Exam Code: CAS-002 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass CAS-002 Exam.

2021 Dec CAS-002 braindumps

Q201. - (Topic 5) 

The threat abatement program manager tasked the software engineer with identifying the fastest implementation of a hash function to protect passwords with the least number of collisions. Which of the following should the software engineer implement to best meet the requirements? 

A. hash = sha512(password + salt);for (k = 0; k < 4000; k++) {hash = sha512 (hash);} 

B. hash = md5(password + salt);for (k = 0; k < 5000; k++) {hash = md5 (hash);} 

C. hash = sha512(password + salt);for (k = 0; k < 3000; k++) {hash = sha512 (hash + password + salt);} 

D. hash1 = sha1(password + salt);hash = sha1 (hash1); 

Answer:


Q202. - (Topic 2) 

A company is trying to decide how to manage hosts in a branch location connected via a slow WAN link. The company desires to provide the same level of performance and functionality to the branch office as it provides to the main campus. The company uses Active Directory for its directory service and host configuration management. The branch location does not have a datacenter, and the physical security posture of the building is weak. Which of the following designs is MOST appropriate for this scenario? 

A. Deploy a branch location Read-Only Domain Controller in the DMZ at the main campus with a two-way trust. 

B. Deploy a corporate Read-Only Domain Controller to the branch location. 

C. Deploy a corporate Domain Controller in the DMZ at the main campus. 

D. Deploy a branch location Read-Only Domain Controller to the branch office location with a one-way trust. 

E. Deploy a corporate Domain Controller to the branch location. 

F. Deploy a branch location Domain Controller to the branch location with a one-way trust. 

Answer:


Q203. - (Topic 1) 

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted? 

A. The company should develop an in-house solution and keep the algorithm a secret. 

B. The company should use the CEO’s encryption scheme. 

C. The company should use a mixture of both systems to meet minimum standards. 

D. The company should use the method recommended by other respected information security organizations. 

Answer:


Q204. - (Topic 4) 

An organization has just released a new mobile application for its customers. The application has an inbuilt browser and native application to render content from existing websites and the organization’s new web services gateway. All rendering of the content is performed on the mobile application. 

The application requires SSO between the application, the web services gateway and legacy UI. Which of the following controls MUST be implemented to securely enable SSO? 

A. A registration process is implemented to have a random number stored on the client. 

B. The identity is passed between the applications as a HTTP header over REST. 

C. Local storage of the authenticated token on the mobile application is secured. 

D. Attestation of the XACML payload to ensure that the client is authorized. 

Answer:


Q205. - (Topic 4) 

The Information Security Officer (ISO) is reviewing a summary of the findings from the last COOP tabletop exercise. The Chief Information Officer (CIO) wants to determine which additional controls must be implemented to reduce the risk of an extended customer service outage due to the VoIP system being unavailable. Which of the following BEST describes the scenario presented and the document the ISO is reviewing? 

A. The ISO is evaluating the business implications of a recent telephone system failure within the BIA. 

B. The ISO is investigating the impact of a possible downtime of the messaging system within the RA. 

C. The ISO is calculating the budget adjustment needed to ensure audio/video system redundancy within the RFQ. 

D. The ISO is assessing the effect of a simulated downtime involving the telecommunication system within the AAR. 

Answer:


Abreast of the times CAS-002 actual test:

Q206. - (Topic 3) 

In an effort to reduce internal email administration costs, a company is determining whether to outsource its email to a managed service provider that provides email, spam, and malware protection. The security manager is asked to provide input regarding any security implications of this change. 

Which of the following BEST addresses risks associated with disclosure of intellectual property? 

A. Require the managed service provider to implement additional data separation. 

B. Require encrypted communications when accessing email. 

C. Enable data loss protection to minimize emailing PII and confidential data. 

D. Establish an acceptable use policy and incident response policy. 

Answer:


Q207. - (Topic 3) 

An architect has been engaged to write the security viewpoint of a new initiative. Which of the following BEST describes a repeatable process that can be used for establishing the security architecture? 

A. Inspect a previous architectural document. Based on the historical decisions made, consult the architectural control and pattern library within the organization and select the controls that appear to best fit this new architectural need. 

B. Implement controls based on the system needs. Perform a risk analysis of the system. For any remaining risks, perform continuous monitoring. 

C. Classify information types used within the system into levels of confidentiality, integrity, and availability. Determine minimum required security controls. Conduct a risk analysis. Decide on which security controls to implement. 

D. Perform a risk analysis of the system. Avoid extreme risks. Mitigate high risks. Transfer medium risks and accept low risks. Perform continuous monitoring to ensure that the system remains at an adequate security posture. 

Answer:


Q208. - (Topic 4) 

Which of the following protocols only facilitates access control? A. XACML 

B. Kerberos 

C. SPML 

D. SAML 

Answer:


Q209. - (Topic 4) 

The Universal Research Association has just been acquired by the Association of Medical Business Researchers. The new conglomerate has funds to upgrade or replace hardware as part of the acquisition, but cannot fund labor for major software projects. Which of the following will MOST likely result in some IT resources not being integrated? 

A. One of the companies may use an outdated VDI. 

B. Corporate websites may be optimized for different web browsers. 

C. Industry security standards and regulations may be in conflict. 

D. Data loss prevention standards in one company may be less stringent. 

Answer:


Q210. - (Topic 3) 

A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplify the underlying complexity. Which of the following is the MOST suitable integration platform to provide event-driven and standards-based secure software architecture? 

A. Service oriented architecture (SOA) 

B. Federated identities 

C. Object request broker (ORB) 

D. Enterprise service bus (ESB) 

Answer: