★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


As a CompTIA is considered to be probably the most extensively well known as well as recognized brands on the market for the number of corporations, these kinds of qualifications are frequently worthy of a premium which will several other accreditation usually do not give the pay. It has been reported which will pay improves with regard to CompTIA CAS-002 credentialed personnel are oftentimes in excess of 16% also in this particular economic system, exactly who wouldn?¡¥t like to have the chance to have an more slice connected with transform added onto the final within their pay?

2021 Sep comptia casp cas-002:

Q211. - (Topic 2) 

Ann is testing the robustness of a marketing website through an intercepting proxy. She has intercepted the following HTTP request: 

POST /login.aspx HTTP/1.1 

Host: comptia.org 

Content-type: text/html 

txtUsername=ann&txtPassword=ann&alreadyLoggedIn=false&submit=true 

Which of the following should Ann perform to test whether the website is susceptible to a simple authentication bypass? 

A. Remove all of the post data and change the request to /login.aspx from POST to GET 

B. Attempt to brute force all usernames and passwords using a password cracker 

C. Remove the txtPassword post data and change alreadyLoggedIn from false to true 

D. Remove the txtUsername and txtPassword post data and toggle submit from true to false 

Answer: C 


Q212. - (Topic 2) 

A security analyst, Ann, states that she believes Internet facing file transfer servers are being attacked. Which of the following is evidence that would aid Ann in making a case to management that action needs to be taken to safeguard these servers? 

A. Provide a report of all the IP addresses that are connecting to the systems and their locations 

B. Establish alerts at a certain threshold to notify the analyst of high activity 

C. Provide a report showing the file transfer logs of the servers 

D. Compare the current activity to the baseline of normal activity 

Answer: D 


Q213. - (Topic 5) 

Company XYZ is building a new customer facing website which must access some corporate resources. The company already has an internal facing web server and a separate server supporting an extranet to which suppliers have access. The extranet web server is located in a network DMZ. The internal website is hosted on a laptop on the internal corporate network. The internal network does not restrict traffic between any internal hosts. Which of the following locations will BEST secure both the intranet and the customer facing website? 

A. The existing internal network segment 

B. Dedicated DMZ network segments 

C. The existing extranet network segment 

D. A third-party web hosting company 

Answer: B 


Q214. CORRECT TEXT - (Topic 3) 

The IDS has detected abnormal behavior on this network Click on the network devices to view device information Based on this information, the following tasks need to be completed: 

1. Select the server that is a victim of a SQL injection attack. 

2 Select the source of the buffer overflow attack. 

3. Modify the access control list (ACL) on the router(s) to ONLY block the buffer overflow attack. 

Instructions: Simulations can be reset at any time to the initial state: however, all selections will be deleted. 

Answer: Follow the Steps as 


Q215. - (Topic 1) 

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company’s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE). 

A. Business or technical justification for not implementing the requirements. 

B. Risks associated with the inability to implement the requirements. 

C. Industry best practices with respect to the technical implementation of the current controls. 

D. All sections of the policy that may justify non-implementation of the requirements. 

E. A revised DRP and COOP plan to the exception form. 

F. Internal procedures that may justify a budget submission to implement the new requirement. 

G. Current and planned controls to mitigate the risks. 

Answer: A,B,G 


CAS-002 simulations

Latest comptia casp cas-002:

Q216. - (Topic 4) 

A security administrator is shown the following log excerpt from a Unix system: 

2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port 37914 ssh2 

2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port 37915 ssh2 

2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port 37916 ssh2 

2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port 37918 ssh2 

2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port 37920 ssh2 

2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port 37924 ssh2 

Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO). 

A. An authorized administrator has logged into the root account remotely. 

B. The administrator should disable remote root logins. 

C. Isolate the system immediately and begin forensic analysis on the host. 

D. A remote attacker has compromised the root account using a buffer overflow in sshd. 

E. A remote attacker has guessed the root password using a dictionary attack. 

F. Use iptables to immediately DROP connections from the IP 198.51.100.23. 

G. A remote attacker has compromised the private key of the root account. 

H. Change the root password immediately to a password not found in a dictionary. 

Answer: C,E 


Q217. - (Topic 4) 

In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO). 

A. Provide free email software for personal devices. 

B. Encrypt data in transit for remote access. 

C. Require smart card authentication for all devices 

D. Implement NAC to limit insecure devices access. 

E. Enable time of day restrictions for personal devices. 

Answer: B,D 


Q218. - (Topic 2) 

A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The programmers are not on good terms with the security team and do not want to be distracted with security issues while they are working on a major project. Which of the following is the BEST time to make them address security issues in the project? 

A. In the middle of the project 

B. At the end of the project 

C. At the inception of the project 

D. At the time they request 

Answer: C 


Q219. - (Topic 3) 

A network administrator notices a security intrusion on the web server. Which of the following is noticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2 in the log file? 

A. Buffer overflow 

B. Click jacking 

C. SQL injection 

D. XSS attack 

Answer: D 


Q220. - (Topic 1) 

After being notified of an issue with the online shopping cart, where customers are able to arbitrarily change the price of listed items, a programmer analyzes the following piece of code used by a web based shopping cart. 

SELECT ITEM FROM CART WHERE ITEM=ADDSLASHES($USERINPUT); 

The programmer found that every time a user adds an item to the cart, a temporary file is created on the web server /tmp directory. The temporary file has a name which is generated by concatenating the content of the $USERINPUT variable and a timestamp in the form of MM-DD-YYYY, (e.g. smartphone-12-25-2013.tmp) containing the price of the item being purchased. Which of the following is MOST likely being exploited to manipulate the price of a shopping cart’s items? 

A. Input validation 

B. SQL injection 

C. TOCTOU 

D. Session hijacking 

Answer: C