Pass4Test의 CompTIA Advanced Security Practitioner CAS-001시험덤프자료는 IT인사들의 많은 찬양을 받아왔습니다.이는 Pass4Test의 CompTIA Advanced Security Practitioner CAS-001덤프가 신뢰성을 다시 한번 인증해주는것입니다.CompTIA Advanced Security Practitioner CAS-001시험덤프의 인기는 이 시험과목이 얼마나 중요한지를 증명해줍니다. Pass4Test의 CompTIA Advanced Security Practitioner CAS-001덤프로 이 중요한 IT인증시험을 준비하시면 우수한 성적으로 시험을 통과하여 인정받는 IT전문가로 될것입니다.
NO.1 A large organization has recently suffered a massive credit card breach. During the months of
Incident Response, there were multiple attempts to assign blame as to whose fault it was that the
incident occurred. In which part of the incident response phase would this be addressed in a
controlled and productive manner?
A. During the Identification Phase
B. During the Lessons Learned phase
C. During the Containment Phase
D. During the Preparation Phase
Answer: B
NO.2 The risk committee has endorsed the adoption of a security system development life cycle
(SSDLC) designed to ensure compliance with PCI-DSS, HIPAA, and meet the organization's mission.
Which of the following BEST describes the correct order of implementing a five phase SSDLC?
A. Initiation, assessment/acquisition, development/implementation, operations/maintenance and
sunset.
B. Initiation, acquisition/development, implementation/assessment, operations/maintenance and
sunset.
C. Assessment, initiation/development, implementation/assessment, operations/maintenance and
disposal.
D. Acquisition, initiation/development, implementation/assessment, operations/maintenance and
disposal.
Answer: B
NO.3 A security administrator is investigating the compromise of a software distribution website.
Forensic analysis shows that several popular files are infected with malicious code. However,
comparing a hash of the infected files with the original, non-infected files which were restored from
backup, shows that the hash is the same. Which of the following explains this?
A. The infected files were using obfuscation techniques to evade detection by antivirus software.
B. The infected files were specially crafted to exploit a collision in the hash function.
C. The infected files were using heuristic techniques to evade detection by antivirus software.
D. The infected files were specially crafted to exploit diffusion in the hash function.
Answer: B
NO.4 A company has been purchased by another agency and the new security architect has
identified new security goals for the organization. The current location has video surveillance
throughout the building and entryways. The following requirements must be met:
1.Ability to log entry of all employees in and out of specific areas
2.Access control into and out of all sensitive areas
3.Two-factor authentication
Which of the following would MOST likely be implemented to meet the above requirements and
provide a secure solution? (Select TWO).
A. Proximity readers
B. Visitor logs
C. Biometric readers
D. Motion detection sensors
E. Mantrap
Answer: A,C
NO.5 As part of a new wireless implementation, the Chief Information Officer's (CIO's) main objective
is to immediately deploy a system that supports the 802.11r standard, which will help wireless VoIP
devices in moving vehicles. However, the 802.11r standard was not ratified by the IETF. The wireless
vendor's products do support the pre-ratification version of 802.11r. The security and network
administrators have tested the product and do not see any security or compatibility issues; however,
they are concerned that the standard is not yet final. Which of the following is the BEST way to
proceed?
A. Purchase the equipment now, but do not use 802.11r until the standard is ratified.
B. Do not purchase the equipment now as the client devices do not yet support 802.11r.
C. Purchase the equipment now, as long as it will be firmware upgradeable to the final 802.11r
standard.
D. Do not purchase the equipment now; delay the implementation until the IETF has ratified the final
802.11r standard.
Answer: C
NO.6 A new IDS device is generating a very large number of irrelevant events. Which of the following
would BEST remedy this problem?
A. Change the IDS to use a heuristic anomaly filter.
B. Adjust IDS filters to decrease the number of false positives.
C. Change the IDS filter to data mine the false positives for statistical trending data.
D. Adjust IDS filters to increase the number of false negatives.
Answer: B
NO.7 CORRECT TEXT
An administrator wants to install a patch to an application. Given the scenario, download, verify and
install the patch in the most secure manner. Instructions The last install that is completed will be the
final submission
Answer:
You need to check the hash value of download software with md5 utility.
Explanation:
Check the below images for more details:
NO.8 Company Z is merging with Company A to expand its global presence and consumer base. This
purchase includes several offices in different countries. To maintain strict internal security and
compliance requirements, all employee activity may be monitored and reviewed. Which of the
following would be the MOST likely cause for a change in this practice?
A. The excessive time it will take to merge the company's information systems.
B. Countries may have different legal or regulatory requirements.
C. Company A might not have adequate staffing to conduct these reviews.
D. The companies must consolidate security policies during the merger.
Answer: B