CertBus ensures to provide the most update CAS-001 CompTIA Advanced Security Practitioner exam questions with the most accurate answers. CertBus CompTIA Advanced Security Practitioner CAS-001 are the most complete and authoritative exam preparation materials with which one can pass the CompTIA Advanced Security Practitioner CAS-001 exam in an easy way. Preparing for CompTIA CompTIA Advanced Security Practitioner CAS-001 CompTIA Advanced Security Practitioner exam is really a tough task to accomplish. But CertBus will simplified the process.

We CertBus has our own expert team. They selected and published the latest CAS-001 preparation materials from CompTIA Official Exam-Center: http://www.certgod.com/CAS-001.html

QUESTION NO:7

The security administrator at a bank is receiving numerous reports that customers are unable to login to the

bank website. Upon further investigation, the security administrator discovers that the name associated

with the bank website points to an unauthorized IP address. Which of the following solutions will MOST

likely mitigate this type of attack?

A. Security awareness and user training

B. Recursive DNS from the root servers

C. Configuring and deploying TSIG

D. Firewalls and IDS technologies

Correct Answer: C

Section: (none)

Explanation

QUESTION NO:4

A security audit has uncovered that some of the encryption keys used to secure the company B2B

financial transactions with its partners may be too weak. The security administrator needs to implement a

process to ensure that financial transactions will not be compromised if a weak encryption key is found.

Which of the following should the security administrator implement?

A. Entropy should be enabled on all SSLv2 transactions.

B. AES256-CBC should be implemented for all encrypted data.

C. PFS should be implemented on all VPN tunnels.

D. PFS should be implemented on all SSH connections.

Correct Answer: C

Section: (none)

Explanation

QUESTION NO:9

A breach at a government agency resulted in the public release of top secret information. The Chief

Information Security Officer has tasked a group of security professionals to deploy a system which will

protect against such breaches in the future. Which of the following can the government agency deploy to

meet future security needs?

A. A DAC which enforces no read-up, a DAC which enforces no write-down, and a MAC which uses an

access matrix.

B. A MAC which enforces no write-up, a MAC which enforces no read-down, and a DAC which uses an

ACL.

C. A MAC which enforces no read-up, a MAC which enforces no write-down, and a DAC which uses an

access matrix.

D. A DAC which enforces no write-up, a DAC which enforces no read-down, and a MAC which uses an

ACL.

Correct Answer: C

Section: (none)

Explanation

QUESTION NO:2

Which of the following authentication types is used primarily to authenticate users through the use of

tickets?

A. LDAP

B. RADIUS

C. TACACS

D. Kerberos

Correct Answer: D

Section: (none)

Explanation

QUESTION NO:16

A company which manufactures ASICs for use in an IDS wants to ensure that the ASICs\’ code is not prone

to buffer and integer overflows. The ASIC technology is copyrighted and the confidentiality of the ASIC

code design is exceptionally important. The company is required to conduct internal vulnerability testing as

well as testing by a third party. Which of the following should be implemented in the SDLC to achieve

these requirements?

A. Regression testing by the manufacturer and integration testing by the third party

B. User acceptance testing by the manufacturer and black box testing by the third party

C. Defect testing by the manufacturer and user acceptance testing by the third party

D. White box unit testing by the manufacturer and black box testing by the third party

Correct Answer: D

Section: (none)

Explanation

QUESTION NO:8

A security administrator has finished building a Linux server which will host multiple virtual

machines through hypervisor technology. Management of the Linux server, including monitoring server

performance, is achieved through a third party web enabled application installed on the Linux server. The

security administrator is concerned about vulnerabilities in the web application that may allow an attacker

to retrieve data from the virtual machines. Which of the following will BEST protect the data on the virtual

machines from an attack?

A. The security administrator must install the third party web enabled application in a chroot environment.

B. The security administrator must install a software firewall on both the Linux server and the virtual

machines.

C. The security administrator must install anti-virus software on both the Linux server and the virtual

machines.

D. The security administrator must install the data exfiltration detection software on the perimeter firewall.

Correct Answer: A

Section: (none)

Explanation

QUESTION NO:14

A security audit has uncovered a lack of security controls with respect to employees\’ network account

management. Specifically, the audit reveals that employee\’s network accounts are not disabled in a timely

manner once an employee departs the organization. The company policy states that the network account

of an employee should be disabled within eight hours of termination. However, the audit shows that 5% of

the accounts were not terminated until three days after a dismissed employee departs. Furthermore, 2% of

the accounts are still active. Which of the following is the BEST course of action that the security officer

can take to avoid repeat audit findings?

A. Review the HR termination process and ask the software developers to review the identity

management code.

B. Enforce the company policy by conducting monthly account reviews of inactive accounts.

C. Review the termination policy with the company managers to ensure prompt reporting of employee

terminations.

D. Update the company policy to account for delays and unforeseen situations in account

Correct Answer: C

Section: (none)

Explanation

QUESTION NO:18

A company currently does not use any type of authentication or authorization service for remote access.

The new security policy states that all remote access must be locked down to only authorized personnel.

The policy also dictates that only authorized external networks will be allowed to access certain internal

resources. Which of the following would MOST likely need to be implemented and configured on the

company\’s perimeter network to comply with the new security policy? (Select TWO).

A. VPN concentrator

B. Firewall

C. Proxy server

D. WAP

E. Layer 2 switch

Correct Answer: AB

Section: (none)

Explanation

QUESTION NO:3

A security consultant is evaluating forms which will be used on a company website. Which of the following

techniques or terms is MOST effective at preventing malicious individuals from successfully exploiting

programming flaws in the website?

A. Anti-spam software

B. Application sandboxing

C. Data loss prevention

D. Input validation

Correct Answer: D

Section: (none)

Explanation

QUESTION NO:11

Company ABC has recently completed the connection of its network to a national high speed private re-

search network. Local businesses in the area are seeking sponsorship from Company ABC to connect to

the high speed research network by directly connecting through Company ABC\’s network. Company ABC\’s

Chief Information Officer (CIO) believes that this is an opportunity to increase revenues and visibility for

the company, as well as promote research and development in the area. Which of the following must

Company ABC require of its sponsored partners in order to document the technical security requirements

of the connection?

A. SLA

B. ISA

C. NDA

D. BPA

Correct Answer: B

Section: (none)

Explanation

CertBus exam braindumps are pass guaranteed. We guarantee your pass for the CAS-001 exam successfully with our CompTIA materials. CertBus CompTIA Advanced Security Practitioner exam PDF and VCE are the latest and most accurate. We have the best CompTIA in our team to make sure CertBus CompTIA Advanced Security Practitioner exam questions and answers are the most valid. CertBus exam CompTIA Advanced Security Practitioner exam dumps will help you to be the CompTIA specialist, clear your CAS-001 exam and get the final success.

CAS-001 Latest questions and answers on Google Drive(100% Free Download): https://drive.google.com/file/d/0B_3QX8HGRR1mUWZRUHd3UVllVjA/view?usp=sharing

CAS-001 CompTIA exam dumps (100% Pass Guaranteed) from CertBus: http://www.certgod.com/CAS-001.html [100% Exam Pass Guaranteed]

Why select/choose CertBus?

Millions of interested professionals can touch the destination of success in exams by certgod.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.

Brand	Certbus	Testking	Pass4sure	Actualtests	Others
Price	$45.99	$124.99	$125.99	$189	$69.99-99.99
Up-to-Date Dumps
Free 365 Days Update
Real Questions
Printable PDF
Test Engine
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back
Secure Payment
Privacy Protection