Act now and download your CompTIA CAS-002 test today! Do not waste time for the worthless CompTIA CAS-002 tutorials. Download Improve CompTIA CompTIA Advanced Security Practitioner (CASP) exam with real questions and answers and begin to learn CompTIA CAS-002 with a classic professional.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/CAS-002-exam-dumps.html
Q171. - (Topic 1)
An external penetration tester compromised one of the client organization’s authentication servers and retrieved the password database. Which of the following methods allows the penetration tester to MOST efficiently use any obtained administrative credentials on the client organization’s other systems, without impacting the integrity of any of the systems?
A. Use the pass the hash technique
B. Use rainbow tables to crack the passwords
C. Use the existing access to change the password
D. Use social engineering to obtain the actual password
Answer: A
Q172. - (Topic 2)
An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate?
A. Intermediate Root Certificate
B. Wildcard Certificate
C. EV x509 Certificate
D. Subject Alternative Names Certificate
Answer: D
Q173. - (Topic 1)
Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test?
A. Test password complexity of all login fields and input validation of form fields
B. Reverse engineering any thick client software that has been provided for the test
C. Undertaking network-based denial of service attacks in production environment
D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks
E. Running a vulnerability scanning tool to assess network and host weaknesses
Answer: C
Q174. - (Topic 3)
The security manager of a company has hired an external consultant to conduct a security assessment of the company network. The contract stipulates that the consultant is not allowed to transmit any data on the company network while performing wired and wireless security assessments. Which of the following technical means can the consultant use to determine the manufacturer and likely operating system of the company wireless and wired network devices, as well as the computers connected to the company network?
A. Social engineering
B. Protocol analyzer
C. Port scanner
D. Grey box testing
Answer: B
Q175. - (Topic 5)
A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:
Customers to upload their log files to the “big data” platform
Customers to perform remote log search
Customers to integrate into the platform using an API so that third party business intelligence tools can be used for the purpose of trending, insights, and/or discovery
Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).
A. Secure storage and transmission of API keys
B. Secure protocols for transmission of log files and search results
C. At least two years retention of log files in case of e-discovery requests
D. Multi-tenancy with RBAC support
E. Sanitizing filters to prevent upload of sensitive log file contents
F. Encrypted storage of all customer log files
Answer: A,B,D
Q176. - (Topic 3)
A security consultant is called into a small advertising business to recommend which security policies and procedures would be most helpful to the business. The business is comprised of 20 employees, operating off of two shared servers. One server houses employee data and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not access either of the servers remotely. Assuming no security policies or procedures are in place right now, which of the following would be the MOST applicable for implementation? (Select TWO).
A. Password Policy
B. Data Classification Policy
C. Wireless Access Procedure
D. VPN Policy
E. Database Administrative Procedure
Answer: A,B
Q177. - (Topic 4)
Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software form running on mobile devices?
A. Single sign-on
B. Identity propagation
C. Remote attestation
D. Secure code review
Answer: C
Q178. - (Topic 5)
An IT administrator has been tasked with implementing an appliance-based web proxy server to control external content accessed by internal staff. Concerned with the threat of corporate data leakage via web-based email, the IT administrator wants to decrypt all outbound HTTPS sessions and pass the decrypted content to an ICAP server for inspection by the corporate DLP software. Which of the following is BEST at protecting the internal certificates used in the decryption process?
A. NIPS
B. HSM
C. UTM
D. HIDS
E. WAF
F. SIEM
Answer: B
Q179. - (Topic 3)
The Linux server at Company A hosts a graphical application widely used by the company designers. One designer regularly connects to the server from a Mac laptop in the designer’s office down the hall. When the security engineer learns of this it is discovered the connection is not secured and the password can easily be obtained via network sniffing. Which of the following would the security engineer MOST likely implement to secure this connection?
Linux Server: 192.168.10.10/24
Mac Laptop: 192.168.10.200/24
A. From the server, establish an SSH tunnel to the Mac and VPN to 192.168.10.200.
B. From the Mac, establish a remote desktop connection to 192.168.10.10 using Network Layer Authentication and the CredSSP security provider.
C. From the Mac, establish a VPN to the Linux server and connect the VNC to 127.0.0.1.
D. From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to
127.0.0.1.
Answer: D
Q180. - (Topic 5)
The audit department at a company requires proof of exploitation when conducting internal network penetration tests. Which of the following provides the MOST conclusive proof of compromise without further compromising the integrity of the system?
A. Provide a list of grabbed service banners.
B. Modify a file on the system and include the path in the test’s report.
C. Take a packet capture of the test activity.
D. Add a new test user account on the system.
Answer: C
