we provide Vivid CompTIA CAS-002 free download which are the best for clearing CAS-002 test, and to get certified by CompTIA CompTIA Advanced Security Practitioner (CASP). The CAS-002 Questions & Answers covers all the knowledge points of the real CAS-002 exam. Crack your CompTIA CAS-002 Exam with latest dumps, guaranteed!

P.S. Vivid CAS-002 software are available on Google Drive, GET MORE: https://drive.google.com/open?id=1MWxVvRqKw5P-3mL6Zi7QlXk_26ObOJ_y


New CompTIA CAS-002 Exam Dumps Collection (Question 10 - Question 19)

Q10. The Chief Information Security Officer (CISO) at a large organization has been reviewing some security-related incidents at the organization and comparing them to current industry trends. The desktop security engineer feels that the use of USB storage devices on office computers has contributed to the frequency of security incidents. The CISO knows the acceptable use policy prohibits the use of USB storage devices. Every user receives a popup warning about this policy upon login. The SIEM system produces a report of USB violations on a monthly basis; yet violations continue to occur. Which of the following preventative controls would MOST effectively mitigate the logical risks associated with the use of USB storage devices?

A. Revise the corporate policy to include possible termination as a result of violations

B. Increase the frequency and distribution of the USB violations report

C. Deploy PKI to add non-repudiation to login sessions so offenders cannot deny the offense

D. Implement group policy objects

Answer: D



Q11. A penetration tester is inspecting traffic on a new mobile banking application and sends the following web request:

POST http://www.example.com/resources/NewBankAccount HTTP/1.1 Content-type: application/json

{

u201caccountu201d: [

{ u201ccreditAccountu201d:u201dCredit Card Rewards accountu201d} { u201csalesLeadRefu201d:u201dwww.example.com/badcontent/exploitme.exeu201d}

],

u201ccustomeru201d: [

{ u201cnameu201d:u201dJoe Citizenu201d} { u201ccustRefu201d:u201d3153151u201d}

]

}

The banking website responds with: HTTP/1.1 200 OK

{

u201cnewAccountDetailsu201d: [

{ u201ccardNumberu201d:u201d1234123412341234u201d} { u201ccardExpiryu201d:u201d2021-12-31u201d}

{ u201ccardCVVu201d:u201d909u201d}

],

u201cmarketingCookieTrackeru201d:u201cJSESSIONID=000000001u201d u201creturnCodeu201d:u201cAccount added successfullyu201d

}

Which of the following are security weaknesses in this example? (Select TWO).

A. Missing input validation on some fields

B. Vulnerable to SQL injection

C. Sensitive details communicated in clear-text

D. Vulnerable to XSS

E. Vulnerable to malware file uploads

F. JSON/REST is not as secure as XML

Answer: A,C



Q12. A medium-sized company has recently launched an online product catalog. It has decided to keep the credit card purchasing in-house as a secondary potential income stream has been identified in relation to sales leads. The company has decided to undertake a PCI assessment in order to determine the amount of effort required to meet the business objectives. Which compliance category would this task be part of?

A. Government regulation

B. Industry standard

C. Company guideline

D. Company policy

Answer: B



Q13. The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled:

Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0

Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0

Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0

All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router interfaceu2021s MAC is 00-01-42-32-ab-1a

A packet capture shows the following:

09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:08:10.937590 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2305, seq 1,

length 65534

09:08:10.937591 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2306, seq 2,

length 65534

09:08:10.937592 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2307, seq 3,

length 65534

Which of the following is occurring on the network?

A. A man-in-the-middle attack is underway on the network.

B. An ARP flood attack is targeting at the router.

C. The default gateway is being spoofed on the network.

D. A denial of service attack is targeting at the router.

Answer: D



Q14. A new IDS device is generating a very large number of irrelevant events. Which of the following would BEST remedy this problem?

A. Change the IDS to use a heuristic anomaly filter.

B. Adjust IDS filters to decrease the number of false positives.

C. Change the IDS filter to data mine the false positives for statistical trending data.

D. Adjust IDS filters to increase the number of false negatives.

Answer: B



Q15. Company A is purchasing Company B. Company A uses a change management system for all IT processes while Company B does not have one in place. Company Bu2021s IT staff needs to purchase a third party product to enhance production. Which of the following NEXT steps should be implemented to address the security impacts this product may cause?

A. Purchase the product and test it in a lab environment before installing it on any live system.

B. Allow Company A and Bu2021s IT staff to evaluate the new product prior to purchasing it.

C. Purchase the product and test it on a few systems before installing it throughout the entire company.

D. Use Company Au2021s change management process during the evaluation of the new product.

Answer: D



Q16. A new company requirement mandates the implementation of multi-factor authentication to access network resources. The security administrator was asked to research and implement the most cost-effective solution that would allow for the authentication of both hardware and users. The company wants to leverage the PKI infrastructure which is already well established. Which of the following solutions should the security administrator implement?

A. Issue individual private/public key pairs to each user, install the private key on the central authentication system, and protect the private key with the useru2021s credentials. Require each user to install the public key on their computer.

B. Deploy USB fingerprint scanners on all desktops, and enable the fingerprint scanner on all laptops. Require all network users to register their fingerprint using the reader and store the information in the central authentication system.

C. Issue each user one hardware token. Configure the token serial number in the user properties of the central authentication system for each user and require token authentication with PIN for network logon.

D. Issue individual private/public key pairs to each user, install the public key on the central authentication system, and require each user to install the private key on their computer and protect it with a password.

Answer: D



Q17. An administrator at a small company replaces servers whenever budget money becomes available. Over the past several years the company has acquired and still uses 20 servers and 50 desktops from five different computer manufacturers. Which of the following are management challenges and risks associated with this style of technology lifecycle management?

A. Decreased security posture, decommission of outdated hardware, inability to centrally manage, and performance bottlenecks on old hardware.

B. Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware.

C. OS end-of-support issues, ability to backup data, hardware parts availability, and firmware update availability and management.

D. Inability to use virtualization, trusted OS complexities, and multiple patch versions based on OS dependency.

Answer: B



Q18. A companyu2021s security policy states that its own internally developed proprietary Internet facing software must be resistant to web application attacks. Which of the following methods provides the MOST protection against unauthorized access to stored database information?

A. Require all development to follow secure coding practices.

B. Require client-side input filtering on all modifiable fields.

C. Escape character sequences at the application tier.

D. Deploy a WAF with application specific signatures.

Answer: A



Q19. A network administrator notices a security intrusion on the web server. Which of the following is noticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2 in the log file?

A. Buffer overflow

B. Click jacking

C. SQL injection

D. XSS attack

Answer: D



P.S. Easily pass CAS-002 Exam with Certifytools Vivid Dumps & pdf vce, Try Free: https://www.certifytools.com/CAS-002-exam.html (532 New Questions)