Our pass rate is high to 98.9% and the similarity percentage between our CAS-002 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA CAS-002 exam in just one try? I am currently studying for the CompTIA CAS-002 exam. Latest CompTIA CAS-002 Test exam practice questions and answers, Try CompTIA CAS-002 Brain Dumps First.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/CAS-002-exam-dumps.html
Q51. - (Topic 4)
The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented?
A. Geographical regulation issues, loss of intellectual property and interoperability agreement issues
B. Improper handling of client data, interoperability agreement issues and regulatory issues
C. Cultural differences, increased cost of doing business and divestiture issues
D. Improper handling of customer data, loss of intellectual property and reputation damage
Answer: D
Q52. - (Topic 5)
An IT administrator has been tasked with implementing an appliance-based web proxy server to control external content accessed by internal staff. Concerned with the threat of corporate data leakage via web-based email, the IT administrator wants to decrypt all outbound HTTPS sessions and pass the decrypted content to an ICAP server for inspection by the corporate DLP software. Which of the following is BEST at protecting the internal certificates used in the decryption process?
A. NIPS
B. HSM
C. UTM
D. HIDS
E. WAF
F. SIEM
Answer: B
Q53. - (Topic 2)
It has come to the IT administrator’s attention that the “post your comment” field on the company blog page has been exploited, resulting in cross-site scripting attacks against customers reading the blog. Which of the following would be the MOST effective at preventing the “post your comment” field from being exploited?
A. Update the blog page to HTTPS
B. Filter metacharacters
C. Install HIDS on the server
D. Patch the web application
E. Perform client side input validation
Answer: B
Q54. - (Topic 4)
Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test?
A. Test password complexity of all login fields and input validation of form fields
B. Reverse engineering any thick client software that has been provided for the test
C. Undertaking network-based denial of service attacks in production environment
D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks
E. Running a vulnerability scanning tool to assess network and host weaknesses
Answer: C
Q55. - (Topic 2)
A company with 2000 workstations is considering purchasing a HIPS to minimize the impact of a system compromise from malware. Currently, the company projects a total cost of $50,000 for the next three years responding to and eradicating workstation malware. The Information Security Officer (ISO) has received three quotes from different companies that provide HIPS.
Which solution should the company select if the contract is only valid for three years?
A. First quote
B. Second quote
C. Third quote
D. Accept the risk
Answer: B
Q56. - (Topic 5)
A security manager has started a new job and has identified that a key application for a new client does not have an accreditation status and is currently not meeting the compliance requirement for the contract’s SOW. The security manager has competing priorities and wants to resolve this issue quickly with a system determination and risk assessment. Which of the following approaches presents the MOST risk to the security assessment?
A. The security manager reviews the system description for the previous accreditation, but does not review application change records.
B. The security manager decides to use the previous SRTM without reviewing the system description.
C. The security manager hires an administrator from the previous contract to complete the assessment.
D. The security manager does not interview the vendor to determine if the system description is accurate.
Answer: B
Q57. - (Topic 5)
For companies seeking to move to cloud services, variances in regulation between jurisdictions can be addressed in which of the following ways?
A. Ensuring the cloud service provides high availability spanning multiple regions.
B. Using an international private cloud model as opposed to public IaaS.
C. Encrypting all data moved to or processed in a cloud-based service.
D. Tagging VMs to ensure they are only run in certain geographic regions.
Answer: D
Q58. - (Topic 3)
An intrusion detection system logged an attack attempt from a remote IP address. One week later, the attacker successfully compromised the network. Which of the following MOST likely occurred?
A. The IDS generated too many false negatives.
B. The attack occurred after hours.
C. The IDS generated too many false positives.
D. No one was reviewing the IDS event logs.
Answer: D
Q59. - (Topic 1)
A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?
A. Deploy new perimeter firewalls at all stores with UTM functionality.
B. Change antivirus vendors at the store and the corporate office.
C. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution.
D. Deploy a proxy server with content filtering at the corporate office and route all traffic through it.
Answer: A
Q60. - (Topic 3)
Company A has a remote work force that often includes independent contractors and out of state full time employees.
Company A's security engineer has been asked to implement a solution allowing these users to collaborate on projects with the following goals:
Which of the following solutions should the security engineer recommend to meet the MOST goals?
A. Create an SSL reverse proxy to a collaboration workspace. Use remote installation service to maintain application version. Have users use full desktop encryption. Schedule server downtime from 12:00 to 1:00 PM.
B. Install an SSL VPN to Company A's datacenter, have users connect to a standard virtual workstation image, set workstation time of day restrictions.
C. Create an extranet web portal using third party web based office applications. Ensure that Company A maintains the administrative access.
D. Schedule server downtime from 12:00 to 1:00 PM, implement a Terminal Server
Gateway, use remote installation services to standardize application on user’s laptops.
Answer: B
