[Tested] CAS-002 CompTIA exam price 11-20 (Mar 2021)

Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Examcollection CAS-002 exam study guides now. We will not let you down with our money-back guarantee.

2021 Mar CAS-002 exams

Q11. - (Topic 2)

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

A. Review the flow data against each server’s baseline communications profile.

B. Configure the server logs to collect unusual activity including failed logins and restarted services.

C. Correlate data loss prevention logs for anomalous communications from the server.

D. Setup a packet capture on the firewall to collect all of the server communications.

Answer: A

Q12. - (Topic 1)

A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization’s customer database. The database will be accessed by both the company’s users and its customers. The procurement department has asked what security activities must be performed for the deal to proceed. Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO).

A. Physical penetration test of the datacenter to ensure there are appropriate controls.

B. Penetration testing of the solution to ensure that the customer data is well protected.

C. Security clauses are implemented into the contract such as the right to audit.

D. Review of the organizations security policies, procedures and relevant hosting certifications.

E. Code review of the solution to ensure that there are no back doors located in the software.

Answer: C,D

Q13. - (Topic 4)

A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs:

1. The banker accesses the CRM system, a redirect is performed back to the organization’s internal systems.

2. A lookup is performed of the identity and a token is generated, signed and encrypted.

3. A redirect is performed back to the CRM system with the token.

4. The CRM system validates the integrity of the payload, extracts the identity and performs a lookup.

5. If the banker is not in the system and automated provisioning request occurs.

6. The banker is authenticated and authorized and can access the system. This is an example of which of the following?

A. Service provider initiated SAML 2.0

B. Identity provider initiated SAML 1.0

C. OpenID federated single sign on

D. Service provider initiated SAML 1.1

Answer: A

Q14. DRAG DROP - (Topic 3)

Drag and Drop the following information types on to the appropriate CIA category

Answer:

Q15. - (Topic 2)

A large company is preparing to merge with a smaller company. The smaller company has been very profitable, but the smaller company’s main applications were created in-house. Which of the following actions should the large company’s security administrator take in preparation for the merger?

A. A review of the mitigations implemented from the most recent audit findings of the smaller company should be performed.

B. An ROI calculation should be performed to determine which company's application should be used.

C. A security assessment should be performed to establish the risks of integration or co-existence.

D. A regression test should be performed on the in-house software to determine security risks associated with the software.

Answer: C

Replace CAS-002 download:

Q16. - (Topic 5)

A. Physical penetration test of the datacenter to ensure there are appropriate controls.

B. Penetration testing of the solution to ensure that the customer data is well protected.

C. Security clauses are implemented into the contract such as the right to audit.

D. Review of the organizations security policies, procedures and relevant hosting certifications.

E. Code review of the solution to ensure that there are no back doors located in the software.

Answer: C,D

Q17. - (Topic 3)

A company runs large computing jobs only during the overnight hours. To minimize the amount of capital investment in equipment, the company relies on the elastic computing services of a major cloud computing vendor. Because the virtual resources are created and destroyed on the fly across a large pool of shared resources, the company never knows which specific hardware platforms will be used from night to night. Which of the following presents the MOST risk to confidentiality in this scenario?

A. Loss of physical control of the servers

B. Distribution of the job to multiple data centers

C. Network transmission of cryptographic keys

D. Data scraped from the hardware platforms

Answer: D

Q18. - (Topic 1)

Three companies want to allow their employees to seamlessly connect to each other’s wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companies’ wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement?

A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation.

B. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID.

C. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates.

D. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller.

Answer: A

Q19. - (Topic 3)

A security researcher is about to evaluate a new secure VoIP routing appliance. The appliance manufacturer claims the new device is hardened against all known attacks and several un-disclosed zero day exploits. The code base used for the device is a combination of compiled C and TC/TKL scripts. Which of the following methods should the security research use to enumerate the ports and protocols in use by the appliance?

A. Device fingerprinting

B. Switchport analyzer

C. Grey box testing

D. Penetration testing

Answer: A

Q20. - (Topic 2)

A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two-factor authentication for customer access to the administrative website. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data from customer A was found on a hidden directory within the VM of company B. Company B is not in the same industry as company A and the two are not competitors. Which of the following has MOST likely occurred?

A. Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.

B. A stolen two factor token was used to move data from one virtual guest to another host on the same network segment.

C. A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access.

D. An employee with administrative access to the virtual guests was able to dump the guest memory onto a mapped disk.

Answer: A

2021 Mar CAS-002 exams

Replace CAS-002 download:

To see all sample questions go to: CAS-002 braindumps

Related CAS-002 posts: