Act now and download your CompTIA CAS-002 test today! Do not waste time for the worthless CompTIA CAS-002 tutorials. Download Regenerate CompTIA CompTIA Advanced Security Practitioner (CASP) exam with real questions and answers and begin to learn CompTIA CAS-002 with a classic professional.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/CAS-002-exam-dumps.html
Q61. - (Topic 3)
An organization has had six security incidents over the past year against their main web application. Each time the organization was able to determine the cause of the incident and restore operations within a few hours to a few days. Which of the following provides the MOST comprehensive method for reducing the time to recover?
A. Create security metrics that provide information on response times and requirements to determine the best place to focus time and money.
B. Conduct a loss analysis to determine which systems to focus time and money towards increasing security.
C. Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation.
D. Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics.
Answer: D
Q62. - (Topic 5)
A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO).
A. Privacy could be compromised as patient records can be viewed in uncontrolled areas.
B. Device encryption has not been enabled and will result in a greater likelihood of data loss.
C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data.
D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes.
E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable.
Answer: A,D
Q63. - (Topic 3)
At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company. At 10:45 a.m. the security administrator received multiple alerts from the company’s statistical anomaly-based IDS about a company database administrator performing unusual transactions. At
10:55 a.m. the security administrator resets the database administrator’s password.
At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user. Which of the following is MOST likely the cause of the alerts?
A. The IDS logs are compromised.
B. The new password was compromised.
C. An input validation error has occurred.
D. A race condition has occurred.
Answer: D
Q64. - (Topic 3)
Within the company, there is executive management pressure to start advertising to a new target market. Due to the perceived schedule and budget inefficiencies of engaging a technology business unit to commission a new micro-site, the marketing department is engaging third parties to develop the site in order to meet time-to-market demands. From a security perspective, which of the following options BEST balances the needs between marketing and risk management?
A. The third party should be contractually obliged to perform adequate security activities, and evidence of those activities should be confirmed by the company prior to launch.
B. Outsourcing is a valid option to increase time-to-market. If a security incident occurs, it is not of great concern as the reputational damage will be the third party’s responsibility.
C. The company should never outsource any part of the business that could cause a security or privacy incident. It could lead to legal and compliance issues.
D. If the third party has an acceptable record to date on security compliance and is provably faster and cheaper, then it makes sense to outsource in this specific situation.
Answer: A
Q65. - (Topic 4)
Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test?
A. Test password complexity of all login fields and input validation of form fields
B. Reverse engineering any thick client software that has been provided for the test
C. Undertaking network-based denial of service attacks in production environment
D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks
E. Running a vulnerability scanning tool to assess network and host weaknesses
Answer: C
Q66. - (Topic 1)
Two universities are making their 802.11n wireless networks available to the other university’s students. The infrastructure will pass the student’s credentials back to the home school for authentication via the Internet.
The requirements are:
The following design was implemented: WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security RADIUS proxy servers will be used to forward authentication requests to the home school The RADIUS servers will have certificates from a common public certificate authority
A strong shared secret will be used for RADIUS server authentication
Which of the following security considerations should be added to the design?
A. The transport layer between the RADIUS servers should be secured
B. WPA Enterprise should be used to decrease the network overhead
C. The RADIUS servers should have local accounts for the visiting students
D. Students should be given certificates to use for authentication to the network
Answer: A
Q67. - (Topic 1)
A member of the software development team has requested advice from the security team to implement a new secure lab for testing malware. Which of the following is the NEXT step that the security team should take?
A. Purchase new hardware to keep the malware isolated.
B. Develop a policy to outline what will be required in the secure lab.
C. Construct a series of VMs to host the malware environment.
D. Create a proposal and present it to management for approval.
Answer: D
Q68. - (Topic 4)
Warehouse users are reporting performance issues at the end of each month when trying to access cloud applications to complete their end of the month financial reports. They have no problem accessing those applications at the beginning of the month.
Network information: DMZ network – 192.168.5.0/24 VPN network – 192.168.1.0/24 Datacenter – 192.168.2.0/24 User network - 192.168.3.0/24
HR network – 192.168.4.0/24 Warehouse network – 192.168.6.0/24 Finance network 192.168.7.0/24
Traffic shaper configuration:
VLAN Bandwidth limit (Mbps) VPN50 User175 HR220 Finance230 Warehouse75 Guest50
External firewall allows all networks to access the Internet. Internal Firewall Rules:
ActionSourceDestination Permit192.168.1.0/24192.168.2.0/24 Permit192.168.1.0/24192.168.3.0/24 Permit192.168.1.0/24192.168.5.0/24 Permit192.168.2.0/24192.168.1.0/24 Permit192.168.3.0/24192.168.1.0/24 Permit192.168.5.0/24192.168.1.0/24 Permit192.168.4.0/24192.168.7.0/24 Permit192.168.7.0/24192.168.4.0/24 Permit192.168.7.0/24any Deny192.168.4.0/24any Deny192.168.1.0/24192.168.4.0/24
Denyanyany
Which of the following restrictions is the MOST likely cause?
A. Bandwidth limit on the traffic shaper for the finance department
B. Proxy server preventing the warehouse from accessing cloud applications
C. Deny statements in the firewall for the warehouse network
D. Bandwidth limit on the traffic shaper for the warehouse department
Answer: D
Q69. - (Topic 3)
When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.
Which of the following would impact the security of conference’s resources?
A. Wireless network security may need to be increased to decrease access of mobile devices.
B. Physical security may need to be increased to deter or prevent theft of mobile devices.
C. Network security may need to be increased by reducing the number of available physical network jacks.
D. Wireless network security may need to be decreased to allow for increased access of mobile devices.
Answer: C
Q70. - (Topic 2)
Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a result, password replication and shared accounts are not acceptable. Which of the following implementations addresses the distributed login with centralized authentication and has wide compatibility among SaaS vendors?
A. Establish a cloud-based authentication service that supports SAML.
B. Implement a new Diameter authentication server with read-only attestation.
C. Install a read-only Active Directory server in the corporate DMZ for federation.
D. Allow external connections to the existing corporate RADIUS server.
Answer: A