Qualifications could be the evidence of your skills, understanding together with capability. These are generally vital that you obtain a high performing seating in any nicely esteemed organization. The certifications provide the additional understanding in addition to the common knowledge for any employment to help you to definitely boost up your job. When you have approved a new recognition audit, the will see that the demand from customers have elevated on the market. The surveys online indicated that the individuals that have a minimum of one Examcollection CompTIA own more effective salaries which the other folks, any increment rates are furthermore located greater than one other persons.

2021 Dec CAS-002 test questions

Q241. - (Topic 2) 

An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the risks associated with malware and resulting data leakage. Given that the ARO is twice per year, the ALE resulting from a data leak is $25,000 and the ALE after implementing the web filter is $15,000. The web filtering solution will cost the organization $10,000 per year. Which of the following values is the single loss expectancy of a data leakage event after implementing the web filtering solution? 

A. $0 

B. $7,500 

C. $10,000 

D. $12,500 

E. $15,000 

Answer:


Q242. - (Topic 1) 

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company’s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE). 

A. Business or technical justification for not implementing the requirements. 

B. Risks associated with the inability to implement the requirements. 

C. Industry best practices with respect to the technical implementation of the current controls. 

D. All sections of the policy that may justify non-implementation of the requirements. 

E. A revised DRP and COOP plan to the exception form. 

F. Internal procedures that may justify a budget submission to implement the new requirement. 

G. Current and planned controls to mitigate the risks. 

Answer: A,B,G 


Q243. - (Topic 1) 

Company ABC’s SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new SAN? 

A. Enable multipath to increase availability 

B. Enable deduplication on the storage pools 

C. Implement snapshots to reduce virtual disk size 

D. Implement replication to offsite datacenter 

Answer:


Q244. - (Topic 2) 

A bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/JSON calls. The bank wants to ensure that the communication is stateless between the mobile application and the web services gateway. Which of the following controls MUST be implemented to enable stateless communication? 

A. Generate a one-time key as part of the device registration process. 

B. Require SSL between the mobile application and the web services gateway. 

C. The jsession cookie should be stored securely after authentication. 

D. Authentication assertion should be stored securely on the client. 

Answer:


Q245. - (Topic 3) 

In single sign-on, the secondary domain needs to trust the primary domain to do which of the following? (Select TWO). 

A. Correctly assert the identity and authorization credentials of the end user. 

B. Correctly assert the authentication and authorization credentials of the end user. 

C. Protect the authentication credentials used to verify the end user identity to the secondary domain for unauthorized use. 

D. Protect the authentication credentials used to verify the end user identity to the secondary domain for authorized use. 

E. Protect the accounting credentials used to verify the end user identity to the secondary domain for unauthorized use. 

F. Correctly assert the identity and authentication credentials of the end user. 

Answer: D,F 

Topic 4, Volume D 


Renewal CAS-002 actual test:

Q246. - (Topic 5) 

Two universities are making their 802.11n wireless networks available to the other university’s students. The infrastructure will pass the student’s credentials back to the home school for authentication via the Internet. 

The requirements are: 

Mutual authentication of clients and authentication server The design should not limit connection speeds Authentication must be delegated to the home school No passwords should be sent unencrypted The following design was implemented: WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security RADIUS proxy servers will be used to forward authentication requests to the home school The RADIUS servers will have certificates from a common public certificate authority A strong shared secret will be used for RADIUS server authentication 

Which of the following security considerations should be added to the design? 

A. The transport layer between the RADIUS servers should be secured 

B. WPA Enterprise should be used to decrease the network overhead 

C. The RADIUS servers should have local accounts for the visiting students 

D. Students should be given certificates to use for authentication to the network 

Answer:


Q247. - (Topic 3) 

An organization has had six security incidents over the past year against their main web application. Each time the organization was able to determine the cause of the incident and restore operations within a few hours to a few days. Which of the following provides the MOST comprehensive method for reducing the time to recover? 

A. Create security metrics that provide information on response times and requirements to determine the best place to focus time and money. 

B. Conduct a loss analysis to determine which systems to focus time and money towards increasing security. 

C. Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation. 

D. Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics. 

Answer:


Q248. - (Topic 5) 

An organization is finalizing a contract with a managed security services provider (MSSP) that is responsible for primary support of all security technologies. Which of the following should the organization require as part of the contract to ensure the protection of the organization’s technology? 

A. An operational level agreement 

B. An interconnection security agreement 

C. A non-disclosure agreement 

D. A service level agreement 

Answer:


Q249. - (Topic 2) 

An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000, ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the accountant? 

A. $4,800 

B. $24,000 

C. $96,000 

D. $120,000 

Answer:


Q250. - (Topic 4) 

The security administrator of a large enterprise is tasked with installing and configuring a solution that will allow the company to inspect HTTPS traffic for signs of hidden malware and to detect data exfiltration over encrypted channels. After installing a transparent proxy server, the administrator is ready to configure the HTTPS traffic inspection engine and related network equipment. Which of the following should the security administrator implement as part of the network and proxy design to ensure the browser will not display any certificate errors when browsing HTTPS sites? (Select THREE). 

A. Install a self-signed Root CA certificate on the proxy server. 

B. The proxy configuration of all users’ browsers must point to the proxy IP. 

C. TCP port 443 requests must be redirected to TCP port 80 on the web server. 

D. All users’ personal certificates’ public key must be installed on the proxy. 

E. Implement policy-based routing on a router between the hosts and the Internet. 

F. The proxy certificate must be installed on all users’ browsers. 

Answer: A,E,F