Exambible CAS-002 Questions are updated and all CAS-002 answers are verified by experts. Once you have completely prepared with our CAS-002 exam prep kits you will be ready for the real CAS-002 exam without a problem. We have Renovate CompTIA CAS-002 dumps study guide. PASSED CAS-002 First attempt! Here What I Did.

Q261. - (Topic 1) 

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company’s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE). 

A. Business or technical justification for not implementing the requirements. 

B. Risks associated with the inability to implement the requirements. 

C. Industry best practices with respect to the technical implementation of the current controls. 

D. All sections of the policy that may justify non-implementation of the requirements. 

E. A revised DRP and COOP plan to the exception form. 

F. Internal procedures that may justify a budget submission to implement the new requirement. 

G. Current and planned controls to mitigate the risks. 

Answer: A,B,G 

Q262. - (Topic 5) 

An asset manager is struggling with the best way to reduce the time required to perform asset location activities in a large warehouse. A project manager indicated that RFID might be a valid solution if the asset manager’s requirements were supported by current RFID capabilities. Which of the following requirements would be MOST difficult for the asset manager to implement? 

A. The ability to encrypt RFID data in transmission 

B. The ability to integrate environmental sensors into the RFID tag 

C. The ability to track assets in real time as they move throughout the facility 

D. The ability to assign RFID tags a unique identifier 


Q263. - (Topic 1) 

A security firm is writing a response to an RFP from a customer that is building a new network based software product. The firm’s expertise is in penetration testing corporate networks. The RFP explicitly calls for all possible behaviors of the product to be tested, however, it does not specify any particular method to achieve this goal. Which of the following should be used to ensure the security and functionality of the product? (Select TWO). 

A. Code review 

B. Penetration testing 

C. Grey box testing 

D. Code signing 

E. White box testing 

Answer: A,E 

Q264. - (Topic 5) 

A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self service functionality. The application has been written by developers over the last six months and the project is currently in the test phase. 

Which of the following security activities should be implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select TWO). 

A. Perform unit testing of the binary code 

B. Perform code review over a sampling of the front end source code 

C. Perform black box penetration testing over the solution 

D. Perform grey box penetration testing over the solution 

E. Perform static code review over the front end source code 

Answer: D,E 

Q265. - (Topic 3) 

After connecting to a secure payment server at https://pay.xyz.com, an auditor notices that the SSL certificate was issued to *.xyz.com. The auditor also notices that many of the internal development servers use the same certificate. After installing the certificate on dev1.xyz.com, one of the developers reports misplacing the USB thumb-drive where the SSL certificate was stored. Which of the following should the auditor recommend FIRST? 

A. Generate a new public key on both servers. 

B. Replace the SSL certificate on dev1.xyz.com. 

C. Generate a new private key password for both servers. 

D. Replace the SSL certificate on pay.xyz.com. 


Q266. - (Topic 1) 

A software development manager is taking over an existing software development project. The team currently suffers from poor communication due to a long delay between requirements documentation and feature delivery. This gap is resulting in an above average number of security-related bugs making it into production. Which of the following development methodologies is the team MOST likely using now? 

A. Agile 

B. Waterfall 

C. Scrum 

D. Spiral 


Q267. - (Topic 4) 

A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs: 

1. The banker accesses the CRM system, a redirect is performed back to the organization’s internal systems. 

2. A lookup is performed of the identity and a token is generated, signed and encrypted. 

3. A redirect is performed back to the CRM system with the token. 

4. The CRM system validates the integrity of the payload, extracts the identity and performs a lookup. 

5. If the banker is not in the system and automated provisioning request occurs. 

6. The banker is authenticated and authorized and can access the system. This is an example of which of the following? 

A. Service provider initiated SAML 2.0 

B. Identity provider initiated SAML 1.0 

C. OpenID federated single sign on 

D. Service provider initiated SAML 1.1 


Q268. - (Topic 1) 

An extensible commercial software system was upgraded to the next minor release version to patch a security vulnerability. After the upgrade, an unauthorized intrusion into the system was detected. The software vendor is called in to troubleshoot the issue and reports that all core components were updated properly. Which of the following has been overlooked in securing the system? (Select TWO). 

A. The company’s IDS signatures were not updated. 

B. The company’s custom code was not patched. 

C. The patch caused the system to revert to http. 

D. The software patch was not cryptographically signed. 

E. The wrong version of the patch was used. 

F. Third-party plug-ins were not patched. 

Answer: B,F 

Q269. - (Topic 5) 

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets. 

The information security team has been a part of the department meetings and come away with the following notes: 

-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application. 

-Sales is asking for easy order tracking to facilitate feedback to customers. 

-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction. 

-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy. 

-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining. 

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption. 

Which of the following departments’ request is in contrast to the favored solution? 

A. Manufacturing 

B. Legal 

C. Sales 

D. Quality assurance 

E. Human resources 


Q270. - (Topic 5) 

A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected? 

A. The malware file’s modify, access, change time properties. 

B. The timeline analysis of the file system. 

C. The time stamp of the malware in the swap file. 

D. The date/time stamp of the malware detection in the antivirus logs.