質問 1:A security consultant is evaluating forms which will be used on a company website. Which of the following techniques or terms is MOST effective at preventing malicious individuals from successfully exploiting programming flaws in the website?
A. Input validation
B. Application sandboxing
C. Data loss prevention
D. Anti-spam software
正解:A
質問 2:In order for a company to boost profits by implementing cost savings on non-core business activities, the IT manager has sought approval for the corporate email system to be hosted in the cloud. The compliance officer has been tasked with ensuring that data lifecycle issues are taken into account. Which of the following BEST covers the data lifecycle end-to-end?
A. Securing virtual environments, appliances, and equipment that handle email
B. Information classification, vendor selection, and the RFP process
C. Creation and secure destruction of mail accounts, emails, and calendar items
D. Data provisioning, processing, in transit, at rest, and de-provisioning
正解:D
質問 3:CORRECT TEXT
The IDS has detected abnormal behavior on this network. Click on the network devices to view device information. Based on this information, the following tasks should be completed:
1. Select the server that is a victim of a cross-site scripting (XSS) attack.
2. Select the source of the brute force password attack.
3. Modify the access control list (ACL) on the router(s) to ONLY block the XSS attack.
Instructions: Simulations can be reset at anytime to the initial state: however, all selections will be deleted


正解:
Please review following steps:
Explanation:
Check the below images for more details:








質問 4:A production server has been compromised. Which of the following is the BEST way to preserve the non-volatile evidence?
A. Login remotely and perform a full backup of the server.
B. Install remote backup software and copy data to write-once media.
C. Remove all power sources from the server.
D. Shut the server down and image the hard drive.
正解:D
質問 5:A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame as to whose fault it was that the incident occurred. In which part of the incident response phase would this be addressed in a controlled and productive manner?
A. During the Identification Phase
B. During the Lessons Learned phase
C. During the Preparation Phase
D. During the Containment Phase
正解:B
質問 6:An existing enterprise architecture included an enclave where sensitive research and development work was conducted. This network enclave also served as a storage location for proprietary corporate data and records. The initial security architect chose to protect the enclaveby restricting access to a single physical port on a firewall. All downstream network devices were isolated from the rest of the network and communicated solely through the single 100mbps firewall port. Over time, researchers connected devices on the protected enclave directly to external resources and corporate data stores. Mobile and wireless devices were also added to the enclave to support high speed data research. Which of the following BEST describes the process which weakened the security posture of the enclave?
A. Emerging security threats rendered the existing architecture obsolete.
B. Emerging business requirements led to the de-perimiterization of the network.
C. The single firewall port was oversaturated with network packets.
D. The shrinking of an overall attack surface due to the additional access.
正解:B
質問 7:A security administrator is shown the following log excerpt from a Unix system:
2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port 37914 ssh2
2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port 37915 ssh2
2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port 37916 ssh2
2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port 37918 ssh2
2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port 37920 ssh2
2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port 37924 ssh2
Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).
A. Use iptables to immediately DROP connections from the IP 198.51.100.23.
B. Isolate the system immediately and begin forensic analysis on the host.
C. An authorized administrator has logged into the root account remotely.
D. Change the root password immediately to a password not found in a dictionary.
E. A remote attacker has compromised the root account using a buffer overflow in sshd.
F. The administrator should disable remote root logins.
G. A remote attacker has guessed the root password using a dictionary attack.
H. A remote attacker has compromised the private key of the root account.
正解:B,G
質問 8:The <nameID> element in SAML can be provided in which of the following predefined formats? (Select TWO).
A. X.509 subject name
B. WWN record name
C. Kerberos principal name
D. EV certificate OID extension
E. PTR DNS record
正解:A,C
安全的な支払方式を利用しています
Credit Cardは今まで全世界の一番安全の支払方式です。少数の手続きの費用かかる必要がありますとはいえ、保障があります。お客様の利益を保障するために、弊社のCAS-001問題集は全部Credit Cardで支払われることができます。
領収書について:社名入りの領収書が必要な場合、メールで社名に記入していただき送信してください。弊社はPDF版の領収書を提供いたします。
弊社は失敗したら全額で返金することを承諾します
我々は弊社のCAS-001問題集に自信を持っていますから、試験に失敗したら返金する承諾をします。我々のCompTIA CAS-001を利用して君は試験に合格できると信じています。もし試験に失敗したら、我々は君の支払ったお金を君に全額で返して、君の試験の失敗する経済損失を減少します。
一年間の無料更新サービスを提供します
君が弊社のCompTIA CAS-001をご購入になってから、我々の承諾する一年間の更新サービスが無料で得られています。弊社の専門家たちは毎日更新状態を検査していますから、この一年間、更新されたら、弊社は更新されたCompTIA CAS-001をお客様のメールアドレスにお送りいたします。だから、お客様はいつもタイムリーに更新の通知を受けることができます。我々は購入した一年間でお客様がずっと最新版のCompTIA CAS-001を持っていることを保証します。
弊社のCompTIA CAS-001を利用すれば試験に合格できます
弊社のCompTIA CAS-001は専門家たちが長年の経験を通して最新のシラバスに従って研究し出した勉強資料です。弊社はCAS-001問題集の質問と答えが間違いないのを保証いたします。

