You will have instantaneous access to be able to our CompTIA CAS-002 exam merchandise after confirming the actual payment at Examcollection. The CompTIA CAS-002 practice questions with verified answers are compiled and also revised by our subject matter specialists. Our experts possess make wonderful contributions to our CompTIA CompTIA exam products. We have many consumers who have obtained the actual CompTIA CAS-002 certification. We are proud of the large passing ratio since all of us start.

2021 Mar CAS-002 braindumps

Q41. - (Topic 2) 

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy. Which of the following are true statements? (Select TWO). 

A. The X509 V3 certificate was issued by a non trusted public CA. 

B. The client-server handshake could not negotiate strong ciphers. 

C. The client-server handshake is configured with a wrong priority. 

D. The client-server handshake is based on TLS authentication. 

E. The X509 V3 certificate is expired. 

F. The client-server implements client-server mutual authentication with different certificates. 

Answer: B,C 


Q42. - (Topic 2) 

A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user continue to operate on the network as normal. However, they would like to have a copy of any communications from the user involving certain key terms. Additionally, the law enforcement agency has requested that the user's ongoing communication be retained in the user's account for future investigations. Which of the following will BEST meet the goals of law enforcement? 

A. Begin a chain-of-custody on for the user's communication. Next, place a legal hold on the user's email account. 

B. Perform an e-discover using the applicable search terms. Next, back up the user's email for a future investigation. 

C. Place a legal hold on the user's email account. Next, perform e-discovery searches to collect applicable emails. 

D. Perform a back up of the user's email account. Next, export the applicable emails that match the search terms. 

Answer:


Q43. - (Topic 5) 

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets. 

The information security team has been a part of the department meetings and come away with the following notes: 

-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application. 

-Sales is asking for easy order tracking to facilitate feedback to customers. 

-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction. 

-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy. 

-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining. 

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption. 

Which of the following departments’ request is in contrast to the favored solution? 

A. Manufacturing 

B. Legal 

C. Sales 

D. Quality assurance 

E. Human resources 

Answer:


Q44. - (Topic 1) 

An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third-party? (Select TWO). 

A. LDAP/S 

B. SAML 

C. NTLM 

D. OAUTH 

E. Kerberos 

Answer: B,E 


Q45. - (Topic 1) 

A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company’s online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation? 

A. $60,000 

B. $100,000 

C. $140,000 

D. $200,000 

Answer:


Abreast of the times CAS-002 exam guide:

Q46. - (Topic 2) 

An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow? 

A. File system information, swap files, network processes, system processes and raw disk blocks. 

B. Raw disk blocks, network processes, system processes, swap files and file system information. 

C. System processes, network processes, file system information, swap files and raw disk blocks. 

D. Raw disk blocks, swap files, network processes, system processes, and file system information. 

Answer:


Q47. - (Topic 1) 

Which of the following describes a risk and mitigation associated with cloud data storage? 

A. Risk: Shared hardware caused data leakageMitigation: Strong encryption at rest 

B. Risk: Offsite replicationMitigation: Multi-site backups 

C. Risk: Data loss from de-duplicationMitigation: Dynamic host bus addressing 

D. Risk: Combined data archivingMitigation: Two-factor administrator authentication 

Answer:


Q48. - (Topic 4) 

The organization has an IT driver on cloud computing to improve delivery times for IT solution provisioning. Separate to this initiative, a business case has been approved for replacing the existing banking platform for credit card processing with a newer offering. It is the security practitioner’s responsibility to evaluate whether the new credit card processing platform can be hosted within a cloud environment. Which of the following BEST balances the security risk and IT drivers for cloud computing? 

A. A third-party cloud computing platform makes sense for new IT solutions. This should be endorsed going forward so as to align with the IT strategy. However, the security practitioner will need to ensure that the third-party cloud provider does regular penetration tests to ensure that all data is secure. 

B. Using a third-party cloud computing environment should be endorsed going forward. This aligns with the organization’s strategic direction. It also helps to shift any risk and regulatory compliance concerns away from the company’s internal IT department. The next step will be to evaluate each of the cloud computing vendors, so that a vendor can then be selected for hosting the new credit card processing platform. 

C. There may be regulatory restrictions with credit cards being processed out of country or processed by shared hosting providers. A private cloud within the company should be considered. An options paper should be created which outlines the risks, advantages, disadvantages of relevant choices and it should recommended a way forward. 

D. Cloud computing should rarely be considered an option for any processes that need to be significantly secured. The security practitioner needs to convince the stakeholders that the new platform can only be delivered internally on physical infrastructure. 

Answer:


Q49. - (Topic 1) 

An application present on the majority of an organization’s 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve the issue? 

A. Deploy custom HIPS signatures to detect and block the attacks. 

B. Validate and deploy the appropriate patch. 

C. Run the application in terminal services to reduce the threat landscape. 

D. Deploy custom NIPS signatures to detect and block the attacks. 

Answer:


Q50. - (Topic 4) 

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO). 

A. Erase all files on drive 

B. Install of standard image 

C. Remove and hold all drives 

D. Physical destruction 

E. Drive wipe 

Answer: D,E