Proper exam training for CAS-001 exam in a cost effective charge with money back guarantee so
that you can make most from your time and money. Our CAS-001 study guide contains the entire relevant questions and
answers by certification experts that will help you to score high. Prepare CAS-001
test like a specialist by using CAS-001
practice test which is already used by
thousands of students successfully all over the world.
Exam Name:
CompTIA
Advanced Security Practitioner
|
Question: 1
|
Which of the following attacks does Unicast Reverse Path
Forwarding prevent?
A. Man in the Middle
B. ARP poisoning
C. Broadcast storm
D. IP Spoofing
|
Answer: D
|
|
Question: 2
|
Which of the following authentication types is used
primarily to authenticate users through the use of tickets?
A. LDAP
B. RADIUS
C. TACACS+
D. Kerberos
|
Answer: D
|
|
Question: 3
|
A security consultant is evaluating forms which will be
used on a company website. Which of the following techniques or terms is MOST
effective at preventing malicious individuals from successfully exploiting
programming flaws in the website?
A. Anti-spam software
B. Application sandboxing
C. Data loss prevention
D. Input validation
|
Answer: D
|
|
Question: 4
|
A security audit has uncovered that some of the
encryption keys used to secure the company B2B financial transactions with its
partners may be too weak. The security administrator needs to implement a
process to ensure that financial transactions will not be compromised if a weak
encryption key is found. Which of the following should the security
administrator implement?
A. Entropy should be enabled on all SSLv2 transactions.
B. AES256-CBC should be implemented for all encrypted
data.
C. PFS should be implemented on all VPN tunnels.
D. PFS should be implemented on all SSH connections.
|
Answer: C
|
|
Question: 5
|
A company provides on-demand virtual computing for a
sensitive project. The company implements a fully virtualized datacenter and
terminal server access with two-factor authentication for access to sensitive
data. The security administrator at the company has uncovered a breach in data
confidentiality. Sensitive data was found on a hidden directory within the
hypervisor. Which of the following has MOST likely occurred?
A. A stolen two factor token and a memory mapping RAM
exploit were used to move data from one virtual guest to an unauthorized
similar token.
B. An employee with administrative access to the virtual
guests was able to dump the guest memory onto their mapped disk.
C. A host server was left un-patched and an attacker was
able to use a VMEscape attack to gain unauthorized access.
D. A virtual guest was left un-patched and an attacker
was able to use a privilege escalation attack to gain unauthorized access.
|
Answer: C
|
Click the link below to download demo or buy full
version only $39
No comments:
Post a Comment