Proper study guides for Updated CompTIA CompTIA Advanced Security Practitioner (CASP) certified begins with CompTIA CAS-002 preparation products which designed to deliver the High value CAS-002 questions by making you pass the CAS-002 test at your first time. Try the free CAS-002 demo right now.

2017 Apr CAS-002 torrent

Q311. - (Topic 1) 

Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software from running on mobile devices? 

A. Single sign-on 

B. Identity propagation 

C. Remote attestation 

D. Secure code review 


Q312. - (Topic 4) 

A new IDS device is generating a very large number of irrelevant events. Which of the following would BEST remedy this problem? 

A. Change the IDS to use a heuristic anomaly filter. 

B. Adjust IDS filters to decrease the number of false positives. 

C. Change the IDS filter to data mine the false positives for statistical trending data. 

D. Adjust IDS filters to increase the number of false negatives. 


Q313. - (Topic 5) 

A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card details. Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input? 

A. Client side input validation 

B. Stored procedure 

C. Encrypting credit card details 

D. Regular expression matching 


Q314. - (Topic 3) 

A Chief Information Security Officer (CISO) of a major consulting firm has significantly increased the company’s security posture; however, the company is still plagued by data breaches of misplaced assets. These data breaches as a result have led to the compromise of sensitive corporate and client data on at least 25 occasions. Each employee in the company is provided a laptop to perform company business. Which of the following actions can the CISO take to mitigate the breaches? 

A. Reload all user laptops with full disk encryption software immediately. 

B. Implement full disk encryption on all storage devices the firm owns. 

C. Implement new continuous monitoring procedures. 

D. Implement an open source system which allows data to be encrypted while processed. 


Refresh CAS-002 exam question:

Q315. - (Topic 4) 

In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO). 

A. Provide free email software for personal devices. 

B. Encrypt data in transit for remote access. 

C. Require smart card authentication for all devices 

D. Implement NAC to limit insecure devices access. 

E. Enable time of day restrictions for personal devices. 

Answer: B,D 

Q316. - (Topic 5) 

A network administrator with a company’s NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the company’s physical security, which of the following can the network administrator use to scan and detect the presence of a malicious actor physically accessing the company’s network or information systems from within? (Select TWO). 


B. Vulnerability scanner 

C. HTTP intercept 


E. Port scanner 

F. Protocol analyzer 

Answer: D,E 

Q317. - (Topic 1) 

News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit, network mapping and fingerprinting is conducted to prepare for further exploitation. Which of the following is the MOST effective solution to protect against unrecognized malware infections? 

A. Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology. 

B. Implement an application whitelist at all levels of the organization. 

C. Deploy a network based heuristic IDS, configure all layer 3 switches to feed data to the IDS for more effective monitoring. 

D. Update router configuration to pass all network traffic through a new proxy server with advanced malware detection. 


Q318. - (Topic 3) 

The security manager of a company has hired an external consultant to conduct a security assessment of the company network. The contract stipulates that the consultant is not allowed to transmit any data on the company network while performing wired and wireless security assessments. Which of the following technical means can the consultant use to determine the manufacturer and likely operating system of the company wireless and wired network devices, as well as the computers connected to the company network? 

A. Social engineering 

B. Protocol analyzer 

C. Port scanner 

D. Grey box testing