CAS-004 Free Practice Test

Which of the following should be established when configuring a mobile device to protect user internet privacy, to ensure the connection is encrypted, and to keep user activity hidden? (Select TWO).

1. A. proxy
2. B. Tunneling
3. C. VDI
4. D. MDM
5. E. RDP
6. F. MAC address randomization

Correct Answer: AF
The methods that can be used to protect user internet privacy, to ensure the connection is encrypted, and to keep user activity hidden are proxy and MAC address randomization. A proxy is a server that acts as an intermediary between a user and the internet, hiding the user’s IP address and location from websites and other online services. A proxy can also encrypt the connection between the user and the proxy server, preventing anyone from snooping on the user’s traffic. MAC address randomization is a feature that changes the MAC address of a mobile device periodically or when connecting to different networks. A MAC address is a unique identifier of a network interface that can be used to track the device’s location and activity. MAC address randomization can help protect the user’s privacy by making it harder for third parties to link the device to a specific user or network. Verified References:
https://www.techtarget.com/searchsecurity/definition/proxy-server
https://www.techtarget.com/searchnetworking/definition/MAC-address-randomization
https://www.techtarget.com/searchsecurity/definition/MAC-address-Media-Access-Control-address

A security consultant needs to set up wireless security for a small office that does not have Active Directory. Despite the lack of central account management, the office manager wants to ensure a high level of defense to prevent brute-force attacks against wireless authentication.
Which of the following technologies would BEST meet this need?

1. A. Faraday cage
2. B. WPA2 PSK
3. C. WPA3 SAE
4. D. WEP 128 bit

Correct Answer: C
WPA3 SAE prevents brute-force attacks.
“WPA3 Personal (WPA-3 SAE) Mode is a static passphrase-based method. It provides better security than what WPA2 previously provided, even when a non- complex password is used, thanks to Simultaneous Authentication of Equals (SAE), the personal authentication process of WPA3.”

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session:

Which of the following BEST explains why secure LDAP is not working? (Select TWO.)

1. A. The clients may not trust idapt by default.
2. B. The secure LDAP service is not started, so no connections can be made.
3. C. Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.
4. D. Secure LDAP should be running on UDP rather than TCP.
5. E. The company is using the wrong por
6. F. It should be using port 389 for secure LDAP.
7. G. Secure LDAP does not support wildcard certificates.
8. H. The clients may not trust Chicago by default.

Correct Answer: AF
The clients may not trust idapt by default because it is a self-signed certificate authority that is not in the trusted root store of the clients. Secure LDAP does not support wildcard certificates because they do not match the fully qualified domain name of the server. Verified References: https://www.professormesser.com/security-plus/sy0- 401/ldap-and-secure-ldap/ , https://www.comptia.org/training/books/casp-cas-004-study- guide

A company security engineer arrives at work to face the following scenario:
1) Website defacement
2) Calls from the company president indicating the website needs to be fixed Immediately because It Is damaging the brand
3) A Job offer from the company's competitor
4) A security analyst's investigative report, based on logs from the past six months, describing how lateral movement across the network from various IP addresses originating from a foreign adversary country resulted in exfiltrated data
Which of the following threat actors Is MOST likely involved?

1. A. Organized crime
2. B. Script kiddie
3. C. APT/nation-state
4. D. Competitor

Correct Answer: C
An Advanced Persistent Threat (APT) is an attack that is targeted, well-planned, and conducted over a long period of time by a nation-state actor. The evidence provided in the scenario indicates that the security analyst has identified a foreign adversary, which is strong evidence that an APT/nation-state actor is responsible for the attack. Resources: CompTIA Advanced Security Practitioner (CASP+) Study Guide, Chapter 5: “Advanced Persistent Threats,” Wiley, 2018. https://www.wiley.com/en- us/CompTIA+Advanced+Security+Practitioner+CASP++Study+Guide,+2nd+Edition
-p-9781119396582

A software development company makes Its software version available to customers from a web portal. On several occasions, hackers were able to access the software repository to change the package that is automatically published on the website. Which of the following would be the BEST technique to ensure the software the users download is the official software released by the company?

1. A. Distribute the software via a third-party repository.
2. B. Close the web repository and deliver the software via email.
3. C. Email the software link to all customers.
4. D. Display the SHA checksum on the website.

Correct Answer: D