Top Breathing CAS-002 pdf Tips!

It is more faster and easier to pass the CompTIA CAS-002 exam by using Actual CompTIA CompTIA Advanced Security Practitioner (CASP) questuins and answers. Immediate access to the Latest CAS-002 Exam and find the same core area CAS-002 questions with professionally verified answers, then PASS your exam with a high score now.

♥♥ 2018 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:

P.S. Actual CAS-002 torrent are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 10 - Question 19)

Q10. During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan

showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

A. Implement an IPS to block the application on the network

B. Implement the remote application out to the rest of the servers

C. Implement SSL VPN with SAML standards for federation

D. Implement an ACL on the firewall with NAT for remote access

Answer: C

Q11. The IT manager is evaluating IPS products to determine which would be most effective at stopping network traffic that contains anomalous content on networks that carry very specific types of traffic. Based on the IT manageru2019s requirements, which of the following

types of IPS products would be BEST suited for use in this situation?

A. Signature-based

B. Rate-based

C. Anomaly-based

D. Host-based

Answer: A

Q12. During a software development project review, the cryptographic engineer advises the project manager that security can be greatly improved by significantly slowing down the runtime of a hashing algorithm and increasing the entropy by passing the input and salt back during each iteration. Which of the following BEST describes what the engineer is trying to achieve?

A. Monoalphabetic cipher

A. B. Confusion

C. Root of trust

D. Key stretching

E. Diffusion

Answer: D

Q13. An internal committee comprised of the facilities manager, the physical security manager, the network administrator, and a member of the executive team has been formed to address a recent breach at a companyu2019s data center. It was discovered that during the breach, an HVAC specialist had gained entry to an area that contained server farms holding sensitive financial data. Although the HVAC specialist was there to fix a legitimate issue, the investigation concluded security be provided for the two entry and exit points for the server farm. Which of the following should be implemented to accomplish the recommendations of the investigation?

A. Implement a policy that all non-employees should be escorted in the data center.

B. Place a mantrap at the points with biometric security.

C. Hire an HVAC person for the company, eliminating the need for external HVAC people.

D. Implement CCTV cameras at both points.

Answer: B

Q14. A security administrator is shown the following log excerpt from a Unix system:

2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from port

37914 ssh2

2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from port

37915 ssh2

2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from port

37916 ssh2

2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from port

37918 ssh2

2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from port

37920 ssh2

2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from port

37924 ssh2

Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).

A. An authorized administrator has logged into the root account remotely.

B. The administrator should disable remote root logins.

C. Isolate the system immediately and begin forensic analysis on the host.

D. A remote attacker has compromised the root account using a buffer overflow in sshd.

E. A remote attacker has guessed the root password using a dictionary attack.

F. Use iptables to immediately DROP connections from the IP

G. A remote attacker has compromised the private key of the root account.

H. Change the root password immediately to a password not found in a dictionary.

Answer: C,E

Q15. A high-tech company dealing with sensitive data seized the mobile device of an employee suspected of leaking company secrets to a competitive organization. Which of the following is the BEST order for mobile phone evidence extraction?

A. Device isolation, evidence intake, device identification, data processing, verification of data accuracy, documentation, reporting, presentation and archival.

B. Evidence intake, device identification, preparation to identify the necessary tools, device isolation, data processing, verification of data accuracy, documentation, reporting, presentation and archival.

C. Evidence log, device isolation ,device identification, preparation to identify the necessary tools, data processing, verification of data accuracy, presentation and archival.

D. Device identification, evidence log, preparation to identify the necessary tools, data processing, verification of data accuracy, device isolation, documentation, reporting, presentation and archival.

Answer: B

Q16. During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance to regulations. The audit discovers that 40% of the desktops do not meet requirements. Which of the following is the cause of the noncompliance?

A. The devices are being modified and settings are being overridden in production.

B. The patch management system is causing the devices to be noncompliant after issuing the latest patches.

C. The desktop applications were configured with the default username and password.

D. 40% of the devices have been compromised.

Answer: A

Q17. The risk manager has requested a security solution that is centrally managed, can easily

be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?



C. Antivirus



Answer: A

Q18. A company uses a custom Line of Business (LOB) application to facilitate all back-end manufacturing control. Upon investigation, it has been determined that the database used by the LOB application uses a proprietary data format. The risk management group has flagged this as a potential weakness in the companyu2019s operational robustness. Which of the following would be the GREATEST concern when analyzing the manufacturing control application?

A. Difficulty backing up the custom database

B. Difficulty migrating to new hardware

C. Difficulty training new admin personnel

D. Difficulty extracting data from the database

Answer: D

Q19. An organization is finalizing a contract with a managed security services provider (MSSP) that is responsible for primary support of all security technologies. Which of the following should the organization require as part of the contract to ensure the protection of the organizationu2019s technology?

A. An operational level agreement

B. An interconnection security agreement

C. A non-disclosure agreement

D. A service level agreement

Answer: B

100% Latest CompTIA CAS-002 Questions & Answers shared by Surepassexam, Get HERE: (New 532 Q&As)