It is impossible to pass CompTIA CAS-002 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed CompTIA CAS-002 practice questions. You will get a surprising result by our Most recent CompTIA Advanced Security Practitioner (CASP) practice guides.

Q41. - (Topic 5) 

A company uses a custom Line of Business (LOB) application to facilitate all back-end manufacturing control. Upon investigation, it has been determined that the database used by the LOB application uses a proprietary data format. The risk management group has flagged this as a potential weakness in the company’s operational robustness. Which of the following would be the GREATEST concern when analyzing the manufacturing control application? 

A. Difficulty backing up the custom database 

B. Difficulty migrating to new hardware 

C. Difficulty training new admin personnel 

D. Difficulty extracting data from the database 


Q42. - (Topic 4) 

A security administrator is tasked with securing a company's headquarters and branch offices move to unified communications. The Chief Information Officer (CIO) wants to integrate the corporate users' email, voice mail, telephony, presence and corporate messaging to internal computers, mobile users, and devices. Which of the following actions would BEST meet the CIO's goals while providing maximum unified communications security? 

A. Create presence groups, restrict IM protocols to the internal networks, encrypt remote devices, and restrict access to services to local network and VPN clients. 

B. Enable discretionary email forwarding restrictions, utilize QoS and Secure RTP, allow external IM protocols only over TLS, and allow port 2000 incoming to the internal firewall interface for secure SIP 

C. Set presence to invisible by default, restrict IM to invite only, implement QoS on SIP and RTP traffic, discretionary email forwarding, and full disk encryption. 

D. Establish presence privacy groups, restrict all IM protocols, allow secure RTP on session border gateways, enable full disk encryptions, and transport encryption for email security. 


Q43. - (Topic 4) 

When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard. Which of the following BEST describes why this is necessary? 

A. The user needs a non-repudiation data source in order for the application to generate the key pair. 

B. The user is providing entropy so the application can use random data to create the key pair. 

C. The user is providing a diffusion point to the application to aid in creating the key pair. 

D. The application is requesting perfect forward secrecy from the user in order to create the key pair. 


Q44. - (Topic 1) 

After being notified of an issue with the online shopping cart, where customers are able to arbitrarily change the price of listed items, a programmer analyzes the following piece of code used by a web based shopping cart. 


The programmer found that every time a user adds an item to the cart, a temporary file is created on the web server /tmp directory. The temporary file has a name which is generated by concatenating the content of the $USERINPUT variable and a timestamp in the form of MM-DD-YYYY, (e.g. smartphone-12-25-2013.tmp) containing the price of the item being purchased. Which of the following is MOST likely being exploited to manipulate the price of a shopping cart’s items? 

A. Input validation 

B. SQL injection 


D. Session hijacking 


Q45. - (Topic 2) 

A penetration tester is inspecting traffic on a new mobile banking application and sends the following web request: 


Content-type: application/json 


{ “creditAccount”:”Credit Card Rewards account”} { 




{ “name”:”Joe Citizen”} { “custRef”:”3153151”} 

The banking website responds with: 

HTTP/1.1 200 OK 


{ “cardNumber”:”1234123412341234”} { “cardExpiry”:”2020-12-31”} 

{ “cardCVV”:”909”} 



“returnCode”:“Account added successfully” 

Which of the following are security weaknesses in this example? (Select TWO). 

A. Missing input validation on some fields 

B. Vulnerable to SQL injection 

C. Sensitive details communicated in clear-text 

D. Vulnerable to XSS 

E. Vulnerable to malware file uploads 

F. JSON/REST is not as secure as XML 

Answer: A,C 

Q46. - (Topic 2) 

A security administrator is tasked with increasing the availability of the storage networks while enhancing the performance of existing applications. Which of the following technologies should the administrator implement to meet these goals? (Select TWO). 

A. LUN masking 

B. Snapshots 

C. vSAN 

D. Dynamic disk pools 

E. Multipath 

F. Deduplication 

Answer: D,E 

Q47. CORRECT TEXT - (Topic 4) 

The IDS has detected abnormal behavior on this network. Click on the network devices to view device information. Based on this information, the following tasks should be completed: 

1. Select the server that is a victim of a cross-site scripting (XSS) attack. 

2 Select the source of the brute force password attack. 

3. Modify the access control list (ACL) on the router(s) to ONLY block the XSS attack. 

Instructions: Simulations can be reset at anytime to the initial state: however, all selections will be deleted 

Answer: Please review following steps: 

Q48. - (Topic 1) 

A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company’s online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation? 

A. $60,000 

B. $100,000 

C. $140,000 

D. $200,000 


Q49. - (Topic 4) 

An organization is preparing to upgrade its firewall and NIPS infrastructure and has narrowed the vendor choices down to two platforms. The integrator chosen to assist the organization with the deployment has many clients running a mixture of the possible combinations of environments. Which of the following is the MOST comprehensive method for evaluating the two platforms? 

A. Benchmark each possible solution with the integrators existing client deployments. 

B. Develop testing criteria and evaluate each environment in-house. 

C. Run virtual test scenarios to validate the potential solutions. 

D. Use results from each vendor’s test labs to determine adherence to project requirements. 


Q50. - (Topic 2) 

Since the implementation of IPv6 on the company network, the security administrator has been unable to identify the users associated with certain devices utilizing IPv6 addresses, even when the devices are centrally managed. 


ether f8:1e:af:ab:10:a3 

inet6 fw80::fa1e:dfff:fee6:9d8%en1 prefixlen 64 scopeid 0x5 

inet netmask 0xffffff00 broadcast 

inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen 64 autoconf 

inet6 2001:200:5:922:10ab:5e21:aa9a:6393 prefixlen 64 autoconf temporary 

nd6 options=1<PERFORMNUD> 

media: autoselect 

status: active 

Given this output, which of the following protocols is in use by the company and what can the system administrator do to positively map users with IPv6 addresses in the future? (Select TWO). 

A. The devices use EUI-64 format 

B. The routers implement NDP 

C. The network implements 6to4 tunneling 

D. The router IPv6 advertisement has been disabled 

E. The administrator must disable IPv6 tunneling 

F. The administrator must disable the mobile IPv6 router flag 

G. The administrator must disable the IPv6 privacy extensions 

H. The administrator must disable DHCPv6 option code 1 

Answer: B,G