New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CAS-004 Exam Dumps - CompTIA Advanced Security Practitioner (CASP+) Exam

Go to page:
Question # 161

A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence.

Which of the following techniques would BEST support this?

A.

Configuring systemd services to run automatically at startup

B.

Creating a backdoor

C.

Exploiting an arbitrary code execution exploit

D.

Moving laterally to a more authoritative server/service

Full Access
Question # 162

A small business would like to provide guests who are using mobile devices encrypted WPA3 access without first distributing PSKs or other credentials. Which of the following features will enable the business to meet this objective?

A.

Simultaneous Authentication of Equals

B.

Enhanced open

C.

Perfect forward secrecy

D.

Extensible Authentication Protocol

Full Access
Question # 163

A large number of emails have been reported, and a security analyst is reviewing the following information from the emails:

As part of the image process, which of the following is the FIRST step the analyst should take?

A.

Block the email address carl b@comptia1 com, as it is sending spam to subject matter experts

B.

Validate the final "Received" header against the DNS entry of the domain.

C.

Compare the 'Return-Path" and "Received" fields.

D.

Ignore the emails, as SPF validation is successful, and it is a false positive

Full Access
Question # 164

A security analyst at a global financial firm was reviewing the design of a cloud-based system to identify opportunities to improve the security of the architecture. The system was recently involved in a data breach after a vulnerability was exploited within a virtual machine's operating system. The analyst observed the VPC in which the system was located was not peered with the security VPC that contained the centralized vulnerability scanner due to the cloud provider's limitations. Which of the following is the BEST course of action to help prevent this situation m the near future?

A.

Establish cross-account trusts to connect all VPCs via API for secure configuration scanning.

B.

Migrate the system to another larger, top-tier cloud provider and leverage the additional VPC peering flexibility.

C.

Implement a centralized network gateway to bridge network traffic between all VPCs.

D.

Enable VPC traffic mirroring for all VPCs and aggregate the data for threat detection.

Full Access
Question # 165

A security engineer needs 10 implement a CASB to secure employee user web traffic. A Key requirement is mat relevant event data must be collected from existing on-premises infrastructure components and consumed by me CASB to expand traffic visibility. The solution must be nighty resilient to network outages. Which of the following architectural components would BEST meet these requirements?

A.

Log collection

B.

Reverse proxy

C.

AWAF

D.

API mode

Full Access
Question # 166

A company was recently infected by malware. During the root cause analysis. the company determined that several users were installing their own applications. TO prevent further compromises, the company has decided it will only allow authorized applications to run on its systems. Which Of the following should the company implement?

A.

Signing

B.

Access control

C.

HIPS

D.

Permit listing

Full Access
Question # 167

A networking team asked a security administrator to enable Flash on its web browser. The networking team explained that an important legacy embedded system gathers SNMP information from various devices. The system can only be managed through a web browser running Flash. The embedded system will be replaced within the year but is still critical at the moment.

Which of the following should the security administrator do to mitigate the risk?

A.

Explain to the networking team the reason Flash is no longer available and insist the team move up the timetable for replacement.

B.

Air gap the legacy system from the network and dedicate a laptop with an end-of-life OS on it to connect to the system via crossover cable for management.

C.

Suggest that the networking team contact the original embedded system’s vendor to get an update to the system that does not require Flash.

D.

Isolate the management interface to a private VLAN where a legacy browser in a VM can be used as needed to manage the system.

Full Access
Question # 168

A networking team was asked to provide secure remote access to all company employees. The team decided to use client-to-site VPN as a solution. During a discussion, the Chief Information Security Officer raised a security concern and asked the networking team to route the Internet traffic of remote users through the main office infrastructure. Doing this would prevent remote users from accessing the Internet through their local networks while connected to the VPN.

Which of the following solutions does this describe?

A.

Full tunneling

B.

Asymmetric routing

C.

SSH tunneling

D.

Split tunneling

Full Access
Go to page: