♥♥ 2017 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
CAS-002 Product Description:
Exam Number/Code: CAS-002 vce
Exam name: CompTIA Advanced Security Practitioner (CASP)
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing
Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Passleader CAS-002 exam study guides now. We will not let you down with our money-back guarantee.
P.S. Printable CAS-002 faq are available on Google Drive, GET MORE: https://drive.google.com/open?id=1pX9Yg2aTb9vNu1CE0teKLNqAkStO5U85
New CompTIA CAS-002 Exam Dumps Collection (Question 11 - Question 20)
New Questions 11
A security manager has received the following email from the Chief Financial Officer (CFO):
u201cWhile I am concerned about the security of the proprietary financial data in our ERP application, we have had a lot of turnover in the accounting group and I am having a difficult time meeting our monthly performance targets. As things currently stand, we do not allow employees to work from home but this is something I am willing to allow so we can get back on track. What should we do first to securely enable this capability for my group?u201d
Based on the information provided, which of the following would be the MOST appropriate response to the CFO?
A. Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed.
B. Allow VNC access to corporate desktops from personal computers for the users working from home.
C. Allow terminal services access from personal computers after the CFO provides a list of the users working from home.
D. Work with the executive management team to revise policies before allowing any remote access.
New Questions 12
After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system was restored on a newer revision of the same brand and model device. After the restore, the specialized application no longer works. Which of the following is the MOST likely cause of the problem?
A. The binary files used by the application have been modified by malware.
B. The application is unable to perform remote attestation due to blocked ports.
C. The restored image backup was encrypted with the wrong key.
D. The hash key summary of hardware and installed software no longer match.
New Questions 13
A software project manager has been provided with a requirement from the customer to place limits on the types of transactions a given user can initiate without external interaction from another user with elevated privileges. This requirement is BEST described as an implementation of:
A. an administrative control
B. dual control
C. separation of duties
D. least privilege
New Questions 14
The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the routeru2019s external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the companyu2019s external routeru2019s IP which is 18.104.22.168:
11:16:22.110343 IP 22.214.171.124.19 > 126.96.36.199.19: UDP, length 1400
11:16:22.110351 IP 188.8.131.52.19 > 184.108.40.206.19: UDP, length 1400
11:16:22.110358 IP 220.127.116.11.19 > 18.104.22.168.19: UDP, length 1400
11:16:22.110402 IP 22.214.171.124.19 > 126.96.36.199.19: UDP, length 1400
11:16:22.110406 IP 188.8.131.52.19 > 184.108.40.206.19: UDP, length 1400
Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration?
A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the companyu2019s ISP should be contacted and instructed to block the malicious packets.
B. After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.
C. After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks.
D. After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the companyu2019s external router to block incoming UDP port 19 traffic.
New Questions 15
A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach to risk management?
A. Subjective and based on an individual's experience.
B. Requires a high degree of upfront work to gather environment details.
C. Difficult to differentiate between high, medium, and low risks.
D. Allows for cost and benefit analysis.
E. Calculations can be extremely complex to manage.
New Questions 16
Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets.
The information security team has been a part of the department meetings and come away with the following notes:
-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application.
-Sales is asking for easy order tracking to facilitate feedback to customers.
-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction.
-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy.
-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining.
The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption.
Which of the following departmentsu2019 request is in contrast to the favored solution?
D. Quality assurance
E. Human resources
New Questions 17
An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?
A. File system information, swap files, network processes, system processes and raw disk blocks.
A. B. Raw disk blocks, network processes, system processes, swap files and file system information.
C. System processes, network processes, file system information, swap files and raw disk blocks.
D. Raw disk blocks, swap files, network processes, system processes, and file system information.
New Questions 18
Two universities are making their 802.11n wireless networks available to the other universityu2019s students. The infrastructure will pass the studentu2019s credentials back to the home school for authentication via the Internet.
The requirements are:
The following design was implemented:
WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security RADIUS proxy servers will be used to forward authentication requests to the home school The RADIUS servers will have certificates from a common public certificate authority
A strong shared secret will be used for RADIUS server authentication
Which of the following security considerations should be added to the design?
A. The transport layer between the RADIUS servers should be secured
B. WPA Enterprise should be used to decrease the network overhead
C. The RADIUS servers should have local accounts for the visiting students
D. Students should be given certificates to use for authentication to the network
New Questions 19
ODBC access to a database on a network-connected host is required. The host does not have a security mechanism to authenticate the incoming ODBC connection, and the application requires that the connection have read/write permissions. In order to further secure the data, a nonstandard configuration would need to be implemented. The information in the database is not sensitive, but was not readily accessible prior to the implementation of the ODBC connection. Which of the following actions should be taken by the security analyst?
A. Accept the risk in order to keep the system within the companyu2019s standard security configuration.
B. Explain the risks to the data owner and aid in the decision to accept the risk versus choosing a nonstandard solution.
C. Secure the data despite the need to use a security control or solution that is not within company standards.
A. D. Do not allow the connection to be made to avoid unnecessary risk and avoid deviating from the standard security configuration.
New Questions 20
A security engineer is responsible for monitoring company applications for known vulnerabilities. Which of the following is a way to stay current on exploits and information security news?
A. Update company policies and procedures
B. Subscribe to security mailing lists
C. Implement security awareness training
A. D. Ensure that the organization vulnerability management plan is up-to-date
To know more about the CompTIA Advanced Security Practitioner (CASP), click here.
P.S. Easily pass CAS-002 Exam with Surepassexam Printable Dumps & pdf vce, Try Free: https://www.surepassexam.com/CAS-002-exam-dumps.html (450 New Questions)