Exam Code: CAS-002 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass CAS-002 Exam.

2021 Jan CAS-002 testing engine

Q101. - (Topic 4) 

A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE). 

A. Security of data storage 

B. The cost of the solution 

C. System availability 

D. User authentication strategy 

E. PBX integration of the service 

F. Operating system compatibility 

Answer: A,C,D 


Q102. - (Topic 3) 

A team is established to create a secure connection between software packages in order to list employee's remaining or unused benefits on their paycheck stubs. Which of the following business roles would be MOST effective on this team? 

A. Network Administrator, Database Administrator, Programmers 

B. Network Administrator, Emergency Response Team, Human Resources 

C. Finance Officer, Human Resources, Security Administrator 

D. Database Administrator, Facilities Manager, Physical Security Manager 

Answer:


Q103. - (Topic 1) 

A company is facing penalties for failing to effectively comply with e-discovery requests. Which of the following could reduce the overall risk to the company from this issue? 

A. Establish a policy that only allows filesystem encryption and disallows the use of individual file encryption. 

B. Require each user to log passwords used for file encryption to a decentralized repository. 

C. Permit users to only encrypt individual files using their domain password and archive all old user passwords. 

D. Allow encryption only by tools that use public keys from the existing escrowed corporate PKI. 

Answer:


Q104. - (Topic 3) 

A team of security engineers has applied regulatory and corporate guidance to the design of a corporate network. The engineers have generated an SRTM based on their work and a thorough analysis of the complete set of functional and performance requirements in the network specification. Which of the following BEST describes the purpose of an SRTM in this scenario? 

A. To ensure the security of the network is documented prior to customer delivery 

B. To document the source of all functional requirements applicable to the network 

C. To facilitate the creation of performance testing metrics and test plans 

D. To allow certifiers to verify the network meets applicable security requirements 

Answer:


Q105. - (Topic 4) 

select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson Which of the following types of attacks is the user attempting? 

A. XML injection 

B. Command injection 

C. Cross-site scripting 

D. SQL injection 

Answer:


Updated CAS-002 exams:

Q106. - (Topic 4) 

A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs: 

1. The banker accesses the CRM system, a redirect is performed back to the organization’s internal systems. 

2. A lookup is performed of the identity and a token is generated, signed and encrypted. 

3. A redirect is performed back to the CRM system with the token. 

4. The CRM system validates the integrity of the payload, extracts the identity and performs a lookup. 

5. If the banker is not in the system and automated provisioning request occurs. 

6. The banker is authenticated and authorized and can access the system. This is an example of which of the following? 

A. Service provider initiated SAML 2.0 

B. Identity provider initiated SAML 1.0 

C. OpenID federated single sign on 

D. Service provider initiated SAML 1.1 

Answer:


Q107. - (Topic 4) 

Which of the following BEST describes the implications of placing an IDS device inside or outside of the corporate firewall? 

A. Placing the IDS device inside the firewall will allow it to monitor potential internal attacks but may increase the load on the system. 

B. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks while still allowing the firewall to block the attack. 

C. Placing the IDS device inside the firewall will allow it to monitor potential remote attacks but may increase the load on the system. 

D. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks but the firewall will not be able to block the attacks. 

Answer:


Q108. - (Topic 5) 

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers? 

A. SSL certificate revocation 

B. SSL certificate pinning 

C. Mobile device root-kit detection 

D. Extended Validation certificates 

Answer:


Q109. - (Topic 2) 

A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network. Vendors were authenticating directly to the retailer’s AD servers, and an improper firewall rule allowed pivoting from the AD server to the DMZ where credit card servers were kept. The firewall rule was needed for an internal application that was developed, which presents risk. The retailer determined that because the vendors were required to have site to site VPN’s no other security action was taken. 

To prove to the retailer the monetary value of this risk, which of the following type of calculations is needed? 

A. Residual Risk calculation 

B. A cost/benefit analysis 

C. Quantitative Risk Analysis 

D. Qualitative Risk Analysis 

Answer:


Q110. - (Topic 3) 

A financial institution wants to reduce the costs associated with managing and troubleshooting employees’ desktops and applications, while keeping employees from copying data onto external storage. The Chief Information Officer (CIO) has asked the security team to evaluate four solutions submitted by the change management group. Which of the following BEST accomplishes this task? 

A. Implement desktop virtualization and encrypt all sensitive data at rest and in transit. 

B. Implement server virtualization and move the application from the desktop to the server. 

C. Implement VDI and disable hardware and storage mapping from the thin client. 

D. Move the critical applications to a private cloud and disable VPN and tunneling. 

Answer: