경쟁이 치열한 IT업계에서 굳굳한 자신만의 자리를 찾으려면 국제적으로 인정받는 IT자격증 취득은 너무나도 필요합니다. CompTIA Advanced Security Practitioner CAS-001시험은 IT인사들중에서 뜨거운 인기를 누리고 있습니다. Pass4Test는 IT인증시험에 대비한 시험전 공부자료를 제공해드리는 전문적인 사이트입니다.한방에 쉽게 CompTIA Advanced Security Practitioner CAS-001시험에서 고득점으로 패스하고 싶다면 Pass4Test의 CompTIA Advanced Security Practitioner CAS-001덤프를 선택하세요.저렴한 가격에 비해 너무나도 높은 시험적중율과 시험패스율, 언제나 여러분을 위해 최선을 다하는 Pass4Test가 되겠습니다.
NO.1 A system administrator is troubleshooting a possible denial of service on a sensitive system.
The system seems to run properly for a few hours after it is restarted, but then it suddenly stops
processing transactions. The system administrator suspects an internal DoS caused by a disgruntled
developer who is currently seeking a new job while still working for the company. After looking into
various system logs, the system administrator looks at the following output from the main system
service responsible for processing incoming transactions.
DATE/TIMEPIDCOMMAND%CPUMEM
031020141030002055com.proc10.2920K
031020141100002055com.proc12.35.2M
031020141230002055com.proc22.022M
031020141300002055com.proc33.01.6G
031020141330002055com.proc30.28.0G
Which of the following is the MOST likely cause for the DoS?
A. The system does not implement proper garbage collection.
B. The system is susceptible to integer overflow.
C. The system does not implement input validation.
D. The system does not protect against buffer overflows properly.
Answer: A
NO.2 CORRECT TEXT
An administrator wants to install a patch to an application. Given the scenario, download, verify and
install the patch in the most secure manner. Instructions The last install that is completed will be the
final submission
Answer:
You need to check the hash value of download software with md5 utility.
Explanation:
Check the below images for more details:
NO.3 A security administrator was doing a packet capture and noticed a system communicating with
an address within the 2001::/32 prefix. The network administrator confirms there is no IPv6 routing
into or out of the network. Which of the following is the BEST course of action?
A. Investigate the network traffic and block UDP port 3544 at the firewall
B. Remove the system from the network and disable IPv6 at the router
C. Locate and remove the unauthorized 6to4 relay from the network
D. Disable the switch port and block the 2001::/32 traffic at the firewall
Answer: A
NO.4 A large organization has recently suffered a massive credit card breach. During the months of
Incident Response, there were multiple attempts to assign blame as to whose fault it was that the
incident occurred. In which part of the incident response phase would this be addressed in a
controlled and productive manner?
A. During the Identification Phase
B. During the Lessons Learned phase
C. During the Containment Phase
D. During the Preparation Phase
Answer: B
NO.5 As part of a new wireless implementation, the Chief Information Officer's (CIO's) main objective
is to immediately deploy a system that supports the 802.11r standard, which will help wireless VoIP
devices in moving vehicles. However, the 802.11r standard was not ratified by the IETF. The wireless
vendor's products do support the pre-ratification version of 802.11r. The security and network
administrators have tested the product and do not see any security or compatibility issues; however,
they are concerned that the standard is not yet final. Which of the following is the BEST way to
proceed?
A. Purchase the equipment now, but do not use 802.11r until the standard is ratified.
B. Do not purchase the equipment now as the client devices do not yet support 802.11r.
C. Purchase the equipment now, as long as it will be firmware upgradeable to the final 802.11r
standard.
D. Do not purchase the equipment now; delay the implementation until the IETF has ratified the final
802.11r standard.
Answer: C
NO.6 A company has been purchased by another agency and the new security architect has
identified new security goals for the organization. The current location has video surveillance
throughout the building and entryways. The following requirements must be met:
1.Ability to log entry of all employees in and out of specific areas
2.Access control into and out of all sensitive areas
3.Two-factor authentication
Which of the following would MOST likely be implemented to meet the above requirements and
provide a secure solution? (Select TWO).
A. Proximity readers
B. Visitor logs
C. Biometric readers
D. Motion detection sensors
E. Mantrap
Answer: A,C
NO.7 A manager who was attending an all-day training session was overdue entering bonus and
payroll information for subordinates. The manager felt the best way to get the changes entered while
in training was to log into the payroll system, and then activate desktop sharing with a trusted
subordinate. The manager granted the subordinate control of the desktop thereby giving the
subordinate full access to the payroll system. The subordinate did not have authorization to be in the
payroll system. Another employee reported the incident to the security team. Which of the following
would be the MOST appropriate method for dealing with this issue going forward?
A. Provide targeted security awareness training and impose termination for repeat violators.
B. Block desktop sharing and web conferencing applications and enable use only with approval.
C. Actively monitor the data traffic for each employee using desktop sharing or web conferencing
applications.
D. Permanently block desktop sharing and web conferencing applications and do not allow its use at
the company.
Answer: A
NO.8 Company Z is merging with Company A to expand its global presence and consumer base. This
purchase includes several offices in different countries. To maintain strict internal security and
compliance requirements, all employee activity may be monitored and reviewed. Which of the
following would be the MOST likely cause for a change in this practice?
A. The excessive time it will take to merge the company's information systems.
B. Countries may have different legal or regulatory requirements.
C. Company A might not have adequate staffing to conduct these reviews.
D. The companies must consolidate security policies during the merger.
Answer: B