CAS-004無料問題集「CompTIA Advanced Security Practitioner (CASP+)」

質問 1

A company is on a deadline to roll out an entire CRM platform to all users at one time. However, the company is behind schedule due to reliance on third-party vendors. Which of the following development approaches will allow the company to begin releases but also continue testing and development for future releases?

（A）Revise the scope of the project to use a waterfall approach.

（B）Change the scope of the project to use the spiral development methodology.

（C）Perform continuous integration.

（D）Implement iterative software releases

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

An organization does not have visibility into when company-owned assets are off network or not connected via a VPN. The lack of visibility prevents the organization from meeting security and operational objectives. Which of the following cloud-hosted solutions should the organization implement to help mitigate the risk?

（A）Antivirus

（B）HIDS

（C）UEBA

（D）EDR

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

A company has identified a number of vulnerable, end-of-support systems with limited defensive capabilities. Which of the following would be the first step in reducing the attack surface in this environment?

（A）Deploying IPS/IDS throughout the environment

（B）Utilizing hardening recommendations

（C）Installing all available patches

（D）Installing and updating antivirus

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A security architect recommends replacing the company's monolithic software application with a containerized solution. Historically, secrets have been stored in the application's configuration files. Which of the following changes should the security architect make in the new system?

（A）Store the secrets inside the Dockerfiles.

（B）Save secrets in key escrow.

（C）Use a secrets management tool.

（D）Run all Dockerfiles in a randomized namespace.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

A company would like to move its payment card data to a cloud provider. Which of the following solutions will best protect account numbers from unauthorized disclosure?

（A）Storing the data in an encoded file

（B）Implementing database encryption at rest

（C）Implementing data field masking

（D）Only storing tokenized card data

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Which of the following indicates when a company might not be viable after a disaster?

（A）Recovery time objective

（B）Annual loss expectancy

（C）Mean time to recovery

（D）Maximum tolerable downtime

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

The results of an internal audit indicate several employees reused passwords that were previously included in a published list of compromised passwords.
The company has the following employee password policy:

Which of the following should be implemented to best address the password reuse issue?
(Choose two.)

（A）Increase the character length to 12.

（B）Increase the minimum age to two days.

（C）Increase the history to 20.

（D）Remove the complexity requirements.

（E）Add case-sensitive requirements to character class.

（F）Increase the maximum age to 120 days.

（G）Decrease the maximum age to 30 days.

正解：A、C 解答を投票する

質問 8

The Chief Information Security Officer is concerned about the possibility of employees downloading malicious files from the internet and opening them on corporate workstations. Which of the following solutions would be BEST to reduce this risk?

（A）Scan all downloads using an antivirus engine on the web proxy.

（B）Execute the files in the sandbox on the web proxy.

（C）Block known malware sites on the web proxy.

（D）Integrate the web proxy with threat intelligence feeds.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

A small company needs to reduce its operating costs. vendors have proposed solutions, which all focus on management of the company's website and services. The Chief information Security Officer (CISO) insist all available resources in the proposal must be dedicated, but managing a private cloud is not an option. Which of the following is the BEST solution for this company?

（A）Single-tenancy SaaS

（B）On-premises cloud service model

（C）Multinency SaaS

（D）Community cloud service model

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

A security operations center analyst is investigating anomalous activity between a database server and an unknown external IP address and gathered the following data:
- dbadmin last logged in at 7:30 a.m. and logged out at 8:05 a.m.
- A persistent TCP/6667 connection to the external address was
established at 7:55 a.m. The connection is still active.
- Other than bytes transferred to keep the connection alive, only a few kilobytes of data transfer every hour since the start of the connection.
- A sample outbound request payload from PCAP showed the ASCII content:
"JOIN #community".
Which of the following is the MOST likely root cause?

（A）The system has been hijacked for cryptocurrency mining.

（B）A SQL injection was used to exfiltrate data from the database server.

（C）A botnet Trojan is installed on the database server.

（D）The dbadmin user is consulting the community for help via Internet Relay Chat.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

An enterprise's Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) are meeting to discuss ongoing capacity and resource planning issues. The enterprise has experienced rapid, massive growth over the last 12 months, and the technology department is stretched thin for resources. A new accounting service is required to support the enterprise's growth, but the only available compute resources that meet the accounting service requirements are on the virtual platform, which is hosting the enterprise's website.
Which of the following should the CISO be MOST concerned about?

（A）Transferring as many services as possible to a CSP could free up resources.

（B）Poor capacity planning could cause an oversubscribed host, leading to poor performance on the company's website.

（C）A security vulnerability that is exploited on the website could expose the accounting service.

（D）The CTO does not have the budget available to purchase required resources and manage growth.

正解：C 解答を投票する

質問 12

A software company is developing an application in which data must be encrypted with a cipher that requires the following:
Initialization vector

Low latency

Suitable for streaming

Which of the following ciphers should the company use?

（A）Cipher block chaining message authentication code

（B）Electronic codebook

（C）Cipher feedback

（D）Cipher block chaining

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet:

Which of the following should the penetration tester conclude about the command output?

（A）192.168.102.67 is a backup mail server that may be more vulnerable to attack

（B）The public/private views on the Comptia.org DNS servers are misconfigured

（C）Comptia.org is running an older mail server, which may be vulnerable to exploits

（D）The DNS SPF records have not been updated for Comptia.org

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CAS-004 無料問題集「CompTIA Advanced Security Practitioner (CASP+)」

弊社を連絡する

関連リンク

トップ試験