Act now and download your CompTIA CAS-002 test today! Do not waste time for the worthless CompTIA CAS-002 tutorials. Download Abreast of the times CompTIA CompTIA Advanced Security Practitioner (CASP) exam with real questions and answers and begin to learn CompTIA CAS-002 with a classic professional.

2021 Dec CAS-002 pdf exam

Q151. - (Topic 2) 

A company with 2000 workstations is considering purchasing a HIPS to minimize the impact of a system compromise from malware. Currently, the company projects a total cost of $50,000 for the next three years responding to and eradicating workstation malware. The Information Security Officer (ISO) has received three quotes from different companies that provide HIPS. 

Which solution should the company select if the contract is only valid for three years? 

A. First quote 

B. Second quote 

C. Third quote 

D. Accept the risk 

Answer:


Q152. - (Topic 4) 

Company XYZ has had repeated vulnerability exploits of a critical nature released to the company’s flagship product. The product is used by a number of large customers. At the Chief Information Security Officer’s (CISO’s) request, the product manager now has to budget for a team of security consultants to introduce major product security improvements. 

Here is a list of improvements in order of priority: 

1. A noticeable improvement in security posture immediately. 

2. Fundamental changes to resolve systemic issues as an ongoing process 

3. Improvements should be strategic as opposed to tactical 

4. Customer impact should be minimized 

Which of the following recommendations is BEST for the CISO to put forward to the product manager? 

A. Patch the known issues and provide the patch to customers. Make a company announcement to customers on the main website to reduce the perceived exposure of the application to alleviate customer concerns. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that any defects have been resolved. 

B. Patch the known issues and provide the patch to customers. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that the defects have been resolved. Introduce periodic code review and penetration testing of the product in question and consider including all relevant future projects going forward. 

C. Patch the known issues and provide the patch to customers. Implement an SSDLC / SDL overlay on top of the SDLC. Train architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. Use the product as the primary focal point to close out issues and consider using the SSDLC / SDL overlay for all relevant future projects. 

D. Stop active support of the product. Bring forward end-of-life dates for the product so that it can be decommissioned. Start a new project to develop a replacement product and ensure that an SSDLC / SDL overlay on top of the SDLC is formed. Train BAs, architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. 

Answer:


Q153. - (Topic 5) 

A security analyst is tasked to create an executive briefing, which explains the activity and motivation of a cyber adversary. Which of the following is the MOST important content for the brief for management personnel to understand? 

A. Threat actor types, threat actor motivation, and attack tools 

B. Unsophisticated agents, organized groups, and nation states 

C. Threat actor types, attack sophistication, and the anatomy of an attack 

D. Threat actor types, threat actor motivation, and the attack impact 

Answer:


Q154. - (Topic 4) 

Company XYZ provides cable television service to several regional areas. They are currently installing fiber-to-the-home in many areas with hopes of also providing telephone and Internet services. The telephone and Internet services portions of the company will each be separate subsidiaries of the parent company. The board of directors wishes to keep the subsidiaries separate from the parent company. However all three companies must share customer data for the purposes of accounting, billing, and customer authentication. The solution must use open standards, and be simple and seamless for customers, while only sharing minimal data between the companies. Which of the following solutions is BEST suited for this scenario? 

A. The companies should federate, with the parent becoming the SP, and the subsidiaries becoming an IdP. 

B. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SSP. 

C. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SP. 

D. The companies should federate, with the parent becoming the ASP, and the subsidiaries becoming an IdP. 

Answer:


Q155. - (Topic 5) 

For companies seeking to move to cloud services, variances in regulation between jurisdictions can be addressed in which of the following ways? 

A. Ensuring the cloud service provides high availability spanning multiple regions. 

B. Using an international private cloud model as opposed to public IaaS. 

C. Encrypting all data moved to or processed in a cloud-based service. 

D. Tagging VMs to ensure they are only run in certain geographic regions. 

Answer:


Renovate CAS-002 free draindumps:

Q156. - (Topic 2) 

An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate? 

A. Intermediate Root Certificate 

B. Wildcard Certificate 

C. EV x509 Certificate 

D. Subject Alternative Names Certificate 

Answer:


Q157. - (Topic 5) 

A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO). 

A. Privacy could be compromised as patient records can be viewed in uncontrolled areas. 

B. Device encryption has not been enabled and will result in a greater likelihood of data loss. 

C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data. 

D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes. 

E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable. 

Answer: A,D 


Q158. - (Topic 3) 

A new web application system was purchased from a vendor and configured by the internal development team. Before the web application system was moved into production, a vulnerability assessment was conducted. A review of the vulnerability assessment report indicated that the testing team discovered a minor security issue with the configuration of the web application. The security issue should be reported to: 

A. CISO immediately in an exception report. 

B. Users of the new web application system. 

C. The vendor who supplied the web application system. 

D. Team lead in a weekly report. 

Answer:


Q159. - (Topic 5) 

A company uses a custom Line of Business (LOB) application to facilitate all back-end manufacturing control. Upon investigation, it has been determined that the database used by the LOB application uses a proprietary data format. The risk management group has flagged this as a potential weakness in the company’s operational robustness. Which of the following would be the GREATEST concern when analyzing the manufacturing control application? 

A. Difficulty backing up the custom database 

B. Difficulty migrating to new hardware 

C. Difficulty training new admin personnel 

D. Difficulty extracting data from the database 

Answer:


Q160. - (Topic 2) 

VPN users cannot access the active FTP server through the router but can access any server in the data center. 

Additional network information: 

DMZ network – 192.168.5.0/24 (FTP server is 192.168.5.11) 

VPN network – 192.168.1.0/24 

Datacenter – 192.168.2.0/24 

User network - 192.168.3.0/24 

HR network – 192.168.4.0/24\ 

Traffic shaper configuration: 

VLAN Bandwidth Limit (Mbps) 

VPN50 

User175 

HR250 

Finance250 

Guest0 

Router ACL: 

ActionSourceDestination 

Permit192.168.1.0/24192.168.2.0/24 

Permit192.168.1.0/24192.168.3.0/24 

Permit192.168.1.0/24192.168.5.0/24 

Permit192.168.2.0/24192.168.1.0/24 

Permit192.168.3.0/24192.168.1.0/24 

Permit192.168.5.1/32192.168.1.0/24 

Deny192.168.4.0/24192.168.1.0/24 

Deny192.168.1.0/24192.168.4.0/24 

Denyanyany 

Which of the following solutions would allow the users to access the active FTP server? 

A. Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network 

B. Add a permit statement to allow traffic to 192.168.5.1 from the VPN network 

C. IPS is blocking traffic and needs to be reconfigured 

D. Configure the traffic shaper to limit DMZ traffic 

E. Increase bandwidth limit on the VPN network 

Answer: