Your success in CompTIA CAS-002 is our sole target and we develop all our CAS-002 braindumps in a way that facilitates the attainment of this target. Not only is our CAS-002 study material the best you can find, it is also the most detailed and the most updated. CAS-002 Practice Exams for CompTIA CASP CAS-002 are written to the highest standards of technical accuracy.

Q181. - (Topic 2) 

A security tester is testing a website and performs the following manual query: 

The following response is received in the payload: 

“ORA-000001: SQL command not properly ended” 

Which of the following is the response an example of? 

A. Fingerprinting 

B. Cross-site scripting 

C. SQL injection 

D. Privilege escalation 


Q182. - (Topic 4) 

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO). 

A. Erase all files on drive 

B. Install of standard image 

C. Remove and hold all drives 

D. Physical destruction 

E. Drive wipe 

Answer: D,E 

Q183. - (Topic 3) 

A small company hosting multiple virtualized client servers on a single host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage solution. Which of the following is the hosting company MOST likely trying to achieve? 

A. Increased customer data availability 

B. Increased customer data confidentiality 

C. Increased security through provisioning 

D. Increased security through data integrity 


Q184. - (Topic 3) 

An administrator is reviewing logs and sees the following entry: 

Message: Access denied with code 403 (phase 2). Pattern match "\bunion\b.{1,100}?\bselect\b" at ARGS:$id. [data "union all select"] [severity "CRITICAL"] [tag "WEB_ATTACK"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] 

Action: Intercepted (phase 2) Apache-Handler: php5-script 

Which of the following attacks was being attempted? 

A. Session hijacking 

B. Cross-site script 

C. SQL injection 

D. Buffer overflow 


Q185. - (Topic 1) 

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution? 

A. Implement an IPS to block the application on the network 

B. Implement the remote application out to the rest of the servers 

C. Implement SSL VPN with SAML standards for federation 

D. Implement an ACL on the firewall with NAT for remote access 


Q186. - (Topic 1) 

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string: 

user@hostname:~$ sudo nmap –O 

Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device: 

TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778 

Based on this information, which of the following operating systems is MOST likely running on the unknown node? 

A. Linux 

B. Windows 

C. Solaris 



Q187. - (Topic 4) 

The internal audit department is investigating a possible breach of security. One of the auditors is sent to interview the following employees: 

Employee A. Works in the accounts receivable office and is in charge of entering data into the finance system. 

Employee B. Works in the accounts payable office and is in charge of approving purchase orders. 

Employee C. Is the manager of the finance department, supervises Employee A and Employee B, and can perform the functions of both Employee A and Employee B. 

Which of the following should the auditor suggest be done to avoid future security breaches? 

A. All employees should have the same access level to be able to check on each others. 

B. The manager should only be able to review the data and approve purchase orders. 

C. Employee A and Employee B should rotate jobs at a set interval and cross-train. 

D. The manager should be able to both enter and approve information. 


Q188. - (Topic 3) 

The security manager of a company has hired an external consultant to conduct a security assessment of the company network. The contract stipulates that the consultant is not allowed to transmit any data on the company network while performing wired and wireless security assessments. Which of the following technical means can the consultant use to determine the manufacturer and likely operating system of the company wireless and wired network devices, as well as the computers connected to the company network? 

A. Social engineering 

B. Protocol analyzer 

C. Port scanner 

D. Grey box testing 


Q189. - (Topic 3) 

After connecting to a secure payment server at, an auditor notices that the SSL certificate was issued to * The auditor also notices that many of the internal development servers use the same certificate. After installing the certificate on, one of the developers reports misplacing the USB thumb-drive where the SSL certificate was stored. Which of the following should the auditor recommend FIRST? 

A. Generate a new public key on both servers. 

B. Replace the SSL certificate on 

C. Generate a new private key password for both servers. 

D. Replace the SSL certificate on 


Q190. - (Topic 4) 

A business owner has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently implemented a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation? 

A. The business owner is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products. 

B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete. 

C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the business owner. 

D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.