Examcollection offers free demo for CAS-002 exam. "CompTIA Advanced Security Practitioner (CASP)", also known as CAS-002 exam, is a CompTIA Certification. This set of posts, Passing the CompTIA CAS-002 exam, will help you answer those questions. The CAS-002 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA CAS-002 exams and revised by experts!

Q231. - (Topic 3) 

Company ABC was formed by combining numerous companies which all had multiple databases, web portals, and cloud data sets. Each data store had a unique set of custom developed authentication mechanisms and schemas. Which of the following approaches to combining the disparate mechanisms has the LOWEST up front development costs? 

A. Attestation 

B. PKI 

C. Biometrics 

D. Federated IDs 

Answer:


Q232. - (Topic 5) 

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete? 

A. They should logon to the system using the username concatenated with the 6-digit code and their original password. 

B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code. 

C. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed. 

D. They should use the username format: first.lastname@company.com, together with a password and their 6-digit code. 

Answer:


Q233. - (Topic 4) 

Some mobile devices are jail-broken by connecting via USB cable and then exploiting software vulnerabilities to get kernel-level access. Which of the following attack types represents this scenario? (Select TWO). 

A. Session management attack 

B. Protocol fuzzing 

C. Root-kit compromise 

D. Physical attack 

E. Privilege escalation 

F. Man-in-the-middle 

Answer: D,E 


Q234. - (Topic 1) 

A company is deploying a new iSCSI-based SAN. The requirements are as follows: 

Which of the following design specifications meet all the requirements? (Select TWO). 

A. Targets use CHAP authentication 

B. IPSec using AH with PKI certificates for authentication 

C. Fiber channel should be used with AES 

D. Initiators and targets use CHAP authentication 

E. Fiber channel over Ethernet should be used 

F. IPSec using AH with PSK authentication and 3DES 

G. Targets have SCSI IDs for authentication 

Answer: B,D 


Q235. - (Topic 3) 

A corporation has expanded for the first time by integrating several newly acquired businesses. 

Which of the following are the FIRST tasks that the security team should undertake? (Select TWO). 

A. Remove acquired companies Internet access. 

B. Federate identity management systems. 

C. Install firewalls between the businesses. 

D. Re-image all end user computers to a standard image. 

E. Develop interconnection policy. 

F. Conduct a risk analysis of each acquired company’s networks. 

Answer: E,F 


Q236. - (Topic 3) 

About twice a year a switch fails in a company's network center. Under the maintenance contract, the switch would be replaced in two hours losing the business $1,000 per hour. The cost of a spare switch is $3,000 with a 12-hour delivery time and would eliminate downtime costs if purchased ahead of time. The maintenance contract is $1,500 per year. 

Which of the following is true in this scenario? 

A. It is more cost-effective to eliminate the maintenance contract and purchase a replacement upon failure. 

B. It is more cost-effective to purchase a spare switch prior to an outage and eliminate the maintenance contract. 

C. It is more cost-effective to keep the maintenance contract instead of purchasing a spare switch prior to an outage. 

D. It is more cost-effective to purchase a spare switch prior to an outage and keep the maintenance contract. 

Answer:


Q237. - (Topic 4) 

A university Chief Information Security Officer is analyzing various solutions for a new project involving the upgrade of the network infrastructure within the campus. The campus has several dorms (two-four person rooms) and administrative buildings. The network is currently setup to provide only two network ports in each dorm room and ten network ports per classroom. Only administrative buildings provide 2.4 GHz wireless coverage. 

The following three goals must be met after the new implementation: 

1. Provide all users (including students in their dorms) connections to the Internet. 

2. Provide IT department with the ability to make changes to the network environment to improve performance. 

3. Provide high speed connections wherever possible all throughout campus including sporting event areas. 

Which of the following risk responses would MOST likely be used to reduce the risk of network outages and financial expenditures while still meeting each of the goals stated above? 

A. Avoid any risk of network outages by providing additional wired connections to each user and increasing the number of data ports throughout the campus. 

B. Transfer the risk of network outages by hiring a third party to survey, implement and manage a 5.0 GHz wireless network. 

C. Accept the risk of possible network outages and implement a WLAN solution to provide complete 5.0 GHz coverage in each building that can be managed centrally on campus. 

D. Mitigate the risk of network outages by implementing SOHO WiFi coverage throughout the dorms and upgrading only the administrative buildings to 5.0 GHz coverage using a one for one AP replacement. 

Answer:


Q238. - (Topic 5) 

The Chief Risk Officer (CRO) has requested that the MTD, RTO and RPO for key business applications be identified and documented. Which of the following business documents would MOST likely contain the required values? 

A. MOU 

B. BPA 

C. RA 

D. SLA 

E. BIA 

Answer:


Q239. - (Topic 1) 

A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk? 

A. Deploy new perimeter firewalls at all stores with UTM functionality. 

B. Change antivirus vendors at the store and the corporate office. 

C. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution. 

D. Deploy a proxy server with content filtering at the corporate office and route all traffic through it. 

Answer:


Q240. - (Topic 4) 

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company’s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE). 

A. Business or technical justification for not implementing the requirements. 

B. Risks associated with the inability to implement the requirements. 

C. Industry best practices with respect to the technical implementation of the current controls. 

D. All section of the policy that may justify non-implementation of the requirements. 

E. A revised DRP and COOP plan to the exception form. 

F. Internal procedures that may justify a budget submission to implement the new requirement. 

G. Current and planned controls to mitigate the risks. 

Answer: A,B,G