8 March 2018 Free CAS-002 PDF Dumps | 100% Free CAS-002 Exam Question Answers

To be able to come forth with new found confidence in your abilities you need

CompTIA Advanced Security Practitioner (CASP)

Certification. CompTIA exam will enable you to tackle your problems in more efficient way. Get your awesome CAS-002 Practice Test Question Answers at Dumpspdf. We guarantee your success 100% with Super Fab CAS-002 Test Questions aim to make you succeed. We have confirmed our Exam Dumps from Authorized Experts. For more detailed information you can contact us on our website.

Question # 11:

A government agency considers confidentiality to be of utmost importance and availability
issues to be of least importance. Knowing this, which of the following correctly orders
various vulnerabilities in the order of MOST important to LEAST important?
A. Insecure direct object references, CSRF, Smurf
B. Privilege escalation, Application DoS, Buffer overflow
C. SQL injection, Resource exhaustion, Privilege escalation
D. CSRF, Fault injection, Memory leaks

Answer: A

***************************

Question # 12:

Due to compliance regulations, a company requires a yearly penetration test. The Chief
Information Security Officer (CISO) has asked that it be done under a black box
methodology.
Which of the following would be the advantage of conducting this kind of penetration test?
A. The risk of unplanned server outages is reduced.
B. Using documentation provided to them, the pen-test organization can quickly determine
areas to focus on.
C. The results will show an in-depth view of the network and should help pin-point areas of
internal weakness.
D. The results should reflect what attackers may be able to learn about the company.
Answer: D

***************************

Question #13 :

There have been some failures of the company’s internal facing website. A security
engineer has found the WAF to be the root cause of the failures. System logs show that the
WAF has been unavailable for 14 hours over the past month, in four separate situations.
One of these situations was a two hour scheduled maintenance time, aimed at improving
the stability of the WAF. Using the MTTR based on the last month’s performance figures,
which of the following calculations is the percentage of uptime assuming there were 722
hours in the month?
A. 92.24 percent
B. 98.06 percent
C. 98.34 percent
D. 99.72 percent
Answer: C

***************************

Question # 14:

A security manager for a service provider has approved two vendors for connections to the
service provider backbone. One vendor will be providing authentication services for its
payment card service, and the other vendor will be providing maintenance to the service
provider infrastructure sites. Which of the following business agreements is MOST relevant
to the vendors and service provider’s relationship?
A. Memorandum of Agreement
B. Interconnection Security Agreement
C. Non-Disclosure Agreement
D. Operating Level Agreement
Answer: B

***************************

Question #15 :

A security administrator wants to prevent sensitive data residing on corporate laptops and
desktops from leaking outside of the corporate network. The company has already
implemented full-disk encryption and has disabled all peripheral devices on its desktops
and laptops. Which of the following additional controls MUST be implemented to minimize
the risk of data leakage? (Select TWO).
A. A full-system backup should be implemented to a third-party provider with strong
encryption for data in transit.
B. A DLP gateway should be installed at the company border.
C. Strong authentication should be implemented via external biometric devices.
D. Full-tunnel VPN should be required for all network communication.
E. Full-drive file hashing should be implemented with hashes stored on separate storage.
F. Split-tunnel VPN should be enforced when transferring sensitive data.
Answer: B,D

***************************

Question #16 :

A systems administrator establishes a CIFS share on a UNIX device to share data to
Windows systems. The security authentication on the Windows domain is set to the highest
level. Windows users are stating that they cannot authenticate to the UNIX share. Which of
the following settings on the UNIX server would correct this problem?
A. Refuse LM and only accept NTLMv2

B. Accept only LM
C. Refuse NTLMv2 and accept LM
D. Accept only NTLM
Answer: A

***************************

Question # 17:

A software project manager has been provided with a requirement from the customer to
place limits on the types of transactions a given user can initiate without external interaction
from another user with elevated privileges. This requirement is BEST described as an
implementation of:
A. an administrative control
B. dual control
C. separation of duties
D. least privilege
E. collusion
Answer: C

***************************

Question #18 :

Ann, a software developer, wants to publish her newly developed software to an online
store. Ann wants to ensure that the software will not be modified by a third party or end
users before being installed on mobile devices. Which of the following should Ann
implement to stop modified copies of her software from running on mobile devices?
A. Single sign-on
B. Identity propagation
C. Remote attestation
D. Secure code review
Answer: C

***************************

Question #19 :

A web services company is planning a one-time high-profile event to be hosted on the corporate website. An outage, due to an attack, would be publicly embarrassing, so Joe,
the Chief Executive Officer (CEO), has requested that his security engineers put temporary
preventive controls in place. Which of the following would MOST appropriately address
Joe’s concerns?
A. Ensure web services hosting the event use TCP cookies and deny_hosts.
B. Configure an intrusion prevention system that blocks IPs after detecting too many
incomplete sessions.
C. Contract and configure scrubbing services with third-party DDoS mitigation providers.
D. Purchase additional bandwidth from the company’s Internet service provider.
Answer: C

***************************

Question #20 :

The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day
exploits. The CISO is concerned that an unrecognized threat could compromise corporate
data and result in regulatory fines as well as poor corporate publicity. The network is mostly
flat, with split staff/guest wireless functionality. Which of the following equipment MUST be
deployed to guard against unknown threats?
A. Cloud-based antivirus solution, running as local admin, with push technology for
definition updates.
B. Implementation of an offsite data center hosting all company data, as well as
deployment of VDI for all client computing needs.
C. Host based heuristic IPS, segregated on a management VLAN, with direct control of the
perimeter firewall ACLs.
D. Behavior based IPS with a communication link to a cloud based vulnerability and threat
feed.
Answer: D

Is It your first time taking an exam like CompTIA Exam? Are you uncertain how to prepare to clear

CompTIA Advanced Security Practitioner (CASP)

Certification? Then you don’t need to worry, Test4practice gives you fantastic CAS-002 Practice Test Questions to prepare your exam from. Get CAS-002 Test Questions and Answers and get in gear to clear your certification even if it’s your first attempt. Our CAS-002 Practice Exams are verified by industrial professionals and are valid all over the globe. You can easily reach us on our website.

Leave a Reply

Your email address will not be published. Required fields are marked *