Top Down to date CAS-002 practice Reviews!

Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Examcollection CAS-002 exam study guides now. We will not let you down with our money-back guarantee.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/CAS-002-exam-dumps.html

Q111. - (Topic 3) 

Staff from the sales department have administrator rights to their corporate standard operating environment, and often connect their work laptop to customer networks when onsite during meetings and presentations. This increases the risk and likelihood of a security incident when the sales staff reconnects to the corporate LAN. Which of the following controls would BEST protect the corporate network? 

A. Implement a network access control (NAC) solution that assesses the posture of the laptop before granting network access. 

B. Use an independent consulting firm to provide regular network vulnerability assessments and biannually qualitative risk assessments. 

C. Provide sales staff with a separate laptop with no administrator access just for sales visits. 

D. Update the acceptable use policy and ensure sales staff read and acknowledge the policy. 

Answer:


Q112. - (Topic 2) 

A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network. Vendors were authenticating directly to the retailer’s AD servers, and an improper firewall rule allowed pivoting from the AD server to the DMZ where credit card servers were kept. The firewall rule was needed for an internal application that was developed, which presents risk. The retailer determined that because the vendors were required to have site to site VPN’s no other security action was taken. 

To prove to the retailer the monetary value of this risk, which of the following type of calculations is needed? 

A. Residual Risk calculation 

B. A cost/benefit analysis 

C. Quantitative Risk Analysis 

D. Qualitative Risk Analysis 

Answer:


Q113. - (Topic 4) 

The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements? 

A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator. 

B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud. 

C. A SaaS based firewall which logs to the company’s local storage via SSL, and is managed by the change control team. 

D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware. 

Answer:


Q114. - (Topic 2) 

A recently hired security administrator is advising developers about the secure integration of a legacy in-house application with a new cloud based processing system. The systems must exchange large amounts of fixed format data such as names, addresses, and phone numbers, as well as occasional chunks of data in unpredictable formats. The developers want to construct a new data format and create custom tools to parse and process the data. The security administrator instead suggests that the developers: 

A. Create a custom standard to define the data. 

B. Use well formed standard compliant XML and strict schemas. 

C. Only document the data format in the parsing application code. 

D. Implement a de facto corporate standard for all analyzed data. 

Answer:


Q115. - (Topic 4) 

A company has been purchased by another agency and the new security architect has identified new security goals for the organization. The current location has video surveillance throughout the building and entryways. The following requirements must be met: 

1. Ability to log entry of all employees in and out of specific areas 

2. Access control into and out of all sensitive areas 

3. Two-factor authentication 

Which of the following would MOST likely be implemented to meet the above requirements and provide a secure solution? (Select TWO). 

A. Proximity readers 

B. Visitor logs 

C. Biometric readers 

D. Motion detection sensors 

E. Mantrap 

Answer: A,C 


Q116. - (Topic 1) 

A security administrator is shown the following log excerpt from a Unix system: 

2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port 37914 ssh2 

2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port 37915 ssh2 

2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port 37916 ssh2 

2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port 37918 ssh2 

2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port 37920 ssh2 

2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port 37924 ssh2 

Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO). 

A. An authorized administrator has logged into the root account remotely. 

B. The administrator should disable remote root logins. 

C. Isolate the system immediately and begin forensic analysis on the host. 

D. A remote attacker has compromised the root account using a buffer overflow in sshd. 

E. A remote attacker has guessed the root password using a dictionary attack. 

F. Use iptables to immediately DROP connections from the IP 198.51.100.23. 

G. A remote attacker has compromised the private key of the root account. 

H. Change the root password immediately to a password not found in a dictionary. 

Answer: C,E 


Q117. - (Topic 1) 

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets. 

The information security team has been a part of the department meetings and come away with the following notes: 

-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application. 

-Sales is asking for easy order tracking to facilitate feedback to customers. 

-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction. 

-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy. 

-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining. 

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption. 

Which of the following departments’ request is in contrast to the favored solution? 

A. Manufacturing 

B. Legal 

C. Sales 

D. Quality assurance 

E. Human resources 

Answer:


Q118. - (Topic 5) 

A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The sales team is continuously contacting the security administrator to answer security questions posed by potential customers/clients. Which of the following is the BEST strategy to minimize the frequency of these requests? 

A. Request the major stakeholder hire a security liaison to assist the sales team with security-related questions. 

B. Train the sales team about basic security, and make them aware of the security policies and procedures of the company. 

C. The job description of the security administrator is to assist the sales team; thus the process should not be changed. 

D. Compile a list of the questions, develop an FAQ on the website, and train the sales team about basic security concepts. 

Answer:


Q119. - (Topic 3) 

A network administrator notices a security intrusion on the web server. Which of the following is noticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2 in the log file? 

A. Buffer overflow 

B. Click jacking 

C. SQL injection 

D. XSS attack 

Answer:


Q120. - (Topic 4) 

The Universal Research Association has just been acquired by the Association of Medical Business Researchers. The new conglomerate has funds to upgrade or replace hardware as part of the acquisition, but cannot fund labor for major software projects. Which of the following will MOST likely result in some IT resources not being integrated? 

A. One of the companies may use an outdated VDI. 

B. Corporate websites may be optimized for different web browsers. 

C. Industry security standards and regulations may be in conflict. 

D. Data loss prevention standards in one company may be less stringent. 

Answer: