Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Exambible CAS-002 exam study guides now. We will not let you down with our money-back guarantee.
2021 Dec CAS-002 sample question
Q51. - (Topic 3)
In order for a company to boost profits by implementing cost savings on non-core business activities, the IT manager has sought approval for the corporate email system to be hosted in the cloud. The compliance officer has been tasked with ensuring that data lifecycle issues are taken into account. Which of the following BEST covers the data lifecycle end-to-end?
A. Creation and secure destruction of mail accounts, emails, and calendar items
B. Information classification, vendor selection, and the RFP process
C. Data provisioning, processing, in transit, at rest, and de-provisioning
D. Securing virtual environments, appliances, and equipment that handle email
Answer: C
Q52. - (Topic 2)
An international shipping company discovered that deliveries left idle are being tampered with. The company wants to reduce the idle time associated with international deliveries by ensuring that personnel are automatically notified when an inbound delivery arrives at the transit dock. Which of the following should be implemented to help the company increase the security posture of its operations?
A. Back office database
B. Asset tracking
C. Geo-fencing
D. Barcode scanner
Answer: C
Q53. - (Topic 5)
A security manager is concerned about performance and patch management, and, as a result, wants to implement a virtualization strategy to avoid potential future OS vulnerabilities in the host system. The IT manager wants a strategy that would provide the hypervisor with direct communications with the underlying physical hardware allowing the hardware resources to be paravirtualized and delivered to the guest machines. Which of the following recommendations from the server administrator BEST meets the IT and security managers’ requirements? (Select TWO).
A. Nested virtualized hypervisors
B. Type 1 hypervisor
C. Hosted hypervisor with a three layer software stack
D. Type 2 hypervisor
E. Bare metal hypervisor with a software stack of two layers
Answer: B,E
Q54. - (Topic 5)
Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim’s privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?
A. Integer overflow
B. Click-jacking
C. Race condition
D. SQL injection
E. Use after free
F. Input validation
Answer: E
Q55. - (Topic 5)
The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate data and result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with split staff/guest wireless functionality. Which of the following equipment MUST be deployed to guard against unknown threats?
A. Cloud-based antivirus solution, running as local admin, with push technology for definition updates.
B. Implementation of an offsite data center hosting all company data, as well as deployment of VDI for all client computing needs.
C. Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter firewall ACLs.
D. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.
Answer: D
Leading CAS-002 question:
Q56. - (Topic 3)
A new web application system was purchased from a vendor and configured by the internal development team. Before the web application system was moved into production, a vulnerability assessment was conducted. A review of the vulnerability assessment report indicated that the testing team discovered a minor security issue with the configuration of the web application. The security issue should be reported to:
A. CISO immediately in an exception report.
B. Users of the new web application system.
C. The vendor who supplied the web application system.
D. Team lead in a weekly report.
Answer: D
Q57. - (Topic 1)
A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO).
A. Demonstration of IPS system
B. Review vendor selection process
C. Calculate the ALE for the event
D. Discussion of event timeline
E. Assigning of follow up items
Answer: D,E
Q58. - (Topic 2)
The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?
A. Capture process ID data and submit to anti-virus vendor for review.
B. Reboot the Linux servers, check running processes, and install needed patches.
C. Remove a single Linux server from production and place in quarantine.
D. Notify upper management of a security breach.
E. Conduct a bit level image, including RAM, of one or more of the Linux servers.
Answer: E
Q59. - (Topic 5)
Two universities are making their 802.11n wireless networks available to the other university’s students. The infrastructure will pass the student’s credentials back to the home school for authentication via the Internet.
The requirements are:
Mutual authentication of clients and authentication server The design should not limit connection speeds Authentication must be delegated to the home school No passwords should be sent unencrypted The following design was implemented: WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security RADIUS proxy servers will be used to forward authentication requests to the home school The RADIUS servers will have certificates from a common public certificate authority A strong shared secret will be used for RADIUS server authentication
Which of the following security considerations should be added to the design?
A. The transport layer between the RADIUS servers should be secured
B. WPA Enterprise should be used to decrease the network overhead
C. The RADIUS servers should have local accounts for the visiting students
D. Students should be given certificates to use for authentication to the network
Answer: A
Q60. - (Topic 1)
A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company’s online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation?
A. $60,000
B. $100,000
C. $140,000
D. $200,000
Answer: A