Passleader offers free demo for CAS-002 exam. "CompTIA Advanced Security Practitioner (CASP)", also known as CAS-002 exam, is a CompTIA Certification. This set of posts, Passing the CompTIA CAS-002 exam, will help you answer those questions. The CAS-002 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA CAS-002 exams and revised by experts!

P.S. Tested CAS-002 pack are available on Google Drive, GET MORE: https://drive.google.com/open?id=1D1OsvtV6EsmahSAfh5egZO5fZVoFYzmV


New CompTIA CAS-002 Exam Dumps Collection (Question 3 - Question 12)

Q3. In a situation where data is to be recovered from an attackeru2019s location, which of the following are the FIRST things to capture? (Select TWO).

A. Removable media

B. Passwords written on scrap paper

C. Snapshots of data on the monitor

D. Documents on the printer

E. Volatile system memory

F. System hard drive

Answer: C,E


Q4. A business wants to start using social media to promote the corporation and to ensure that customers have a good experience with their products. Which of the following security items should the company have in place before implementation? (Select TWO).

A. The company must dedicate specific staff to act as social media representatives of the company.

B. All staff needs to be instructed in the proper use of social media in the work environment.

C. Senior staff blogs should be ghost written by marketing professionals.

D. The finance department must provide a cost benefit analysis for social media.

E. The security policy needs to be reviewed to ensure that social media policy is properly implemented.

F. The company should ensure that the company has sufficient bandwidth to allow for social media traffic.

Answer: A,E


Q5. A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing confidential corporate information on a daily basis. Which of the following are the MOST effective security controls that can be implemented to stop the above problem? (Select TWO).

A. Implement a URL filter to block the online forum

B. Implement NIDS on the desktop and DMZ networks

C. Security awareness compliance training for all employees

D. Implement DLP on the desktop, email gateway, and web proxies

A. E. Review of security policies and procedures

Answer: C,D


Q6. An administrator has four virtual guests on a host server. Two of the servers are corporate SQL servers, one is a corporate mail server, and one is a testing web server for a small group of developers. The administrator is experiencing difficulty connecting to the host server during peak network usage times. Which of the following would allow the administrator to securely connect to and manage the host server during peak usage times?

A. Increase the virtual RAM allocation to high I/O servers.

B. Install a management NIC and dedicated virtual switch.

C. Configure the high I/O virtual servers to use FCoE rather than iSCSI.

D. Move the guest web server to another dedicated host.

Answer: B


Q7. A recently hired security administrator is advising developers about the secure integration of a legacy in-house application with a new cloud based processing system. The systems must exchange large amounts of fixed format data such as names, addresses, and phone numbers, as well as occasional chunks of data in unpredictable formats. The developers want to construct a new data format and create custom tools to parse and process the data. The security administrator instead suggests that the developers:

A. Create a custom standard to define the data.

B. Use well formed standard compliant XML and strict schemas.

C. Only document the data format in the parsing application code.

D. Implement a de facto corporate standard for all analyzed data.

Answer: B


Q8. Which of the following activities is commonly deemed u201cOUT OF SCOPEu201d when undertaking a penetration test?

A. Test password complexity of all login fields and input validation of form fields

B. Reverse engineering any thick client software that has been provided for the test

C. Undertaking network-based denial of service attacks in production environment

D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks

A. E. Running a vulnerability scanning tool to assess network and host weaknesses

Answer: C


Q9. A storage as a service company implements both encryption at rest as well as encryption in transit of customersu2019 data. The security administrator is concerned with the overall security of the encrypted customer data stored by the company servers and wants the development team to implement a solution that will strengthen the customeru2019s encryption key. Which of the following, if implemented, will MOST increase the time an offline password attack against the customersu2019 data would take?

A. key = NULL ; for (int i=0; i<5000; i++) { key = sha(key + password) }

B. password = NULL ; for (int i=0; i<10000; i++) { password = sha256(key) }

C. password = password + sha(password+salt) + aes256(password+salt)

D. key = aes128(sha256(password), password))

Answer: A


Q10. An organization has had component integration related vulnerabilities exploited in consecutive releases of the software it hosts. The only reason the company was able to identify the compromises was because of a correlation of slow server performance and an attentive security analyst noticing unusual outbound network activity from the application

servers. End-to-end management of the development process is the responsibility of the applications development manager and testing is done by various teams of programmers. Which of the following will MOST likely reduce the likelihood of similar incidents?

A. Conduct monthly audits to verify that application modifications do not introduce new vulnerabilities.

B. Implement a peer code review requirement prior to releasing code into production.

C. Follow secure coding practices to minimize the likelihood of creating vulnerable applications.

D. Establish cross-functional planning and testing requirements for software development activities.

Answer: D


Q11. The Chief Information Officer (CIO) of a technology company is likely to move away from a de-perimeterized model for employee owned devices. This is because there were too many issues with lack of patching, malware incidents, and data leakage due to lost/stolen devices which did not have full-disk encryption. The u2018bring your own computingu2019 approach was originally introduced because different business units preferred different operating systems and application stacks. Based on the issues and user needs, which of the following is the BEST recommendation for the CIO to make?

A. The de-perimeterized model should be kept as this is major industry trend and other companies are following this direction. Advise that the issues being faced are standard business as usual concerns in a modern IT environment.

B. Update the policy to disallow non-company end-point devices on the corporate network. Develop security-focused standard operating environments (SOEs) for all required operating systems and ensure the needs of each business unit are met.

C. The de-perimeterized model should be kept but update company policies to state that non-company end-points require full disk encryption, anti-virus software, and regular patching.

D. Update the policy to disallow non-company end-point devices on the corporate network. Allow only one type of outsourced SOE to all users as this will be easier to provision, secure, and will save money on operating costs.

Answer: B


Q12. A Security Administrator has some concerns about the confidentiality of data when using SOAP. Which of the following BEST describes the Security Administratoru2019s concerns?

A. The SOAP header is not encrypted and allows intermediaries to view the header data. The body can be partially or completely encrypted.

B. The SOAP protocol supports weak hashing of header information. As a result the header and body can easily be deciphered by brute force tools.

C. The SOAP protocol can be easily tampered with, even though the header is encrypted.

D. The SOAP protocol does not support body or header encryption which allows assertions to be viewed in clear text by intermediaries.

Answer: A


100% Up to date CompTIA CAS-002 Questions & Answers shared by 2passeasy, Get HERE: https://www.2passeasy.com/dumps/CAS-002/ (New 532 Q&As)