It is impossible to pass CompTIA CAS-002 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed CompTIA CAS-002 practice questions. You will get a surprising result by our Avant-garde CompTIA Advanced Security Practitioner (CASP) practice guides.

2021 Dec CAS-002 training

Q81. - (Topic 2) 

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system? 

A. Isolate the system on a secure network to limit its contact with other systems 

B. Implement an application layer firewall to protect the payroll system interface 

C. Monitor the system’s security log for unauthorized access to the payroll application 

D. Perform reconciliation of all payroll transactions on a daily basis 

Answer:


Q82. - (Topic 2) 

A security administrator is performing VDI traffic data collection on a virtual server which migrates from one host to another. While reviewing the data collected by the protocol analyzer, the security administrator notices that sensitive data is present in the packet capture. Which of the following should the security administrator recommend to ensure the confidentiality of sensitive information during live VM migration, while minimizing latency issues? 

A. A separate physical interface placed on a private VLAN should be configured for live host operations. 

B. Database record encryption should be used when storing sensitive information on virtual servers. 

C. Full disk encryption should be enabled across the enterprise to ensure the confidentiality of sensitive data. 

D. Sensitive data should be stored on a backend SAN which uses an isolated fiber channel network. 

Answer:


Q83. - (Topic 3) 

An administrator is reviewing logs and sees the following entry: 

Message: Access denied with code 403 (phase 2). Pattern match "\bunion\b.{1,100}?\bselect\b" at ARGS:$id. [data "union all select"] [severity "CRITICAL"] [tag "WEB_ATTACK"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] 

Action: Intercepted (phase 2) Apache-Handler: php5-script 

Which of the following attacks was being attempted? 

A. Session hijacking 

B. Cross-site script 

C. SQL injection 

D. Buffer overflow 

Answer:


Q84. - (Topic 2) 

An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month. The new software product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per month and be more secure. How many years until there is a return on investment for this new package? 

A. 1 

B. 2 

C. 3 

D. 4 

Answer:


Q85. CORRECT TEXT - (Topic 2) 

Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range. 

Instructions: Click on the simulation button to refer to the Network Diagram for Company A. 

Click on Router 1, Router 2, and the Firewall to evaluate and configure each device. 

Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces. 

Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network. 

Answer: Please check the explanation part for the solution. 


Update CAS-002 download:

Q86. - (Topic 2) 

A finance manager says that the company needs to ensure that the new system can “replay” data, up to the minute, for every exchange being tracked by the investment departments. The finance manager also states that the company’s transactions need to be tracked against this data for a period of five years for compliance. How would a security engineer BEST interpret the finance manager’s needs? 

A. Compliance standards 

B. User requirements 

C. Data elements 

D. Data storage 

E. Acceptance testing 

F. Information digest 

G. System requirements 

Answer:


Q87. - (Topic 3) 

Company A is purchasing Company B. Company A uses a change management system for all IT processes while Company B does not have one in place. Company B’s IT staff needs to purchase a third party product to enhance production. Which of the following NEXT steps should be implemented to address the security impacts this product may cause? 

A. Purchase the product and test it in a lab environment before installing it on any live system. 

B. Allow Company A and B’s IT staff to evaluate the new product prior to purchasing it. 

C. Purchase the product and test it on a few systems before installing it throughout the entire company. 

D. Use Company A’s change management process during the evaluation of the new product. 

Answer:


Q88. - (Topic 5) 

A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk? 

A. Deploy new perimeter firewalls at all stores with UTM functionality. 

B. Change antivirus vendors at the store and the corporate office. 

C. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution. 

D. Deploy a proxy server with content filtering at the corporate office and route all traffic through it. 

Answer:


Q89. - (Topic 3) 

Which of the following is the BEST place to contractually document security priorities, responsibilities, guarantees, and warranties when dealing with outsourcing providers? 

A. NDA 

B. OLA 

C. MOU 

D. SLA 

Answer:


Q90. - (Topic 2) 

A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the BEST description of why this is true? 

A. Commercially available software packages are typically well known and widely available. Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid lawsuits. 

B. Commercially available software packages are often widely available. Information concerning vulnerabilities is often kept internal to the company that developed the software. 

C. Commercially available software packages are not widespread and are only available in limited areas. Information concerning vulnerabilities is often ignored by business managers. 

D. Commercially available software packages are well known and widely available. Information concerning vulnerabilities and viable attack patterns are always shared within the IT community. 

Answer: