We seek is to supply best CompTIA CAS-001 exam dumps backed by years of experience. We are well-known in IT industry for Our
unsurpassed after-sale
service. Please feel Free to Download
CompTIA CAS-001 Demo prior to purchase. This
free demo will show the quality of our CompTIA CAS-001 Questions and answer and CompTIA CAS-001 study guide that will give you to access hundreds of actual and updated
for practicing CompTIA CAS-001
test.
Exam Name:
CompTIA
Advanced Security Practitioner
Question: 1
|
Which of the following attacks does Unicast Reverse Path
Forwarding prevent?
A. Man in the Middle
B. ARP poisoning
C. Broadcast storm
D. IP Spoofing
Answer: D
|
Question: 2
|
Which of the following authentication types is used
primarily to authenticate users through the use of tickets?
A. LDAP
B. RADIUS
C. TACACS+
D. Kerberos
Answer: D
|
Question: 3
|
A security consultant is evaluating forms which will be
used on a company website. Which of the following techniques or terms is MOST
effective at preventing malicious individuals from successfully exploiting
programming flaws in the website?
A. Anti-spam software
B. Application sandboxing
C. Data loss prevention
D. Input validation
Answer: D
|
Question: 4
|
A security audit has uncovered that some of the
encryption keys used to secure the company B2B financial transactions with its
partners may be too weak. The security administrator needs to implement a
process to ensure that financial transactions will not be compromised if a weak
encryption key is found. Which of the following should the security
administrator implement?
A. Entropy should be enabled on all SSLv2 transactions.
B. AES256-CBC should be implemented for all encrypted
data.
C. PFS should be implemented on all VPN tunnels.
D. PFS should be implemented on all SSH connections.
Answer: C
|
Question: 5
|
A company provides on-demand virtual computing for a
sensitive project. The company implements a fully virtualized datacenter and
terminal server access with two-factor authentication for access to sensitive
data. The security administrator at the company has uncovered a breach in data
confidentiality. Sensitive data was found on a hidden directory within the
hypervisor. Which of the following has MOST likely occurred?
A. A stolen two factor token and a memory mapping RAM
exploit were used to move data from one virtual guest to an unauthorized
similar token.
B. An employee with administrative access to the virtual
guests was able to dump the guest memory onto their mapped disk.
C. A host server was left un-patched and an attacker was
able to use a VMEscape attack to gain unauthorized access.
D. A virtual guest was left un-patched and an attacker
was able to use a privilege escalation attack to gain unauthorized access.
Answer: C
|
Click the link below to download demo or buy full version
only $39
No comments:
Post a Comment