Renewal CAS-002 Exam Study Guides With New Update Exam Questions

Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Actualtests CAS-002 exam study guides now. We will not let you down with our money-back guarantee.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/CAS-002-exam-dumps.html

Q291. - (Topic 5) 

Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. Which of the following would be the advantage of conducting this kind of penetration test? 

A. The risk of unplanned server outages is reduced. 

B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on. 

C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness. 

D. The results should reflect what attackers may be able to learn about the company. 

Answer:


Q292. - (Topic 2) 

A storage as a service company implements both encryption at rest as well as encryption in transit of customers’ data. The security administrator is concerned with the overall security of the encrypted customer data stored by the company servers and wants the development team to implement a solution that will strengthen the customer’s encryption key. Which of the following, if implemented, will MOST increase the time an offline password attack against the customers’ data would take? 

A. key = NULL ; for (int i=0; i<5000; i++) { key = sha(key + password) } 

B. password = NULL ; for (int i=0; i<10000; i++) { password = sha256(key) } 

C. password = password + sha(password+salt) + aes256(password+salt) 

D. key = aes128(sha256(password), password)) 

Answer:


Q293. - (Topic 3) 

A newly-appointed risk management director for the IT department at Company XYZ, a major pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and well-written report from the independent contractor who performed a security assessment of the system. The report details what seem to be a manageable volume of infrequently exploited security vulnerabilities. The director decides to implement continuous monitoring and other security controls to mitigate the impact of the vulnerabilities. Which of the following should the director require from the developers before agreeing to deploy the system? 

A. An incident response plan which guarantees response by tier two support within 15 minutes of an incident. 

B. A definitive plan of action and milestones which lays out resolutions to all vulnerabilities within six months. 

C. Business insurance to transfer all risk from the company shareholders to the insurance company. 

D. A prudent plan of action which details how to decommission the system within 90 days of becoming operational. 

Answer:


Q294. - (Topic 1) 

A new piece of ransomware got installed on a company’s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern? 

A. Determining how to install HIPS across all server platforms to prevent future incidents 

B. Preventing the ransomware from re-infecting the server upon restore 

C. Validating the integrity of the deduplicated data 

D. Restoring the data will be difficult without the application configuration 

Answer:


Q295. - (Topic 2) 

After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system was restored on a newer revision of the same brand and model device. After the restore, the specialized application no longer works. Which of the following is the MOST likely cause of the problem? 

A. The binary files used by the application have been modified by malware. 

B. The application is unable to perform remote attestation due to blocked ports. 

C. The restored image backup was encrypted with the wrong key. 

D. The hash key summary of hardware and installed software no longer match. 

Answer:


Q296. - (Topic 2) 

An administrator has enabled salting for users' passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain passwords on the system? (Select TWO). 

A. /etc/passwd 

B. /etc/shadow 

C. /etc/security 

D. /etc/password 

E. /sbin/logon 

F. /bin/bash 

Answer: A,B 


Q297. - (Topic 2) 

A security administrator has noticed that an increased number of employees’ workstations are becoming infected with malware. The company deploys an enterprise antivirus system as well as a web content filter, which blocks access to malicious web sites where malware files can be downloaded. Additionally, the company implements technical measures to disable external storage. Which of the following is a technical control that the security administrator should implement next to reduce malware infection? 

A. Implement an Acceptable Use Policy which addresses malware downloads. 

B. Deploy a network access control system with a persistent agent. 

C. Enforce mandatory security awareness training for all employees and contractors. 

D. Block cloud-based storage software on the company network. 

Answer:


Q298. - (Topic 2) 

A software developer and IT administrator are focused on implementing security in the organization to protect OSI layer 7. Which of the following security technologies would BEST meet their requirements? (Select TWO). 

A. NIPS 

B. HSM 

C. HIPS 

D. NIDS 

E. WAF 

Answer: C,E 


Q299. - (Topic 4) 

The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following: 

90.76.165.40 – - [08/Mar/2014:10:54:04] “GET calendar.php?create%20table%20hidden HTTP/1.1” 200 5724 

90.76.165.40 – - [08/Mar/2014:10:54:05] “GET ../../../root/.bash_history HTTP/1.1” 200 90.76.165.40 – - [08/Mar/2014:10:54:04] “GET index.php?user=<script>Create</script> HTTP/1.1” 200 5724 

The security administrator also inspects the following file system locations on the database server using the command ‘ls -al /root’ 

drwxrwxrwx 11 root root 4096 Sep 28 22:45 . 

drwxr-xr-x 25 root root 4096 Mar 8 09:30 .. 

-rws------ 25 root root 4096 Mar 8 09:30 .bash_history 

-rw------- 25 root root 4096 Mar 8 09:30 .bash_history 

-rw------- 25 root root 4096 Mar 8 09:30 .profile 

-rw------- 25 root root 4096 Mar 8 09:30 .ssh 

Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO). 

A. Privilege escalation 

B. Brute force attack 

C. SQL injection 

D. Cross-site scripting 

E. Using input validation, ensure the following characters are sanitized. <> 

F. Update crontab with: find / ( -perm -4000 ) –type f –print0 | xargs -0 ls –l | email.sh 

G. Implement the following PHP directive: $clean_user_input = addslashes($user_input) 

H. Set an account lockout policy 

Answer: A,F 


Q300. - (Topic 5) 

The risk manager has requested a security solution that is centrally managed, can easily 

be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement? 

A. HIPS 

B. UTM 

C. Antivirus 

D. NIPS 

E. DLP 

Answer: