The CompTIA CAS-002 questions and answers tend to be up to date through our technical engineers instantly. Youre going to get the newest simulated check concerns which are in keeping with the present CompTIA exam. More significantly, the particular update date lengthy in order to One hundred and eighty nights, showing that you may have fifty percent any years time to study CAS-002 places.
2021 Dec CAS-002 free download
Q31. - (Topic 4)
Company XYZ is in negotiations to acquire Company ABC for $1.2millon. Due diligence activities have uncovered systemic security issues in the flagship product of Company ABC. It has been established that a complete product rewrite would be needed with average estimates indicating a cost of $1.6millon. Which of the following approaches should the risk manager of Company XYZ recommend?
A. Transfer the risk
B. Accept the risk
C. Mitigate the risk
D. Avoid the risk
Answer: D
Q32. - (Topic 5)
A company has migrated its data and application hosting to a cloud service provider (CSP).
To meet its future needs, the company considers an IdP. Why might the company want to select an IdP that is separate from its CSP? (Select TWO).
A. A circle of trust can be formed with all domains authorized to delegate trust to an IdP
B. Identity verification can occur outside the circle of trust if specified or delegated
C. Replication of data occurs between the CSP and IdP before a verification occurs
D. Greater security can be provided if the circle of trust is formed within multiple CSP domains
E. Faster connections can occur between the CSP and IdP without the use of SAML
Answer: A,D
Q33. - (Topic 2)
ODBC access to a database on a network-connected host is required. The host does not have a security mechanism to authenticate the incoming ODBC connection, and the application requires that the connection have read/write permissions. In order to further secure the data, a nonstandard configuration would need to be implemented. The information in the database is not sensitive, but was not readily accessible prior to the implementation of the ODBC connection. Which of the following actions should be taken by the security analyst?
A. Accept the risk in order to keep the system within the company’s standard security configuration.
B. Explain the risks to the data owner and aid in the decision to accept the risk versus choosing a nonstandard solution.
C. Secure the data despite the need to use a security control or solution that is not within company standards.
D. Do not allow the connection to be made to avoid unnecessary risk and avoid deviating from the standard security configuration.
Answer: B
Q34. - (Topic 1)
A security manager for a service provider has approved two vendors for connections to the
service provider backbone. One vendor will be providing authentication services for its payment card service, and the other vendor will be providing maintenance to the service provider infrastructure sites. Which of the following business agreements is MOST relevant to the vendors and service provider’s relationship?
A. Memorandum of Agreement
B. Interconnection Security Agreement
C. Non-Disclosure Agreement
D. Operating Level Agreement
Answer: B
Q35. - (Topic 5)
An administrator is trying to categorize the security impact of a database server in the case of a security event. There are three databases on the server.
Current Financial Data = High level of damage if data is disclosed. Moderate damage if the system goes offline
Archived Financial Data = No need for the database to be online. Low damage for integrity loss
Public Website Data = Low damage if the site goes down. Moderate damage if the data is corrupted
Given these security categorizations of each database, which of the following is the aggregate security categorization of the database server?
A. Database server = {(Confidentiality HIGH),(Integrity High),(Availability High)}
B. Database server = {(Confidentiality HIGH),(Integrity Moderate),(Availability Moderate)}
C. Database server = {(Confidentiality HIGH),(Integrity Moderate),(Availability Low)}
D. Database server = {(Confidentiality Moderate),(Integrity Moderate),(Availability Moderate)}
Answer: B
Renewal CAS-002 free download:
Q36. - (Topic 4)
The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take?
A. Address the security concerns through the network design and security controls.
B. Implement mitigations to the security risks and address the poor communications on the team with the project manager.
C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.
D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.
Answer: C
Q37. - (Topic 3)
At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company. At 10:45 a.m. the security administrator received multiple alerts from the company’s statistical anomaly-based IDS about a company database administrator performing unusual transactions. At
10:55 a.m. the security administrator resets the database administrator’s password.
At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user. Which of the following is MOST likely the cause of the alerts?
A. The IDS logs are compromised.
B. The new password was compromised.
C. An input validation error has occurred.
D. A race condition has occurred.
Answer: D
Q38. - (Topic 3)
A security administrator at a Lab Company is required to implement a solution which will provide the highest level of confidentiality possible to all data on the lab network.
The current infrastructure design includes:
The network is protected with a firewall implementing ACLs, a NIPS device, and secured wireless access points.
Which of the following cryptographic improvements should be made to the current architecture to achieve the stated goals?
A. PKI based authorization
B. Transport encryption
C. Data at rest encryption
D. Code signing
Answer: B
Q39. - (Topic 5)
The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important?
A. What are the protections against MITM?
B. What accountability is built into the remote support application?
C. What encryption standards are used in tracking database?
D. What snapshot or “undo” features are present in the application?
E. What encryption standards are used in remote desktop and file transfer functionality?
Answer: B
Q40. - (Topic 1)
The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?
A. The corporate network is the only network that is audited by regulators and customers.
B. The aggregation of employees on a corporate network makes it a more valuable target for attackers.
C. Home networks are unknown to attackers and less likely to be targeted directly.
D. Employees are more likely to be using personal computers for general web browsing when they are at home.
Answer: B