★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


Exam Code: CAS-002 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass CAS-002 Exam.

2021 Oct comptia casp cas-002 pdf:

Q281. - (Topic 2) 

A company has adopted a BYOD program. The company would like to protect confidential information. However, it has been decided that when an employee leaves, the company will not completely wipe the personal device. Which of the following would MOST likely help the company maintain security when employees leave? 

A. Require cloud storage on corporate servers and disable access upon termination 

B. Whitelist access to only non-confidential information 

C. Utilize an MDM solution with containerization 

D. Require that devices not have local storage 

Answer: C 


Q282. - (Topic 2) 

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability? 

A. Source code vulnerability scanning 

B. Time-based access control lists 

C. ISP to ISP network jitter 

D. File-size validation 

E. End to end network encryption 

Answer: B 


Q283. - (Topic 3) 

A morphed worm carrying a 0-day payload has infiltrated the company network and is now spreading across the organization. The security administrator was able to isolate the worm communication and payload distribution channel to TCP port 445. Which of the following can the administrator do in the short term to minimize the attack? 

A. Deploy the following ACL to the HIPS: DENY - TCP - ANY - ANY – 445. 

B. Run a TCP 445 port scan across the organization and patch hosts with open ports. 

C. Add the following ACL to the corporate firewall: DENY - TCP - ANY - ANY - 445. 

D. Force a signature update and full system scan from the enterprise anti-virus solution. 

Answer: A 


Q284. DRAG DROP - (Topic 2) 

IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern. Options may be used once or not at all. 

Answer: 


Q285. - (Topic 2) 

A security administrator is tasked with increasing the availability of the storage networks while enhancing the performance of existing applications. Which of the following technologies should the administrator implement to meet these goals? (Select TWO). 

A. LUN masking 

B. Snapshots 

C. vSAN 

D. Dynamic disk pools 

E. Multipath 

F. Deduplication 

Answer: D,E 


CAS-002 question

Update comptia casp cas-002:

Q286. - (Topic 2) 

A storage as a service company implements both encryption at rest as well as encryption in transit of customers’ data. The security administrator is concerned with the overall security of the encrypted customer data stored by the company servers and wants the development team to implement a solution that will strengthen the customer’s encryption key. Which of the following, if implemented, will MOST increase the time an offline password attack against the customers’ data would take? 

A. key = NULL ; for (int i=0; i<5000; i++) { key = sha(key + password) } 

B. password = NULL ; for (int i=0; i<10000; i++) { password = sha256(key) } 

C. password = password + sha(password+salt) + aes256(password+salt) 

D. key = aes128(sha256(password), password)) 

Answer: A 


Q287. - (Topic 2) 

An organization recently upgraded its wireless infrastructure to support 802.1x and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only pre-shared key compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the 802.1x requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network? 

A. Create a separate SSID and require the use of dynamic encryption keys. 

B. Create a separate SSID with a pre-shared key to support the legacy clients and rotate the key at random intervals. 

C. Create a separate SSID and pre-shared WPA2 key on a new network segment and only allow required communication paths. 

D. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x. 

Answer: B 


Q288. - (Topic 1) 

The source workstation image for new accounting PCs has begun blue-screening. A technician notices that the date/time stamp of the image source appears to have changed. The desktop support director has asked the Information Security department to determine if any changes were made to the source image. Which of the following methods would BEST help with this process? (Select TWO). 

A. Retrieve source system image from backup and run file comparison analysis on the two images. 

B. Parse all images to determine if extra data is hidden using steganography. 

C. Calculate a new hash and compare it with the previously captured image hash. 

D. Ask desktop support if any changes to the images were made. 

E. Check key system files to see if date/time stamp is in the past six months. 

Answer: A,C 


Q289. - (Topic 3) 

A corporation has expanded for the first time by integrating several newly acquired businesses. 

Which of the following are the FIRST tasks that the security team should undertake? (Select TWO). 

A. Remove acquired companies Internet access. 

B. Federate identity management systems. 

C. Install firewalls between the businesses. 

D. Re-image all end user computers to a standard image. 

E. Develop interconnection policy. 

F. Conduct a risk analysis of each acquired company’s networks. 

Answer: E,F 


Q290. - (Topic 5) 

The IT manager is evaluating IPS products to determine which would be most effective at stopping network traffic that contains anomalous content on networks that carry very specific types of traffic. Based on the IT manager’s requirements, which of the following types of IPS products would be BEST suited for use in this situation? 

A. Signature-based 

B. Rate-based 

C. Anomaly-based 

D. Host-based 

Answer: A