Exam Code: CAS-002 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass CAS-002 Exam.

Q221. - (Topic 2) 

A web developer is responsible for a simple web application that books holiday accommodations. The front-facing web server offers an HTML form, which asks for a user’s age. This input gets placed into a signed integer variable and is then checked to ensure that the user is in the adult age range. 

Users have reported that the website is not functioning correctly. The web developer has inspected log files and sees that a very large number (in the billions) was submitted just before the issue started occurring. Which of the following is the MOST likely situation that has occurred? 

A. The age variable stored the large number and filled up disk space which stopped the application from continuing to function. Improper error handling prevented the application from recovering. 

B. The age variable has had an integer overflow and was assigned a very small negative number which led to unpredictable application behavior. Improper error handling prevented the application from recovering. 

C. Computers are able to store numbers well above “billions” in size. Therefore, the website issues are not related to the large number being input. 

D. The application has crashed because a very large integer has lead to a “divide by zero”. Improper error handling prevented the application from recovering. 

Answer:


Q222. - (Topic 1) 

Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. 

Which of the following would be the advantage of conducting this kind of penetration test? 

A. The risk of unplanned server outages is reduced. 

B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on. 

C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness. 

D. The results should reflect what attackers may be able to learn about the company. 

Answer:


Q223. - (Topic 2) 

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy. Which of the following are true statements? (Select TWO). 

A. The X509 V3 certificate was issued by a non trusted public CA. 

B. The client-server handshake could not negotiate strong ciphers. 

C. The client-server handshake is configured with a wrong priority. 

D. The client-server handshake is based on TLS authentication. 

E. The X509 V3 certificate is expired. 

F. The client-server implements client-server mutual authentication with different certificates. 

Answer: B,C 


Q224. - (Topic 2) 

The IT Security Analyst for a small organization is working on a customer’s system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion? 

A. Contact the local authorities so an investigation can be started as quickly as possible. 

B. Shut down the production network interfaces on the server and change all of the DBMS account passwords. 

C. Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed. 

D. Refer the issue to management for handling according to the incident response process. 

Answer:


Q225. - (Topic 5) 

Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. Which of the following would be the advantage of conducting this kind of penetration test? 

A. The risk of unplanned server outages is reduced. 

B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on. 

C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness. 

D. The results should reflect what attackers may be able to learn about the company. 

Answer:


Q226. - (Topic 5) 

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets. 

The information security team has been a part of the department meetings and come away with the following notes: 

-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application. 

-Sales is asking for easy order tracking to facilitate feedback to customers. 

-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction. 

-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy. 

-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining. 

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption. 

Which of the following departments’ request is in contrast to the favored solution? 

A. Manufacturing 

B. Legal 

C. Sales 

D. Quality assurance 

E. Human resources 

Answer:


Q227. - (Topic 1) 

A user has a laptop configured with multiple operating system installations. The operating systems are all installed on a single SSD, but each has its own partition and logical volume. Which of the following is the BEST way to ensure confidentiality of individual operating system data? 

A. Encryption of each individual partition 

B. Encryption of the SSD at the file level 

C. FDE of each logical volume on the SSD 

D. FDE of the entire SSD as a single disk 

Answer:


Q228. - (Topic 4) 

At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO). 

A. Add guests with more memory to increase capacity of the infrastructure. 

B. A backup is running on the thin clients at 9am every morning. 

C. Install more memory in the thin clients to handle the increased load while booting. 

D. Booting all the lab desktops at the same time is creating excessive I/O. 

E. Install 10-Gb uplinks between the hosts and the lab to increase network capacity. 

F. Install faster SSD drives in the storage system used in the infrastructure. 

G. The lab desktops are saturating the network while booting. 

H. The lab desktops are using more memory than is available to the host systems. 

Answer: D,F 


Q229. - (Topic 4) 

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company’s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE). 

A. Business or technical justification for not implementing the requirements. 

B. Risks associated with the inability to implement the requirements. 

C. Industry best practices with respect to the technical implementation of the current controls. 

D. All section of the policy that may justify non-implementation of the requirements. 

E. A revised DRP and COOP plan to the exception form. 

F. Internal procedures that may justify a budget submission to implement the new requirement. 

G. Current and planned controls to mitigate the risks. 

Answer: A,B,G 


Q230. - (Topic 5) 

A security analyst is tasked to create an executive briefing, which explains the activity and motivation of a cyber adversary. Which of the following is the MOST important content for the brief for management personnel to understand? 

A. Threat actor types, threat actor motivation, and attack tools 

B. Unsophisticated agents, organized groups, and nation states 

C. Threat actor types, attack sophistication, and the anatomy of an attack 

D. Threat actor types, threat actor motivation, and the attack impact 

Answer: