CompTIA Advanced Security Practitioner

The CompTIA Advanced Security Practitioner U2022.3 CAS-004 CASP+ exam stands for the CompTIA Advanced Security Practitioner certification exam. CASP+ CAS-004 Dumps exam questions for you to solve cover the technical knowledge and skills required to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise while considering the impact of governance, risk, and compliance requirements all skills to prepare. CAS-004 Dumps questions are online to ensure you can pass the CAS-004 CASP+ CompTIA Advanced Security Practitioner U2022.3 exam on the first try.

Get the latest CASP+ CAS-004 dumps U2022.3:

Also, try the CompTIA Advanced Security Practitioner CAS-004 CASP+ free dumps.

PS. Please take the online test first, and the answer will be announced at the end of the article.

QUESTION 1

A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server.

To further investigate, the analyst pulls the event logs directly from /var/log/auth.log: graphic.ssh_auth_log.

Which of the following actions would BEST address the potential risks by the activity in the logs?

A. Alerting the misconfigured service account password
B. Modifying the AllowUsers configuration directive
C. Restricting external port 22 access
D. Implementing host-key preferences

QUESTION 2

Within change management, winch of the following ensures functions are earned out by multiple employees?

A. Least privilege
B. Mandatory vacation
C. Separator of duties
D. Job rotation

QUESTION 3

A security administrator configured the account policies per security implementation guidelines. However, the accounts still appear to be susceptible to brute-force attacks. The following settings meet the existing compliance guidelines:

1. Must have a minimum of 15 characters
2. Must use one number
3. Must use one capital letter
4. Must not be one of the last 12 passwords used

Which of the following policies should be added to provide additional security?

A. Shared accounts
B. Password complexity
C. Account lockout
D. Password history
E. Time-based logins

Reference: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/account-lockoutthreshold

QUESTION 4

A pharmaceutical company recently experienced a security breach within its customer-facing web portal. The attackers performed a SQL injection attack and exported tables from the company\’s managed database, exposing customer information.

The company hosts the application with a CSP utilizing the IaaS model. Which of the following parties is ultimately responsible for the breach?

A. The pharmaceutical company
B. The cloud software provider
C. The web portal software vendor
D. The database software vendor

QUESTION 5

Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.

Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

A. Implement rate limiting on the API.
B. Implement geoblocking on the WAF.
C. Implement OAuth 2.0 on the API.
D. Implement input validation on the API.

QUESTION 6

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic.

When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the ?? network?

A. Packets that are the wrong size or length
B. Use of any non-DNP3 communication on a DNP3 port
C. Multiple solicited responses over time
D. Application of an unsupported encryption algorithm

QUESTION 7

A company publishes several APIs for customers and is required to use keys to segregate customer data sets.

Which of the following would be the BEST to use to store customer keys?

A. A trusted platform module
B. A hardware security module
C. A localized key store
D. A public key infrastructure

QUESTION 8

A security tester is performing a black-box assessment of an RFID access control system. The tester has a handful of RFID tags and is able to access the reader. However, the tester cannot disassemble the reader because it is in use by the company.

Which of the following shows the steps the tester should take to assess the RFID access control system in the correct order?

A.

1. Attempt to eavesdrop and replay RFID communications.
2. Determine the protocols being used between the tag and the reader.
3. Retrieve the RFID tag identifier and manufacturer details.
4. Take apart an RFID tag and analyze the chip.

B.

1. Determine the protocols being used between the tag and the reader.
2. Take apart an RFID tag and analyze the chip.
3. Retrieve the RFID tag identifier and manufacturer details.
4. Attempt to eavesdrop and replay RFID communications.

C.

1. Retrieve the RFID tag identifier and manufacturer details.
2. Determine the protocols is being used between the tag and the reader.
3. Attempt to eavesdrop and replay RFID communications.
4. Take apart an RFID tag and analyze the chip.

D.

1. Take apart an RFID tag and analyze the chip.
2. Retrieve the RFID tag identifier and manufacturer details.
3. Determine the protocols being used between the tag and the reader.
4. Attempt to eavesdrop and replay RFID communications.

QUESTION 9

A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence.

Which of the following techniques would BEST support this?

A. Configuring system services to run automatically at startup
B. Creating a backdoor
C. Exploiting an arbitrary code execution exploit
D. Moving laterally to a more authoritative server/service

QUESTION 10

A small company needs to reduce its operating costs. vendors have proposed solutions, which all focus on the management of the company\’s website and services. The Chief Information Security Officer (CISO) insists all available resources in the proposal must be dedicated, but managing a private cloud is not an option.

Which of the following is the BEST solution for this company?

A. Community cloud service model
B. Multinency SaaS
C. Single-tenancy SaaS
D. On-premises cloud service model

QUESTION 11

Which of the following represents the MOST significant benefit of implementing a passwordless authentication solution?

A. Biometric authenticators are immutable.
B. The likelihood of account compromise is reduced.
C. Zero trust is achieved.
D. Privacy risks are minimized.

Reference: https://cloudworks.no/en/5-benefits-of-passwordless-authentication/

QUESTION 12

A shipping company that is trying to eliminate entire classes of threats is developing an SELinux policy to ensure its custom Android devices are used exclusively for package tracking. After compiling and implementing the policy, in which of the following modes must the company ensure the devices are configured to run?

A. Protecting
B. Permissive
C. Enforcing
D. Mandatory

Reference: https://source.android.com/security/selinux/customize

Publish the answer:

Q1	Q2	Q3	Q4	Q5	Q6	Q7	Q8	Q9	Q10	Q11	Q12
C	A	C	B	C	C	C	B	B	A	B	B

CompTIA Advanced Security Practitioner CAS-004 CASP+ free dumps Question, Share Using PDF:https://drive.google.com/file/d/1o70F7OU9HlJUR6JH0uY8-aBnANzaFgSX/view?usp=sharing

The latest version of CompTIA Advanced Security Practitioner CAS-004 CASP+ Dumps U2022.3 is modified, updated, and works. Using CompTIA CAS-004 CASP+ Dumps U2022.3: https://www.leads4pass.com/cas-004.html.
Helping you pass the CompTIA Advanced Security Practitioner CAS-004 CASP+ exam with ease.