs the administrator to reduce the number of unique instances of PII stored within an
organization’s systems to the greatest extent possible. Which of the following principles is being
demonstrated?
A. Administrator accountability
B. PII security
C. Record transparency
D. Data minimization
Answer: D
Find Everything , Exactly in your Exam
7 of 7
About exactinside.com
exactinside.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam
Questions, Study Guides, Practice Tests.
We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially
Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.
View list of all certification exams: All vendors
We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed
below.
Sales: sales@exactinside.com
Feedback: feedback@exactinside.com
Support: support@exactinside.com
Any problems about IT certification or our products, You can write us back and we will get back to you within 24
hours.
Download