Proper study guides for Abreast of the times CompTIA CompTIA Advanced Security Practitioner (CASP) certified begins with CompTIA CAS-002 preparation products which designed to deliver the Verified CAS-002 questions by making you pass the CAS-002 test at your first time. Try the free CAS-002 demo right now.

Q271. - (Topic 3) 

If a technician must take an employee’s workstation into custody in response to an investigation, which of the following can BEST reduce the likelihood of related legal issues? 

A. A formal letter from the company’s president approving the seizure of the workstation. 

B. A formal training and awareness program on information security for all company managers. 

C. A screen displayed at log in that informs users of the employer’s rights to seize, search, and monitor company devices. 

D. A printout of an activity log, showing that the employee has been spending substantial time on non-work related websites. 


Q272. - (Topic 5) 

The risk manager has requested a security solution that is centrally managed, can easily 

be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement? 



C. Antivirus 




Q273. - (Topic 4) 

Warehouse users are reporting performance issues at the end of each month when trying to access cloud applications to complete their end of the month financial reports. They have no problem accessing those applications at the beginning of the month. 

Network information: DMZ network – VPN network – Datacenter – User network - 

HR network – Warehouse network – Finance network 

Traffic shaper configuration: 

VLAN Bandwidth limit (Mbps) VPN50 User175 HR220 Finance230 Warehouse75 Guest50 

External firewall allows all networks to access the Internet. Internal Firewall Rules: 

ActionSourceDestination Permit192.168.1.0/24192.168.2.0/24 Permit192.168.1.0/24192.168.3.0/24 Permit192.168.1.0/24192.168.5.0/24 Permit192.168.2.0/24192.168.1.0/24 Permit192.168.3.0/24192.168.1.0/24 Permit192.168.5.0/24192.168.1.0/24 Permit192.168.4.0/24192.168.7.0/24 Permit192.168.7.0/24192.168.4.0/24 Permit192.168.7.0/24any Deny192.168.4.0/24any Deny192.168.1.0/24192.168.4.0/24 


Which of the following restrictions is the MOST likely cause? 

A. Bandwidth limit on the traffic shaper for the finance department 

B. Proxy server preventing the warehouse from accessing cloud applications 

C. Deny statements in the firewall for the warehouse network 

D. Bandwidth limit on the traffic shaper for the warehouse department 


Q274. - (Topic 3) 

In single sign-on, the secondary domain needs to trust the primary domain to do which of the following? (Select TWO). 

A. Correctly assert the identity and authorization credentials of the end user. 

B. Correctly assert the authentication and authorization credentials of the end user. 

C. Protect the authentication credentials used to verify the end user identity to the secondary domain for unauthorized use. 

D. Protect the authentication credentials used to verify the end user identity to the secondary domain for authorized use. 

E. Protect the accounting credentials used to verify the end user identity to the secondary domain for unauthorized use. 

F. Correctly assert the identity and authentication credentials of the end user. 

Answer: D,F 

Topic 4, Volume D 

Q275. - (Topic 3) 

Company ABC is planning to outsource its Customer Relationship Management system (CRM) and marketing / leads management to Company XYZ. 

Which of the following is the MOST important to be considered before going ahead with the service? 

A. Internal auditors have approved the outsourcing arrangement. 

B. Penetration testing can be performed on the externally facing web system. 

C. Ensure there are security controls within the contract and the right to audit. 

D. A physical site audit is performed on Company XYZ’s management / operation. 


Q276. CORRECT TEXT - (Topic 3) 

Answer: any 3389 any 

Q277. - (Topic 2) 

A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect? (Select TWO). 

A. Perform penetration testing over the HR solution to identify technical vulnerabilities 

B. Perform a security risk assessment with recommended solutions to close off high-rated risks 

C. Secure code review of the HR solution to identify security gaps that could be exploited 

D. Perform access control testing to ensure that privileges have been configured correctly 

E. Determine if the information security standards have been complied with by the project 

Answer: B,E 

Q278. - (Topic 4) 

A large enterprise introduced a next generation firewall appliance into the Internet facing DMZ. All Internet traffic passes through this appliance. Four hours after implementation the network engineering team discovered that traffic through the DMZ now has un-acceptable latency, and is recommending that the new firewall be taken offline. At what point in the implementation process should this problem have been discovered? 

A. During the product selection phase 

B. When testing the appliance 

C. When writing the RFP for the purchase process 

D. During the network traffic analysis phase 


Q279. - (Topic 4) 

Company XYZ plans to donate 1,000 used computers to a local school. The company has a large research and development section and some of the computers were previously used to store proprietary research. 

The security administrator is concerned about data remnants on the donated machines, but the company does not have a device sanitization section in the data handling policy. 

Which of the following is the BEST course of action for the security administrator to take? 

A. Delay the donation until a new policy is approved by the Chief Information Officer (CIO), and then donate the machines. 

B. Delay the donation until all storage media on the computers can be sanitized. 

C. Reload the machines with an open source operating system and then donate the machines. 

D. Move forward with the donation, but remove all software license keys from the machines. 


Q280. - (Topic 5) 

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution? 

A. Implement an IPS to block the application on the network 

B. Implement the remote application out to the rest of the servers 

C. Implement SSL VPN with SAML standards for federation 

D. Implement an ACL on the firewall with NAT for remote access