Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Ucertify CAS-002 braindumps. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.
Q51. - (Topic 2)
Which of the following represents important technical controls for securing a SAN storage infrastructure? (Select TWO).
A. Synchronous copy of data
B. RAID configuration
C. Data de-duplication
D. Storage pool space allocation
E. Port scanning
F. LUN masking/mapping
G. Port mapping
Q52. - (Topic 2)
A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach to risk management?
A. Subjective and based on an individual's experience.
B. Requires a high degree of upfront work to gather environment details.
C. Difficult to differentiate between high, medium, and low risks.
D. Allows for cost and benefit analysis.
E. Calculations can be extremely complex to manage.
Q53. - (Topic 1)
A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self service functionality. The application has been written by developers over the last six months and the project is currently in the test phase.
Which of the following security activities should be implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select TWO).
A. Perform unit testing of the binary code
B. Perform code review over a sampling of the front end source code
C. Perform black box penetration testing over the solution
D. Perform grey box penetration testing over the solution
E. Perform static code review over the front end source code
Q54. - (Topic 5)
A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. However, comparing a hash of the infected files with the original, non-infected files which were restored from backup, shows that the hash is the same. Which of the following explains this?
A. The infected files were using obfuscation techniques to evade detection by antivirus software.
B. The infected files were specially crafted to exploit a collision in the hash function.
C. The infected files were using heuristic techniques to evade detection by antivirus software.
D. The infected files were specially crafted to exploit diffusion in the hash function.
491. - (Topic 5)
The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?
A. The corporate network is the only network that is audited by regulators and customers.
B. The aggregation of employees on a corporate network makes it a more valuable target for attackers.
C. Home networks are unknown to attackers and less likely to be targeted directly.
D. Employees are more likely to be using personal computers for general web browsing when they are at home.
Q55. - (Topic 3)
When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.
Which of the following would impact the security of conference’s resources?
A. Wireless network security may need to be increased to decrease access of mobile devices.
B. Physical security may need to be increased to deter or prevent theft of mobile devices.
C. Network security may need to be increased by reducing the number of available physical network jacks.
D. Wireless network security may need to be decreased to allow for increased access of mobile devices.
Q56. - (Topic 2)
A new IT company has hired a security consultant to implement a remote access system, which will enable employees to telecommute from home using both company issued as well as personal computing devices, including mobile devices. The company wants a flexible system to provide confidentiality and integrity for data in transit to the company’s internally developed application GUI. Company policy prohibits employees from having administrative rights to company issued devices. Which of the following remote access solutions has the lowest technical complexity?
A. RDP server
B. Client-based VPN
D. Jump box
E. SSL VPN
Q57. - (Topic 4)
The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements?
A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator.
B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud.
C. A SaaS based firewall which logs to the company’s local storage via SSL, and is managed by the change control team.
D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware.
Q58. - (Topic 4)
The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the router’s external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the company’s external router’s IP which is 18.104.22.168:
11:16:22.110343 IP 22.214.171.124.19 > 126.96.36.199.19: UDP, length 1400
11:16:22.110351 IP 188.8.131.52.19 > 184.108.40.206.19: UDP, length 1400
11:16:22.110358 IP 220.127.116.11.19 > 18.104.22.168.19: UDP, length 1400 11:16:22.110402 IP 22.214.171.124.19 > 126.96.36.199.19: UDP, length 1400
11:16:22.110406 IP 188.8.131.52.19 > 184.108.40.206.19: UDP, length 1400
Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration?
A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the company’s ISP should be contacted and instructed to block the malicious packets.
B. After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.
C. After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks.
D. After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company’s external router to block incoming UDP port 19 traffic.
Q59. - (Topic 3)
A corporation has Research and Development (R&D) and IT support teams, each requiring separate networks with independent control of their security boundaries to support department objectives. The corporation’s Information Security Officer (ISO) is responsible for providing firewall services to both departments, but does not want to increase the hardware footprint within the datacenter. Which of the following should the ISO consider to provide the independent functionality required by each department’s IT teams?
A. Put both departments behind the firewall and assign administrative control for each department to the corporate firewall.
B. Provide each department with a virtual firewall and assign administrative control to the physical firewall.
C. Put both departments behind the firewall and incorporate restrictive controls on each department’s network.
CompTIA CAS-002 : Practice Test
D. Provide each department with a virtual firewall and assign appropriate levels of management for the virtual device.
Q60. - (Topic 2)
Using SSL, an administrator wishes to secure public facing server farms in three subdomains: dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the following is the number of wildcard SSL certificates that should be purchased?