♥♥ 2017 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
CAS-002 Product Description:
Exam Number/Code: CAS-002 vce
Exam name: CompTIA Advanced Security Practitioner (CASP)
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing
The particular examinees that read the Ucertify CompTIA CAS-002 puts are usually good results of highly certified teachers, living a great existence. Ucertify has been committed to make your potential secure and begin your CompTIA CAS-002 CompTIA Advanced Security Practitioner (CASP) test preparations through the most recent up to date Ucertify checks CAS-002 test powerplant. Your dreams will come correct simply by start your CAS-002 vce with regard to CompTIA Advanced Security Practitioner (CASP) test via Ucertify CompTIA research manuals just. You wont able to stand out your talent in the very first endeavor of CAS-002 test if you utilize a some other walkway as compared to CompTIA. CompTIA CompTIA CAS-002 pdf file provides you with splendour and make you enough confident in your entire existence.
2016 Jun comptia casp cas-002:
Q51. - (Topic 4)
A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO).
A. The user’s certificate private key must be installed on the VPN concentrator.
B. The CA’s certificate private key must be installed on the VPN concentrator.
C. The user certificate private key must be signed by the CA.
D. The VPN concentrator’s certificate private key must be signed by the CA and installed on the VPN concentrator.
E. The VPN concentrator’s certificate private key must be installed on the VPN concentrator.
F. The CA’s certificate public key must be installed on the VPN concentrator.
Q52. - (Topic 3)
An architect has been engaged to write the security viewpoint of a new initiative. Which of the following BEST describes a repeatable process that can be used for establishing the security architecture?
A. Inspect a previous architectural document. Based on the historical decisions made, consult the architectural control and pattern library within the organization and select the controls that appear to best fit this new architectural need.
B. Implement controls based on the system needs. Perform a risk analysis of the system. For any remaining risks, perform continuous monitoring.
C. Classify information types used within the system into levels of confidentiality, integrity, and availability. Determine minimum required security controls. Conduct a risk analysis. Decide on which security controls to implement.
D. Perform a risk analysis of the system. Avoid extreme risks. Mitigate high risks. Transfer medium risks and accept low risks. Perform continuous monitoring to ensure that the system remains at an adequate security posture.
Q53. - (Topic 4)
A medium-sized company has recently launched an online product catalog. It has decided to keep the credit card purchasing in-house as a secondary potential income stream has been identified in relation to sales leads. The company has decided to undertake a PCI assessment in order to determine the amount of effort required to meet the business objectives. Which compliance category would this task be part of?
A. Government regulation
B. Industry standard
C. Company guideline
D. Company policy
Q54. - (Topic 2)
The Chief Information Security Officer (CISO) at a large organization has been reviewing some security-related incidents at the organization and comparing them to current industry trends. The desktop security engineer feels that the use of USB storage devices on office computers has contributed to the frequency of security incidents. The CISO knows the acceptable use policy prohibits the use of USB storage devices. Every user receives a popup warning about this policy upon login. The SIEM system produces a report of USB violations on a monthly basis; yet violations continue to occur. Which of the following preventative controls would MOST effectively mitigate the logical risks associated with the use of USB storage devices?
A. Revise the corporate policy to include possible termination as a result of violations
B. Increase the frequency and distribution of the USB violations report
C. Deploy PKI to add non-repudiation to login sessions so offenders cannot deny the offense
D. Implement group policy objects
Q55. - (Topic 1)
A company is deploying a new iSCSI-based SAN. The requirements are as follows:
Which of the following design specifications meet all the requirements? (Select TWO).
A. Targets use CHAP authentication
B. IPSec using AH with PKI certificates for authentication
C. Fiber channel should be used with AES
D. Initiators and targets use CHAP authentication
E. Fiber channel over Ethernet should be used
F. IPSec using AH with PSK authentication and 3DES
G. Targets have SCSI IDs for authentication
Latest comptia casp cas-002 pdf:
Q56. - (Topic 4)
A corporation implements a mobile device policy on smartphones that utilizes a white list for allowed applications. Recently, the security administrator notices that a consumer cloud based storage application has been added to the mobile device white list. Which of the following security implications should the security administrator cite when recommending the application’s removal from the white list?
A. Consumer cloud storage systems retain local copies of each file on the smartphone, as well as in the cloud, causing a potential data breach if the phone is lost or stolen.
B. Smartphones can export sensitive data or import harmful data with this application causing the potential for DLP or malware issues.
C. Consumer cloud storage systems could allow users to download applications to the smartphone. Installing applications this way would circumvent the application white list.
D. Smartphones using consumer cloud storage are more likely to have sensitive data remnants on them when they are repurposed.
Q57. - (Topic 5)
Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. Which of the following would be the advantage of conducting this kind of penetration test?
A. The risk of unplanned server outages is reduced.
B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on.
C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness.
D. The results should reflect what attackers may be able to learn about the company.
Q58. - (Topic 2)
A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy. Which of the following are true statements? (Select TWO).
A. The X509 V3 certificate was issued by a non trusted public CA.
B. The client-server handshake could not negotiate strong ciphers.
C. The client-server handshake is configured with a wrong priority.
D. The client-server handshake is based on TLS authentication.
E. The X509 V3 certificate is expired.
F. The client-server implements client-server mutual authentication with different certificates.
Q59. - (Topic 1)
A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers?
A. SSL certificate revocation
B. SSL certificate pinning
C. Mobile device root-kit detection
D. Extended Validation certificates
Q60. - (Topic 1)
Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software from running on mobile devices?
A. Single sign-on
B. Identity propagation
C. Remote attestation
D. Secure code review
see more CompTIA Advanced Security Practitioner (CASP)