CompTIA CAS-002 ExamCompTIA Advanced Security Practitioner (CASP)

Total Question: 532 Last Updated: Aug 16,2018
  • Updated CAS-002 Dumps
  • Based on Real CAS-002 Exams Scenarios
  • Free CAS-002 pdf Demo Available
  • Check out our CAS-002 Dumps in a new PDF format
  • Instant CAS-002 download
  • Guarantee CAS-002 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $29.99

Buy Now Free Trial

Abreast of the times CAS-002 Exam Study Guides With New Update Exam Questions

Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Exambible CAS-002 simulations. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.

P.S. Practical CAS-002 training tools are available on Google Drive, GET MORE: https://drive.google.com/open?id=1i-DSDDbU7Ij9pDq-9iid94VozRUrxe72


New CompTIA CAS-002 Exam Dumps Collection (Question 4 - Question 13)

Q1. A new IDS device is generating a very large number of irrelevant events. Which of the following would BEST remedy this problem?

A. Change the IDS to use a heuristic anomaly filter.

B. Adjust IDS filters to decrease the number of false positives.

C. Change the IDS filter to data mine the false positives for statistical trending data.

D. Adjust IDS filters to increase the number of false negatives.

Answer: B


Q2. A team of security engineers has applied regulatory and corporate guidance to the design of a corporate network. The engineers have generated an SRTM based on their work and a thorough analysis of the complete set of functional and performance requirements in the network specification. Which of the following BEST describes the purpose of an SRTM in this scenario?

A. To ensure the security of the network is documented prior to customer delivery

B. To document the source of all functional requirements applicable to the network

C. To facilitate the creation of performance testing metrics and test plans

D. To allow certifiers to verify the network meets applicable security requirements

Answer: D


Q3. A Security Administrator has some concerns about the confidentiality of data when using SOAP. Which of the following BEST describes the Security Administratoru2019s concerns?

A. The SOAP header is not encrypted and allows intermediaries to view the header data. The body can be partially or completely encrypted.

B. The SOAP protocol supports weak hashing of header information. As a result the header and body can easily be deciphered by brute force tools.

C. The SOAP protocol can be easily tampered with, even though the header is encrypted.

D. The SOAP protocol does not support body or header encryption which allows assertions to be viewed in clear text by intermediaries.

Answer: A


Q4. Which of the following BEST describes the implications of placing an IDS device inside or outside of the corporate firewall?

A. Placing the IDS device inside the firewall will allow it to monitor potential internal attacks but may increase the load on the system.

B. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks while still allowing the firewall to block the attack.

C. Placing the IDS device inside the firewall will allow it to monitor potential remote attacks but may increase the load on the system.

D. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks but the firewall will not be able to block the attacks.

Answer: B


Q5. A UNIX administrator notifies the storage administrator that extra LUNs can be seen on a UNIX server. The LUNs appear to be NTFS file systems. Which of the following MOST likely happened?

A. The iSCSI initiator was not restarted.

B. The NTFS LUNs are snapshots.

C. The HBA allocation is wrong.

D. The UNIX server is multipathed.

Answer: C


Q6. Which of the following activities is commonly deemed u201cOUT OF SCOPEu201d when undertaking a penetration test?

A. Test password complexity of all login fields and input validation of form fields

B. Reverse engineering any thick client software that has been provided for the test

C. Undertaking network-based denial of service attacks in production environment

D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks

A. E. Running a vulnerability scanning tool to assess network and host weaknesses

Answer: C


Q7. Company XYZ has transferred all of the corporate servers, including web servers, to a cloud hosting provider to reduce costs. All of the servers are running unpatched, outdated versions of Apache. Furthermore, the corporate financial data is also hosted by the cloud services provider, but it is encrypted when not in use. Only the DNS server is configured to audit user and administrator actions and logging is disabled on the other virtual machines. Given this scenario, which of the following is the MOST significant risk to the system?

A. All servers are unpatched and running old versions.

B. Financial data is processed without being encrypted.

C. Logging is disabled on critical servers.

D. Server services have been virtualized and outsourced.

Answer: A


Q8. A security administrator is redesigning, and implementing a service-oriented architecture to replace an old, in-house software processing system, tied to a corporate sales website. After performing the business process analysis, the administrator decides the services need to operate in a dynamic fashion. The company has also been the victim of data injection attacks in the past and needs to build in mitigation features. Based on these requirements and past vulnerabilities, which of the following needs to be incorporated into the SOA?

A. Point to point VPNs for all corporate intranet users.

B. Cryptographic hashes of all data transferred between services.

C. Service to service authentication for all workflows.

D. Two-factor authentication and signed code

Answer: C


Q9. -- Exhibit u2013

-- Exhibit --

Company management has indicated that instant messengers (IM) add to employee productivity. Management would like to implement an IM solution, but does not have a budget for the project. The security engineer creates a feature matrix to help decide the most secure product. Click on the Exhibit button.

Which of the following would the security engineer MOST likely recommend based on the table?

A. Product A

B. Product B

C. Product C

D. Product D

Answer: C


Q10. A security manager is developing new policies and procedures. Which of the following is a best practice in end user security?

A. Employee identity badges and physical access controls to ensure only staff are allowed onsite.

B. A training program that is consistent, ongoing, and relevant.

C. Access controls to prevent end users from gaining access to confidential data.

D. Access controls for computer systems and networks with two-factor authentication.

Answer: B


100% Up to the immediate present CompTIA CAS-002 Questions & Answers shared by Examcollection, Get HERE: http://www.examcollectionuk.com/CAS-002-vce-download.html (New 532 Q&As)


Related CAS-002 Articles