Our CompTIA CAS-002 exam goods contain study manual, Pdf files and check engine. The study manual are presented chapter by chapter. Should you have zero idea to prepare for that CompTIA CAS-002 exam, you can find out all the essential information from the CAS-002 study manual. Both your Pdf files and check engine software are generally free downloadable right after purchasing. And the Pdf files are also printable as well as essential for your CompTIA CompTIA exam preparation. The check engine can create a genuine CompTIA CAS-002 environment.

2021 Mar CAS-002 exam question

Q171. - (Topic 3) 

A helpdesk manager at a financial company has received multiple reports from employees and customers that their phone calls sound metallic on the voice system. The helpdesk has been using VoIP lines encrypted from the handset to the PBX for several years. Which of the following should be done to address this issue for the future? 

A. SIP session tagging and QoS 

B. A dedicated VLAN 

C. Lower encryption setting 

D. Traffic shaping 

Answer:


Q172. - (Topic 1) 

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers? 

A. SSL certificate revocation 

B. SSL certificate pinning 

C. Mobile device root-kit detection 

D. Extended Validation certificates 

Answer:


Q173. - (Topic 2) 

Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at Company XYZ’s headquarters. Which of the following BEST prevents Company XYZ representatives from gaining access to unauthorized Company ABC systems? 

A. Require each Company XYZ employee to use an IPSec connection to the required systems 

B. Require Company XYZ employees to establish an encrypted VDI session to the required systems 

C. Require Company ABC employees to use two-factor authentication on the required systems 

D. Require a site-to-site VPN for intercompany communications 

Answer:


Q174. - (Topic 2) 

Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome? 

A. Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements. Test the product and make a product recommendation. 

B. Evaluate relevant RFC and ISO standards to choose an appropriate vendor product. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased. 

C. Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved. 

D. Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provider. Give access to internal security employees so that they can inspect the application payload data. 

E. Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product. 

Answer:


Q175. - (Topic 3) 

A network administrator notices a security intrusion on the web server. Which of the following is noticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2 in the log file? 

A. Buffer overflow 

B. Click jacking 

C. SQL injection 

D. XSS attack 

Answer:


Replace CAS-002 book:

Q176. - (Topic 3) 

The Chief Information Officer (CIO) of a technology company is likely to move away from a de-perimeterized model for employee owned devices. This is because there were too many issues with lack of patching, malware incidents, and data leakage due to lost/stolen devices which did not have full-disk encryption. The ‘bring your own computing’ approach was originally introduced because different business units preferred different operating systems and application stacks. Based on the issues and user needs, which of the following is the BEST recommendation for the CIO to make? 

A. The de-perimeterized model should be kept as this is major industry trend and other companies are following this direction. Advise that the issues being faced are standard business as usual concerns in a modern IT environment. 

B. Update the policy to disallow non-company end-point devices on the corporate network. Develop security-focused standard operating environments (SOEs) for all required operating systems and ensure the needs of each business unit are met. 

C. The de-perimeterized model should be kept but update company policies to state that non-company end-points require full disk encryption, anti-virus software, and regular patching. 

D. Update the policy to disallow non-company end-point devices on the corporate network. Allow only one type of outsourced SOE to all users as this will be easier to provision, secure, and will save money on operating costs. 

Answer:


Q177. - (Topic 2) 

In a situation where data is to be recovered from an attacker’s location, which of the following are the FIRST things to capture? (Select TWO). 

A. Removable media 

B. Passwords written on scrap paper 

C. Snapshots of data on the monitor 

D. Documents on the printer 

E. Volatile system memory 

F. System hard drive 

Answer: C,E 


Q178. - (Topic 3) 

The security manager of a company has hired an external consultant to conduct a security assessment of the company network. The contract stipulates that the consultant is not allowed to transmit any data on the company network while performing wired and wireless security assessments. Which of the following technical means can the consultant use to determine the manufacturer and likely operating system of the company wireless and wired network devices, as well as the computers connected to the company network? 

A. Social engineering 

B. Protocol analyzer 

C. Port scanner 

D. Grey box testing 

Answer:


Q179. CORRECT TEXT - (Topic 2) 

Compliance with company policy requires a quarterly review of firewall rules. A new administrator is asked to conduct this review on the internal firewall sitting between several Internal networks. The intent of this firewall is to make traffic more restrictive. Given the following information answer the questions below: 

User Subnet: 192.168.1.0/24 Server Subnet: 192.168.2.0/24 Finance Subnet:192.168.3.0/24 

Instructions: To perform the necessary tasks, please modify the DST port, Protocol, Action, and/or Rule Order columns. Firewall ACLs are read from the top down 

Task 1) An administrator added a rule to allow their machine terminal server access to the server subnet. This rule is not working. Identify the rule and correct this issue. 

Task 2) All web servers have been changed to communicate solely over SSL. Modify the appropriate rule to allow communications. 

Task 3) An administrator added a rule to block access to the SQL server from anywhere on the network. This rule is not working. Identify and correct this issue. 

Task 4) Other than allowing all hosts to do network time and SSL, modify a rule to ensure that no other traffic is allowed. 

Answer: Please look into the explanation for the solution to this question. 


Q180. - (Topic 1) 

A systems administrator establishes a CIFS share on a UNIX device to share data to 

Windows systems. The security authentication on the Windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the UNIX share. Which of the following settings on the UNIX server would correct this problem? 

A. Refuse LM and only accept NTLMv2 

B. Accept only LM 

C. Refuse NTLMv2 and accept LM 

D. Accept only NTLM 

Answer: