comptia casp cas-002 pdf [Jun 2016]


♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: http://www.certleader.com/CAS-002-dumps.html


CAS-002 Product Description:
Exam Number/Code: CAS-002 vce
Exam name: CompTIA Advanced Security Practitioner (CASP)
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: CompTIA CAS-002 CompTIA Advanced Security Practitioner (CASP)

CAS-002 examcollection

The particular CompTIA experts have the possibility to become an expert in IT industry should also get to the maximum regarding ability and achievement, so they have to take part in various CompTIA accreditation examinations. CompTIA CAS-002 known as CompTIA Advanced Security Practitioner (CASP) is stepping-stone to inspect the particular candidates knowledge and capability in the related industry of work. Testking CompTIA CAS-002 on the web apply checks can promise that you can to handle individuals highly trained and qualified operates. The CAS-002 apply test contains the real answers and questions, ensuring you complete the actual CAS-002 test together with best levels.

2016 Jun comptia casp cas-002:

Q91. - (Topic 4) 

A systems administrator establishes a CIFS share on a Unix device to share data to windows systems. The security authentication on the windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the Unix share. Which of the following settings on the Unix server is the cause of this problem? 

A. Refuse LM and only accept NTLMv2 

B. Accept only LM 

C. Refuse NTLMv2 and accept LM 

D. Accept only NTLM 

Answer: A 


Q92. - (Topic 4) 

At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO). 

A. Add guests with more memory to increase capacity of the infrastructure. 

B. A backup is running on the thin clients at 9am every morning. 

C. Install more memory in the thin clients to handle the increased load while booting. 

D. Booting all the lab desktops at the same time is creating excessive I/O. 

E. Install 10-Gb uplinks between the hosts and the lab to increase network capacity. 

F. Install faster SSD drives in the storage system used in the infrastructure. 

G. The lab desktops are saturating the network while booting. 

H. The lab desktops are using more memory than is available to the host systems. 

Answer: D,F 


Q93. - (Topic 2) 

An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the risks associated with malware and resulting data leakage. Given that the ARO is twice per year, the ALE resulting from a data leak is $25,000 and the ALE after implementing the web filter is $15,000. The web filtering solution will cost the organization $10,000 per year. Which of the following values is the single loss expectancy of a data leakage event after implementing the web filtering solution? 

A. $0 

B. $7,500 

C. $10,000 

D. $12,500 

E. $15,000 

Answer: B 


Q94. - (Topic 5) 

A security manager has started a new job and has identified that a key application for a new client does not have an accreditation status and is currently not meeting the compliance requirement for the contract’s SOW. The security manager has competing priorities and wants to resolve this issue quickly with a system determination and risk assessment. Which of the following approaches presents the MOST risk to the security assessment? 

A. The security manager reviews the system description for the previous accreditation, but does not review application change records. 

B. The security manager decides to use the previous SRTM without reviewing the system description. 

C. The security manager hires an administrator from the previous contract to complete the assessment. 

D. The security manager does not interview the vendor to determine if the system description is accurate. 

Answer: B 


Q95. - (Topic 4) 

The security administrator of a large enterprise is tasked with installing and configuring a solution that will allow the company to inspect HTTPS traffic for signs of hidden malware and to detect data exfiltration over encrypted channels. After installing a transparent proxy server, the administrator is ready to configure the HTTPS traffic inspection engine and related network equipment. Which of the following should the security administrator implement as part of the network and proxy design to ensure the browser will not display any certificate errors when browsing HTTPS sites? (Select THREE). 

A. Install a self-signed Root CA certificate on the proxy server. 

B. The proxy configuration of all users’ browsers must point to the proxy IP. 

C. TCP port 443 requests must be redirected to TCP port 80 on the web server. 

D. All users’ personal certificates’ public key must be installed on the proxy. 

E. Implement policy-based routing on a router between the hosts and the Internet. 

F. The proxy certificate must be installed on all users’ browsers. 

Answer: A,E,F 


CAS-002  dumps

Avant-garde comptia casp cas-002:

Q96. - (Topic 5) 

A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organization’s configuration management process using? 

A. Agile 

B. SDL 

C. Waterfall 

D. Joint application development 

Answer: A 


Q97. - (Topic 3) 

At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company. At 10:45 a.m. the security administrator received multiple alerts from the company’s statistical anomaly-based IDS about a company database administrator performing unusual transactions. At 

10:55 a.m. the security administrator resets the database administrator’s password. 

At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user. Which of the following is MOST likely the cause of the alerts? 

A. The IDS logs are compromised. 

B. The new password was compromised. 

C. An input validation error has occurred. 

D. A race condition has occurred. 

Answer: D 


Q98. - (Topic 1) 

A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO). 

A. The user’s certificate private key must be installed on the VPN concentrator. 

B. The CA’s certificate private key must be installed on the VPN concentrator. 

C. The user certificate private key must be signed by the CA. 

D. The VPN concentrator’s certificate private key must be signed by the CA and installed on the VPN concentrator. 

E. The VPN concentrator’s certificate private key must be installed on the VPN concentrator. 

F. The CA’s certificate public key must be installed on the VPN concentrator. 

Answer: E,F 


Q99. - (Topic 4) 

An organization is preparing to upgrade its firewall and NIPS infrastructure and has narrowed the vendor choices down to two platforms. The integrator chosen to assist the organization with the deployment has many clients running a mixture of the possible combinations of environments. Which of the following is the MOST comprehensive method for evaluating the two platforms? 

A. Benchmark each possible solution with the integrators existing client deployments. 

B. Develop testing criteria and evaluate each environment in-house. 

C. Run virtual test scenarios to validate the potential solutions. 

D. Use results from each vendor’s test labs to determine adherence to project requirements. 

Answer: B 


Q100. - (Topic 4) 

A vulnerability research team has detected a new variant of a stealth Trojan that disables itself when it detects that it is running on a virtualized environment. The team decides to use dedicated hardware and local network to identify the Trojan’s behavior and the remote DNS and IP addresses it connects to. Which of the following tools is BEST suited to identify the DNS and IP addresses the stealth Trojan communicates with after its payload is decrypted? 

A. HIDS 

B. Vulnerability scanner 

C. Packet analyzer 

D. Firewall logs 

E. Disassembler 

Answer: C 



see more CompTIA Advanced Security Practitioner (CASP)