Point Checklist: comptia casp cas-002

Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Ucertify CAS-002 exam study guides now. We will not let you down with our money-back guarantee.

2021 Oct comptia casp cas-002:

Q81. - (Topic 1) 

A new internal network segmentation solution will be implemented into the enterprise that consists of 200 internal firewalls. As part of running a pilot exercise, it was determined that it takes three changes to deploy a new application onto the network before it is operational. Security now has a significant effect on overall availability. Which of the following would be the FIRST process to perform as a result of these findings? 

A. Lower the SLA to a more tolerable level and perform a risk assessment to see if the solution could be met by another solution. Reuse the firewall infrastructure on other projects. 

B. Perform a cost benefit analysis and implement the solution as it stands as long as the risks are understood by the business owners around the availability issues. Decrease the current SLA expectations to match the new solution. 

C. Engage internal auditors to perform a review of the project to determine why and how the project did not meet the security requirements. As part of the review ask them to review the control effectiveness. 

D. Review to determine if control effectiveness is in line with the complexity of the solution. Determine if the requirements can be met with a simpler solution. 


Q82. - (Topic 5) 

A small company’s Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company’s security posture with regard to targeted attacks. Which of the following should the CSO conduct FIRST? 

A. Survey threat feeds from analysts inside the same industry. 

B. Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic. 

C. Conduct an internal audit against industry best practices to perform a gap analysis. 

D. Deploy a UTM solution that receives frequent updates from a trusted industry vendor. 


Q83. - (Topic 1) 

A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO). 

A. Demonstration of IPS system 

B. Review vendor selection process 

C. Calculate the ALE for the event 

D. Discussion of event timeline 

E. Assigning of follow up items 

Answer: D,E 

Q84. DRAG DROP - (Topic 3) 

Drag and Drop the following information types on to the appropriate CIA category 


Q85. - (Topic 4) 

The organization has an IT driver on cloud computing to improve delivery times for IT solution provisioning. Separate to this initiative, a business case has been approved for replacing the existing banking platform for credit card processing with a newer offering. It is the security practitioner’s responsibility to evaluate whether the new credit card processing platform can be hosted within a cloud environment. Which of the following BEST balances the security risk and IT drivers for cloud computing? 

A. A third-party cloud computing platform makes sense for new IT solutions. This should be endorsed going forward so as to align with the IT strategy. However, the security practitioner will need to ensure that the third-party cloud provider does regular penetration tests to ensure that all data is secure. 

B. Using a third-party cloud computing environment should be endorsed going forward. This aligns with the organization’s strategic direction. It also helps to shift any risk and regulatory compliance concerns away from the company’s internal IT department. The next step will be to evaluate each of the cloud computing vendors, so that a vendor can then be selected for hosting the new credit card processing platform. 

C. There may be regulatory restrictions with credit cards being processed out of country or processed by shared hosting providers. A private cloud within the company should be considered. An options paper should be created which outlines the risks, advantages, disadvantages of relevant choices and it should recommended a way forward. 

D. Cloud computing should rarely be considered an option for any processes that need to be significantly secured. The security practitioner needs to convince the stakeholders that the new platform can only be delivered internally on physical infrastructure. 


Most up-to-date comptia casp cas-002 pdf:

Q86. - (Topic 1) 

A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO). 

A. Privacy could be compromised as patient records can be viewed in uncontrolled areas. 

B. Device encryption has not been enabled and will result in a greater likelihood of data loss. 

C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data. 

D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes. 

E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable. 

Answer: A,D 

Q87. - (Topic 5) 

Noticing latency issues at its connection to the Internet, a company suspects that it is being targeted in a Distributed Denial of Service attack. A security analyst discovers numerous inbound monlist requests coming to the company’s NTP servers. Which of the following mitigates this activity with the LEAST impact to existing operations? 

A. Block in-bound connections to the company’s NTP servers. 

B. Block IPs making monlist requests. 

C. Disable the company’s NTP servers. 

D. Disable monlist on the company’s NTP servers. 


Q88. - (Topic 3) 

Due to cost and implementation time pressures, a security architect has allowed a NAS to be used instead of a SAN for a non-critical, low volume database. Which of the following would make a NAS unsuitable for a business critical, high volume database application that required a high degree of data confidentiality and data availability? (Select THREE). 

A. File level transfer of data 

B. Zoning and LUN security 

C. Block level transfer of data 

D. Multipath 

E. Broadcast storms 

F. File level encryption 

G. Latency 

Answer: A,E,G 

Q89. - (Topic 2) 

A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect? (Select TWO). 

A. Perform penetration testing over the HR solution to identify technical vulnerabilities 

B. Perform a security risk assessment with recommended solutions to close off high-rated risks 

C. Secure code review of the HR solution to identify security gaps that could be exploited 

D. Perform access control testing to ensure that privileges have been configured correctly 

E. Determine if the information security standards have been complied with by the project 

Answer: B,E 

Q90. - (Topic 4) 

During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance to regulations. The audit discovers that 40% of the desktops do not meet requirements. Which of the following is the cause of the noncompliance? 

A. The devices are being modified and settings are being overridden in production. 

B. The patch management system is causing the devices to be noncompliant after issuing the latest patches. 

C. The desktop applications were configured with the default username and password. 

D. 40% of the devices have been compromised. 


see more CAS-002 dumps