Act now and download your CompTIA CAS-002 test today! Do not waste time for the worthless CompTIA CAS-002 tutorials. Download Improve CompTIA CompTIA Advanced Security Practitioner (CASP) exam with real questions and answers and begin to learn CompTIA CAS-002 with a classic professional.

2021 Apr CAS-002 exam engine

Q31. - (Topic 5) 

A Chief Information Security Officer (CISO) is approached by a business unit manager who heard a report on the radio this morning about an employee at a competing firm who shipped a VPN token overseas so a fake employee could log into the corporate VPN. The CISO asks what can be done to mitigate the risk of such an incident occurring within the organization. Which of the following is the MOST cost effective way to mitigate such a risk? 

A. Require hardware tokens to be replaced on a yearly basis. 

B. Implement a biometric factor into the token response process. 

C. Force passwords to be changed every 90 days. 

D. Use PKI certificates as part of the VPN authentication process. 

Answer:


Q32. - (Topic 3) 

A corporation has expanded for the first time by integrating several newly acquired businesses. 

Which of the following are the FIRST tasks that the security team should undertake? (Select TWO). 

A. Remove acquired companies Internet access. 

B. Federate identity management systems. 

C. Install firewalls between the businesses. 

D. Re-image all end user computers to a standard image. 

E. Develop interconnection policy. 

F. Conduct a risk analysis of each acquired company’s networks. 

Answer: E,F 


Q33. - (Topic 1) 

An organization is concerned with potential data loss in the event of a disaster, and created a backup datacenter as a mitigation strategy. The current storage method is a single NAS used by all servers in both datacenters. Which of the following options increases data availability in the event of a datacenter failure? 

A. Replicate NAS changes to the tape backups at the other datacenter. 

B. Ensure each server has two HBAs connected through two routes to the NAS. 

C. Establish deduplication across diverse storage paths. 

D. Establish a SAN that replicates between datacenters. 

Answer:


Q34. - (Topic 1) 

A security firm is writing a response to an RFP from a customer that is building a new network based software product. The firm’s expertise is in penetration testing corporate networks. The RFP explicitly calls for all possible behaviors of the product to be tested, however, it does not specify any particular method to achieve this goal. Which of the following should be used to ensure the security and functionality of the product? (Select TWO). 

A. Code review 

B. Penetration testing 

C. Grey box testing 

D. Code signing 

E. White box testing 

Answer: A,E 


Q35. - (Topic 4) 

A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs: 

1. The banker accesses the CRM system, a redirect is performed back to the organization’s internal systems. 

2. A lookup is performed of the identity and a token is generated, signed and encrypted. 

3. A redirect is performed back to the CRM system with the token. 

4. The CRM system validates the integrity of the payload, extracts the identity and performs a lookup. 

5. If the banker is not in the system and automated provisioning request occurs. 

6. The banker is authenticated and authorized and can access the system. This is an example of which of the following? 

A. Service provider initiated SAML 2.0 

B. Identity provider initiated SAML 1.0 

C. OpenID federated single sign on 

D. Service provider initiated SAML 1.1 

Answer:


Regenerate CAS-002 test:

Q36. - (Topic 1) 

The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important? 

A. What are the protections against MITM? 

B. What accountability is built into the remote support application? 

C. What encryption standards are used in tracking database? 

D. What snapshot or “undo” features are present in the application? 

E. What encryption standards are used in remote desktop and file transfer functionality? 

Answer:


Q37. - (Topic 5) 

During a software development project review, the cryptographic engineer advises the project manager that security can be greatly improved by significantly slowing down the runtime of a hashing algorithm and increasing the entropy by passing the input and salt back during each iteration. Which of the following BEST describes what the engineer is trying to achieve? 

A. Monoalphabetic cipher 

B. Confusion 

C. Root of trust 

D. Key stretching 

E. Diffusion 

Answer:


Q38. - (Topic 2) 

A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two-factor authentication for customer access to the administrative website. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data from customer A was found on a hidden directory within the VM of company B. Company B is not in the same industry as company A and the two are not competitors. Which of the following has MOST likely occurred? 

A. Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data. 

B. A stolen two factor token was used to move data from one virtual guest to another host on the same network segment. 

C. A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access. 

D. An employee with administrative access to the virtual guests was able to dump the guest memory onto a mapped disk. 

Answer:


Q39. - (Topic 2) 

An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month. The new software product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per month and be more secure. How many years until there is a return on investment for this new package? 

A. 1 

B. 2 

C. 3 

D. 4 

Answer:


Q40. - (Topic 4) 

The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take? 

A. Address the security concerns through the network design and security controls. 

B. Implement mitigations to the security risks and address the poor communications on the team with the project manager. 

C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager. 

D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect. 

Answer: