Act now and download your CompTIA CAS-002 test today! Do not waste time for the worthless CompTIA CAS-002 tutorials. Download Up to date CompTIA CompTIA Advanced Security Practitioner (CASP) exam with real questions and answers and begin to learn CompTIA CAS-002 with a classic professional.

Q1. - (Topic 4) 

Part of the procedure for decommissioning a database server is to wipe all local disks, as well as SAN LUNs allocated to the server, even though the SAN itself is not being decommissioned. Which of the following is the reason for wiping the SAN LUNs? 

A. LUN masking will prevent the next server from accessing the LUNs. 

B. The data may be replicated to other sites that are not as secure. 

C. Data remnants remain on the LUN that could be read by other servers. 

D. The data is not encrypted during transport. 


Q2. - (Topic 4) 

An administrator receives a notification from legal that an investigation is being performed on members of the finance department. As a precaution, legal has advised a legal hold on all documents for an unspecified period of time. Which of the following policies will MOST likely be violated? (Select TWO). 

A. Data Storage Policy 

B. Data Retention Policy 

C. Corporate Confidentiality Policy 

D. Data Breach Mitigation Policy 

E. Corporate Privacy Policy 

Answer: A,B 

Q3. - (Topic 4) 

A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE). 

A. Security of data storage 

B. The cost of the solution 

C. System availability 

D. User authentication strategy 

E. PBX integration of the service 

F. Operating system compatibility 

Answer: A,C,D 

Q4. - (Topic 1) 

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position? 

A. Least privilege 

B. Job rotation 

C. Mandatory vacation 

D. Separation of duties 


Q5. - (Topic 2) 

A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network. Vendors were authenticating directly to the retailer’s AD servers, and an improper firewall rule allowed pivoting from the AD server to the DMZ where credit card servers were kept. The firewall rule was needed for an internal application that was developed, which presents risk. The retailer determined that because the vendors were required to have site to site VPN’s no other security action was taken. 

To prove to the retailer the monetary value of this risk, which of the following type of calculations is needed? 

A. Residual Risk calculation 

B. A cost/benefit analysis 

C. Quantitative Risk Analysis 

D. Qualitative Risk Analysis 


Q6. - (Topic 2) 

An internal development team has migrated away from Waterfall development to use Agile development. Overall, this has been viewed as a successful initiative by the stakeholders as it has improved time-to-market. However, some staff within the security team have contended that Agile development is not secure. Which of the following is the MOST accurate statement? 

A. Agile and Waterfall approaches have the same effective level of security posture. They both need similar amounts of security effort at the same phases of development. 

B. Agile development is fundamentally less secure than Waterfall due to the lack of formal up-front design and inability to perform security reviews. 

C. Agile development is more secure than Waterfall as it is a more modern methodology which has the advantage of having been able to incorporate security best practices of recent years. 

D. Agile development has different phases and timings compared to Waterfall. Security activities need to be adapted and performed within relevant Agile phases. 


Q7. - (Topic 2) 

After reviewing a company’s NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS export. The security administrator decides to remove the no_root_squash directive from the export and add the nosuid directive. Which of the following is true about the security controls implemented by the security administrator? 

A. The newly implemented security controls are in place to ensure that NFS encryption can only be controlled by the root user. 

B. Removing the no_root_squash directive grants the root user remote NFS read/write access to important files owned by root on the NAS. 

C. Users with root access on remote NFS client computers can always use the SU command to modify other user’s files on the NAS. 

D. Adding the nosuid directive disables regular users from accessing files owned by the root user over NFS even after using the SU command. 


Q8. - (Topic 5) 

A security manager is collecting RFQ, RFP, and RFI publications to help identify the technology trends which a government will be moving towards in the future. This information is available to the public. By consolidating the information, the security manager will be able to combine several perspectives into a broader view of technology trends. This is an example of which of the following? (Select TWO). 

A. Supervisory control and data acquisition 

B. Espionage 

C. Hacktivism 

D. Data aggregation 

E. Universal description discovery and integration 

F. Open source intelligence gathering 

Answer: D,F 

Q9. - (Topic 4) 

The security administrator is reviewing the business continuity plan which consists of virtual infrastructures at corporate headquarters and at the backup site. The administrator is concerned that the VLAN used to perform live migrations of virtual machines to the backup site is across the network provider’s MPLS network. This is a concern due to which of the following? 

A. The hypervisor virtual switches only support Q-in-Q VLANS, not MPLS. This may cause live migrations to the backup site to fail. 

B. VLANs are not compatible with MPLS, which may cause intermittent failures while performing live migrations virtual machines during a disaster. 

C. Passwords are stored unencrypted in memory, which are then transported across the MPLS network. 

D. Transport encryption is being used during the live migration of virtual machines which will impact the performance of the MPLS network. 


Q10. - (Topic 3) 

An organization determined that each of its remote sales representatives must use a smartphone for email access. 

The organization provides the same centrally manageable model to each person. 

Which of the following mechanisms BEST protects the confidentiality of the resident data? 

A. Require dual factor authentication when connecting to the organization’s email server. 

B. Require each sales representative to establish a PIN to access the smartphone and limit email storage to two weeks. 

C. Require encrypted communications when connecting to the organization’s email server. 

D. Require a PIN and automatic wiping of the smartphone if someone enters a specific number of incorrect PINs.