この問題集は過去のデータから分析して作成されて、カバー率が高くて、受験者としてのあなたを助けて時間とお金を節約して試験に合格する通過率を高めます。我々の問題集は的中率が高くて、100%の合格率を保証します。我々の高質量のCompTIA CAS-001を利用すれば、君は一回で試験に合格できます。
弊社は無料CompTIA CAS-001サンプルを提供します
お客様は問題集を購入する時、問題集の質量を心配するかもしれませんが、我々はこのことを解決するために、お客様に無料CAS-001サンプルを提供いたします。そうすると、お客様は購入する前にサンプルをダウンロードしてやってみることができます。君はこのCAS-001問題集は自分に適するかどうか判断して購入を決めることができます。
CAS-001試験ツール:あなたの訓練に便利をもたらすために、あなたは自分のペースによって複数のパソコンで設置できます。
TopExamは君にCAS-001の問題集を提供して、あなたの試験への復習にヘルプを提供して、君に難しい専門知識を楽に勉強させます。TopExamは君の試験への合格を期待しています。
CompTIA Advanced Security Practitioner 認定 CAS-001 試験問題:
1. The IT manager is evaluating IPS products to determine which would be most effective at stopping network traffic that contains anomalous content on networks that carry very specific types of traffic. Based on the IT manager's requirements, which of the following types of IPS products would be BEST suited for use in this situation?
A) Rate-based
B) Host-based
C) Signature-based
D) Anomaly-based
2. Customer Need:
"We need the system to produce a series of numbers with no discernible mathematical progression for use by our Java based, PKI-enabled, customer facing website."
Which of the following BEST restates the customer need?
A) The system shall use a pseudo-random number generator seeded the same every time.
B) The system shall generate a pseudo-random number upon invocation by the existing Java program.
C) The system shall generate a truly random number based upon user PKI certificates.
D) The system shall implement a pseudo-random number generator for use by corporate customers.
3. A new malware spreads over UDP Port 8320 and several network hosts have been infected. A new security administrator has determined a possible cause, and the infected machines have been quarantined. Which of the following actions could a new security administrator take to further mitigate this issue?
A) Add an explicit deny-all and log rule as the final entry of the firewall rulebase.
B) Configure the firewall to use IPv6 by default.
C) Limit source ports on the firewall to specific IP addresses.
D) Implement stateful UDP filtering on UDP ports above 1024.
4. An organization is preparing to upgrade its firewall and NIPS infrastructure and has narrowed the vendor choices down to two platforms. The integrator chosen to assist the organization with the deployment has many clients running a mixture of the possible combinations of environments. Which of the following is the MOST comprehensive method for evaluating the two platforms?
A) Develop testing criteria and evaluate each environment in-house.
B) Use results from each vendor's test labs to determine adherence to project requirements.
C) Benchmark each possible solution with the integrators existing client deployments.
D) Run virtual test scenarios to validate the potential solutions.
5. Within a large organization, the corporate security policy states that personal electronic devices are not allowed to be placed on the company network. There is considerable pressure from thecompany board to allow smartphones to connect and synchronize email and calendar items of board members and company executives. Which of the following options BEST balances the security and usability requirements of the executive management team?
A) Allow only the executive management team the ability to use personal devices on the company network, as they have important responsibilities and need convenient access.
B) Review the security policy. Perform a risk evaluation of allowing devices that can be centrally managed, remotely disabled, and have device-level encryption of sensitive data.
C) Allow only certain devices that are known to have the ability of being centrally managed. Do not allow any other smartphones until the device is proven to be centrally managed.
D) Stand firm on disallowing non-company assets from connecting to the network as the assets may lead to undesirable security consequences, such as sensitive emails being leaked outside the company.
質問と回答:
質問 # 1 正解: C | 質問 # 2 正解: B | 質問 # 3 正解: A | 質問 # 4 正解: A | 質問 # 5 正解: B |