CompTIA CAS-004 Exam Practice Test Instant Access

Question 1

A security administrator is setting up a virtualization solution that needs to run services from a single host. Each service should be the only one running in its environment. Each environment needs to have its own operating system as a base but share the kernel version and properties of the running host. Which of the following technologies would best meet these requirements?

AContainers

BType 1 hypervisor

CType 2 hypervisor

DVirtual desktop infrastructure

EEmulation

Answer : A

The most appropriate technology for this virtualization solution is containers. Containers allow multiple services to run on a single host with isolated environments, while sharing the same kernel version and properties of the host operating system. Each container has its own instance of the operating system and runs independently from the others, meeting the requirement for separate environments with their own OS. Containers are more lightweight than full hypervisors and are ideal for running microservices in isolated environments. CASP+ emphasizes the use of containers in scenarios where services need to be isolated but share the same host OS kernel.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (Virtualization Technologies, Containers)

CompTIA CASP+ Study Guide: Virtualization and Containerization for Isolated Services

Question 2

A hospitality company experienced a data breach that included customer Pll. The hacker used social engineering to convince an employee to grant a third-party application access to some company documents within a cloud file storage service. Which of the following is the BEST solution to help prevent this type of attack in the future?

ANGFW for web traffic inspection and activity monitoring

BCSPM for application configuration control

CTargeted employee training and awareness exercises

DCASB for OAuth application permission control

Answer : D

The company should use CASB for OAuth application permission control to help prevent this type of attack in the future. CASB stands for cloud access security broker, which is a software tool that monitors and enforces security policies for cloud applications. CASB can help control which third-party applications can access the company's cloud file storage service and what permissions they have. CASB can also detect and block any unauthorized or malicious applications that try to access the company's data. Verified Reference:

https://www.kaspersky.com/resource-center/threats/how-to-avoid-social-engineering-attacks

https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/understanding-preventing-social-engineering-attacks/

https://www.indusface.com/blog/10-ways-businesses-can-prevent-social-engineering-attacks/

Question 3

Due to budget constraints, an organization created a policy that only permits vulnerabilities rated high and critical according to CVSS to be fixed or mitigated. A security analyst notices that many vulnerabilities that were previously scored as medium are now breaching higher thresholds. Upon further investigation, the analyst notices certain ratings are not aligned with the approved system categorization. Which of the following can the analyst do to get a better picture of the risk while adhering to the organization's policy?

AAlign the exploitability metrics to the predetermined system categorization.

BAlign the remediation levels to the predetermined system categorization.

CAlign the impact subscore requirements to the predetermined system categorization.

DAlign the attack vectors to the predetermined system categorization.

Answer : C

Aligning the impact subscore requirements to the predetermined system categorization can help the analyst get a better picture of the risk while adhering to the organization's policy. The impact subscore is one of the components of the CVSS base score, which reflects the severity of a vulnerability. The impact subscore is calculated based on three metrics: confidentiality, integrity, and availability. These metrics can be adjusted according to the system categorization, which defines the security objectives and requirements for a system based on its potential impact on an organization's operations and assets. By aligning the impact subscore requirements to the system categorization, the analyst can ensure that the CVSS scores reflect the true impact of a vulnerability on a specific system and prioritize remediation accordingly.

Question 4

After a server was compromised an incident responder looks at log files to determine the attack vector that was used The incident responder reviews the web server log files from the time before an unexpected SSH session began:

Which of the following is the most likely vulnerability that was exploited based on the log files?

ADirectory traversal revealed the hashed SSH password, which was used to access the server.

BA SQL injection was used during the ordering process to compromise the database server

CThe root password was easily guessed and used as a parameter lo open a reverse shell

DAn outdated third-party PHP plug-in was vulnerable to a known remote code execution

Answer : A

The logs indicate a directory traversal attempt (/../..//.etc/shadow), which is a type of attack that exploits insufficient security validation/sanitization of user-supplied input file names, so that characters representing 'traverse to parent directory' are passed through to the file APIs. The /etc/shadow file on Unix systems contains password hashes. If an attacker successfully exploited this vulnerability, they could potentially access the hashed SSH password. This information could then be used to gain unauthorized access to the server if the hash was cracked.

Question 5

In support of disaster recovery objectives, a third party agreed to provide 99.999% uptime. Recently, a hardware failure impacted a firewall without service degradation. Which of the following resiliency concepts was most likely in place?

AClustering

BHigh availability

CRedundancy

DReplication

Answer : B

High availability ensures continuous operation despite hardware failures by leveraging redundant components like clustered firewalls or failover systems. This aligns with CASP+ objective 3.1, which focuses on implementing availability and redundancy mechanisms in disaster recovery planning.

Question 6

A new requirement for legislators has forced a government security team to develop a validation process to verify the integrity of a downloaded file and the sender of the file Which of the following is the BEST way for the security team to comply with this requirement?

ADigital signature

BMessage hash

CMessage digest

DMessage authentication code

Answer : A

A digital signature is a cryptographic technique that allows the sender of a file to sign it with their private key and the receiver to verify it with the sender's public key. This ensures the integrity and authenticity of the file, as well as the non-repudiation of the sender. A message hash or a message digest is a one-way function that produces a fixed-length output from an input, but it does not provide any information about the sender. A message authentication code (MAC) is a symmetric-key technique that allows both the sender and the receiver to generate and verify a code using a shared secret key, but it does not provide non-repudiation.Reference: [CompTIA Advanced Security Practitioner (CASP+) Certification Exam Objectives], Domain 2: Enterprise Security Architecture, Objective 2.1: Apply cryptographic techniques

Question 7

A recent audit discovered that multiple employees had been using their badges to walk through the secured data center to get to the employee break room. Most of the employees were given access during a previous project, but the access was not removed in a timely manner when the project was complete. Which of the following would reduce the likelihood of this scenario occurring again?

ACreate an automated quarterly attestation process that requires management approval for data center access and removes unapproved access.

BRequire all employees to sign an AUP that prohibits accessing the data center without an active service ticket number.

CRemove all access to the data center badge readers and only re-add employees with a valid business purpose for entering the floor.

DImplement time-of-day restrictions on the data center badge readers and create automated alerts for unapproved swipe attempts.

Answer : A

Implementing an automated quarterly attestation process ensures that access is reviewed and approved regularly. This prevents unauthorized or unnecessary access from persisting over time, aligning with CASP+ objective 1.6, which emphasizes continuous access control monitoring.

CompTIA CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam Practice Test