★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


Exam Code: CAS-002 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass CAS-002 Exam.

2021 Oct certainteed cas-002:

Q91. CORRECT TEXT - (Topic 4) 

The IDS has detected abnormal behavior on this network. Click on the network devices to view device information. Based on this information, the following tasks should be completed: 

1. Select the server that is a victim of a cross-site scripting (XSS) attack. 

2 Select the source of the brute force password attack. 

3. Modify the access control list (ACL) on the router(s) to ONLY block the XSS attack. 

Instructions: Simulations can be reset at anytime to the initial state: however, all selections will be deleted 

Answer: Please review following steps: 


Q92. - (Topic 1) 

A security engineer on a large enterprise network needs to schedule maintenance within a fixed window of time. A total outage period of four hours is permitted for servers. Workstations can undergo maintenance from 8:00 pm to 6:00 am daily. Which of the following can specify parameters for the maintenance work? (Select TWO). 

A. Managed security service 

B. Memorandum of understanding 

C. Quality of service 

D. Network service provider 

E. Operating level agreement 

Answer: B,E 


Q93. - (Topic 2) 

An IT auditor is reviewing the data classification for a sensitive system. The company has classified the data stored in the sensitive system according to the following matrix: 

DATA TYPECONFIDENTIALITYINTEGRITYAVAILABILITY 

FinancialHIGHHIGHLOW 

Client nameMEDIUMMEDIUMHIGH 

Client addressLOWMEDIUMLOW 

AGGREGATEMEDIUMMEDIUMMEDIUM 

The auditor is advising the company to review the aggregate score and submit it to senior management. Which of the following should be the revised aggregate score? 

A. HIGH, MEDIUM, LOW 

B. MEDIUM, MEDIUM, LOW 

C. HIGH, HIGH, HIGH 

D. MEDIUM, MEDIUM, MEDIUM 

Answer:


Q94. - (Topic 5) 

An administrator’s company has recently had to reduce the number of Tier 3 help desk technicians available to support enterprise service requests. As a result, configuration standards have declined as administrators develop scripts to troubleshoot and fix customer issues. The administrator has observed that several default configurations have not been fixed through applied group policy or configured in the baseline. Which of the following are controls the administrator should recommend to the organization’s security manager to prevent an authorized user from conducting internal reconnaissance on the organization’s network? (Select THREE). 

A. Network file system 

B. Disable command execution 

C. Port security 

D. TLS 

E. Search engine reconnaissance 

F. NIDS 

G. BIOS security 

H. HIDS 

I. IdM 

Answer: B,G,I 


Q95. - (Topic 1) 

In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO). 

A. Provide free email software for personal devices. 

B. Encrypt data in transit for remote access. 

C. Require smart card authentication for all devices. 

D. Implement NAC to limit insecure devices access. 

E. Enable time of day restrictions for personal devices. 

Answer: B,D 


Down to date comptia casp cas-002:

Q96. - (Topic 1) 

The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements? 

A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator. 

B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud. 

C. A SaaS based firewall which logs to the company’s local storage via SSL, and is managed by the change control team. 

D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware. 

Answer:


Q97. - (Topic 4) 

A company has been purchased by another agency and the new security architect has identified new security goals for the organization. The current location has video surveillance throughout the building and entryways. The following requirements must be met: 

1. Ability to log entry of all employees in and out of specific areas 

2. Access control into and out of all sensitive areas 

3. Two-factor authentication 

Which of the following would MOST likely be implemented to meet the above requirements and provide a secure solution? (Select TWO). 

A. Proximity readers 

B. Visitor logs 

C. Biometric readers 

D. Motion detection sensors 

E. Mantrap 

Answer: A,C 


Q98. - (Topic 1) 

A network administrator with a company’s NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the company’s physical security, which of the following can the network administrator use to detect the presence of a malicious actor physically accessing the company’s network or information systems from within? (Select TWO). 

A. RAS 

B. Vulnerability scanner 

C. HTTP intercept 

D. HIDS 

E. Port scanner 

F. Protocol analyzer 

Answer: D,F 


Q99. - (Topic 2) 

Customers have recently reported incomplete purchase history and other anomalies while accessing their account history on the web server farm. Upon investigation, it has been determined that there are version mismatches of key e-commerce applications on the production web servers. The development team has direct access to the production servers and is most likely the cause of the different release versions. Which of the following process level solutions would address this problem? 

A. Implement change control practices at the organization level. 

B. Adjust the firewall ACL to prohibit development from directly accessing the production server farm. 

C. Update the vulnerability management plan to address data discrepancy issues. 

D. Change development methodology from strict waterfall to agile. 

Answer:


Q100. - (Topic 2) 

A security solutions architect has argued consistently to implement the most secure method of encrypting corporate messages. The solution has been derided as not being cost effective by other members of the IT department. The proposed solution uses symmetric keys to encrypt all messages and is very resistant to unauthorized decryption. The method also requires special handling and security for all key material that goes above and beyond most encryption systems. 

Which of the following is the solutions architect MOST likely trying to implement? 

A. One time pads 

B. PKI 

C. Quantum cryptography 

D. Digital rights management 

Answer: