Exam Code: CAS-002 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass CAS-002 Exam.

2021 Mar CAS-002 exam cost

Q161. - (Topic 2) 

A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing confidential corporate information on a daily basis. Which of the following are the MOST effective security controls that can be implemented to stop the above problem? (Select TWO). 

A. Implement a URL filter to block the online forum 

B. Implement NIDS on the desktop and DMZ networks 

C. Security awareness compliance training for all employees 

D. Implement DLP on the desktop, email gateway, and web proxies 

E. Review of security policies and procedures 

Answer: C,D 


Q162. - (Topic 5) 

A security manager is concerned about performance and patch management, and, as a result, wants to implement a virtualization strategy to avoid potential future OS vulnerabilities in the host system. The IT manager wants a strategy that would provide the hypervisor with direct communications with the underlying physical hardware allowing the hardware resources to be paravirtualized and delivered to the guest machines. Which of the following recommendations from the server administrator BEST meets the IT and security managers’ requirements? (Select TWO). 

A. Nested virtualized hypervisors 

B. Type 1 hypervisor 

C. Hosted hypervisor with a three layer software stack 

D. Type 2 hypervisor 

E. Bare metal hypervisor with a software stack of two layers 

Answer: B,E 


Q163. - (Topic 5) 

An organization is finalizing a contract with a managed security services provider (MSSP) that is responsible for primary support of all security technologies. Which of the following should the organization require as part of the contract to ensure the protection of the organization’s technology? 

A. An operational level agreement 

B. An interconnection security agreement 

C. A non-disclosure agreement 

D. A service level agreement 

Answer:


Q164. - (Topic 3) 

A security consultant is hired by a company to determine if an internally developed web application is vulnerable to attacks. The consultant spent two weeks testing the application, and determines that no vulnerabilities are present. Based on the results of the tools and tests available, which of the following statements BEST reflects the security status of the application? 

A. The company’s software lifecycle management improved the security of the application. 

B. There are no vulnerabilities in the application. 

C. The company should deploy a web application firewall to ensure extra security. 

D. There are no known vulnerabilities at this time. 

Answer:


Q165. - (Topic 3) 

The Chief Information Security Officer (CISO) of a small bank wants to embed a monthly testing regiment into the security management plan specifically for the development area. The CISO’s requirements are that testing must have a low risk of impacting system stability, can be scripted, and is very thorough. The development team claims that this will lead to a higher degree of test script maintenance and that it would be preferable if the testing was outsourced to a third party. The CISO still maintains that third-party testing would not be as thorough as the third party lacks the introspection of the development team. Which of the following will satisfy the CISO requirements? 

A. Grey box testing performed by a major external consulting firm who have signed a NDA. 

B. Black box testing performed by a major external consulting firm who have signed a NDA. 

C. White box testing performed by the development and security assurance teams. 

D. Grey box testing performed by the development and security assurance teams. 

Answer:


Renewal CAS-002 free practice test:

Q166. - (Topic 4) 

Which of the following does SAML uses to prevent government auditors or law enforcement from identifying specific entities as having already connected to a service provider through an SSO operation? 

A. Transient identifiers 

B. Directory services 

C. Restful interfaces 

D. Security bindings 

Answer:


Q167. - (Topic 4) 

A Security Administrator has some concerns about the confidentiality of data when using SOAP. Which of the following BEST describes the Security Administrator’s concerns? 

A. The SOAP header is not encrypted and allows intermediaries to view the header data. The body can be partially or completely encrypted. 

B. The SOAP protocol supports weak hashing of header information. As a result the header and body can easily be deciphered by brute force tools. 

C. The SOAP protocol can be easily tampered with, even though the header is encrypted. 

D. The SOAP protocol does not support body or header encryption which allows assertions to be viewed in clear text by intermediaries. 

Answer:


Q168. - (Topic 2) 

ABC Corporation has introduced token-based authentication to system administrators due to the risk of password compromise. The tokens have a set of HMAC counter-based codes and are valid until they are used. Which of the following types of authentication mechanisms does this statement describe? 

A. TOTP 

B. PAP 

C. CHAP 

D. HOTP 

Answer:


Q169. DRAG DROP - (Topic 2) 

IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern. Options may be used once or not at all. 

Answer: 


Q170. - (Topic 2) 

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information? 

A. Review the flow data against each server’s baseline communications profile. 

B. Configure the server logs to collect unusual activity including failed logins and restarted services. 

C. Correlate data loss prevention logs for anomalous communications from the server. 

D. Setup a packet capture on the firewall to collect all of the server communications. 

Answer: