CAS-002 Questions And Answers
$68
Exam Name: CompTIA Advanced Security Practitioner Exam
Updated: 2021-09-20
Q & A: 532
- Reviews
Why Choose PassQuestion CompTIA CAS-002 Exam Questions
Passquestion team uses professional knowledge and experience to provide CompTIA CASP CAS-002 Questions and Answers for people ready to participate in CompTIA Advanced Security Practitioner Exam exam. The accuracy rate of CAS-002 exam questions provided by Passquestion are very high and they can 100% guarantee you pass the CompTIA CAS-002 exam successfully in the first attempt. Everyone can get CAS-002 pdf with free test engine to study. PassQuestion can promise you always have the latest version for your CompTIA CAS-002 test preparation and get your CompTIA CASP certification easily.
CAS-002 Frequently Asked Questions
Q1: Can I use CAS-002 exam Q&As in my phone?
Yes, PassQuestion provides CompTIA CASP CAS-002 pdf Q&As which you can download to study on your computer or mobile device, we also provide CAS-002 pdf free demo which from the full version to check its quality before purchasing.
Q2: What are the formats of your CompTIA CAS-002 exam questions?
PassQuestion provides CompTIA CAS-002 exam questions with pdf format and software format, pdf file will be sent in attachment and software file in a download link, you need to download the link in a week, it will be automatically invalid after a week.
Q3: How can I download my CAS-002 test questions after purchasing?
We will send CompTIA CASP CAS-002 test questions to your email once we receive your order, pls make sure your email address valid or leave an alternate email.
Q4: How long can I get my CompTIA CASP CAS-002 questions and answers after purchasing?
We will send CompTIA CASP CAS-002 questions and answers to your email in 10 minutes in our working time and no less than 12 hours in our off time.
Working Time:
GMT+8: Monday- Saturday 8:00 AM-18:00 PM
GMT: Monday- Saturday 0:00 AM-10:00 AM
Q5: Can I pass my test with your CompTIA CASP CAS-002 practice questions only?
Sure! All of PassQuestion CompTIA CASP CAS-002 practice questions come from real test. If you can practice well and get a good score in our practice Q&As, we ensure you can pass your CompTIA Advanced Security Practitioner Exam exam easily.
Q6: How can I know my CAS-002 updated?
You can check the number of questions, if it is changed,that means we have updated this exam ,you can contact us anytime to ask for an free update. our sales email : [email protected]
Q7: What is your refund process if I fail CompTIA CAS-002 test?
If you fail your CAS-002 test in 60 days by studying our study material, just scan your score report and send to us in attchment,when we check, we will give you full refund.
Q8. What other payment menthod can I use except Paypal?
If your country don't support Paypal, we offer another Payment method Western Union,it is also safe and fast. Pls contact us for the details, we will send it to your email.
Question No : 1
A security administrator wants to calculate the ROI of a security design which includes the purchase of new equipment. The equipment costs $50,000 and it will take 50 hours to install and configure the equipment. The administrator plans to hire a contractor at a rate of $100/hour to do the installation. Given that the new design and equipment will allow the company to increase revenue and make an additional $100,000 on the first year, which of the following is the ROI expressed as a percentage for the first year?
A. -45 percent
B. 5.5 percent
C. 45 percent
D. 82 percent
A. -45 percent
B. 5.5 percent
C. 45 percent
D. 82 percent
Answer: D
Question No : 2
During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?
A. Implement an IPS to block the application on the network
B. Implement the remote application out to the rest of the servers
C. Implement SSL VPN with SAML standards for federation
D. Implement an ACL on the firewall with NAT for remote access
A. Implement an IPS to block the application on the network
B. Implement the remote application out to the rest of the servers
C. Implement SSL VPN with SAML standards for federation
D. Implement an ACL on the firewall with NAT for remote access
Answer: C
Question No : 3
Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology.
Which of the following would be the advantage of conducting this kind of penetration test?
A. The risk of unplanned server outages is reduced.
B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on.
C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness.
D. The results should reflect what attackers may be able to learn about the company.
Which of the following would be the advantage of conducting this kind of penetration test?
A. The risk of unplanned server outages is reduced.
B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on.
C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness.
D. The results should reflect what attackers may be able to learn about the company.
Answer: D
Question No : 4
A new piece of ransomware got installed on a company¡¯s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern?
A. Determining how to install HIPS across all server platforms to prevent future incidents
B. Preventing the ransomware from re-infecting the server upon restore
C. Validating the integrity of the deduplicated data
D. Restoring the data will be difficult without the application configuration
A. Determining how to install HIPS across all server platforms to prevent future incidents
B. Preventing the ransomware from re-infecting the server upon restore
C. Validating the integrity of the deduplicated data
D. Restoring the data will be difficult without the application configuration
Answer: D
Question No : 5
The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company¡¯s contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO).
A. Block traffic from the ISP¡¯s networks destined for blacklisted IPs.
B. Prevent the ISP¡¯s customers from querying DNS servers other than those hosted by the ISP.
C. Scan the ISP¡¯s customer networks using an up-to-date vulnerability scanner.
D. Notify customers when services they run are involved in an attack.
E. Block traffic with an IP source not allocated to customers from exiting the ISP's network.
A. Block traffic from the ISP¡¯s networks destined for blacklisted IPs.
B. Prevent the ISP¡¯s customers from querying DNS servers other than those hosted by the ISP.
C. Scan the ISP¡¯s customer networks using an up-to-date vulnerability scanner.
D. Notify customers when services they run are involved in an attack.
E. Block traffic with an IP source not allocated to customers from exiting the ISP's network.
Answer: D, E
Question No : 6
A network administrator with a company¡¯s NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the company¡¯s physical security, which of the following can the network administrator use to detect the presence of a malicious actor physically accessing the company¡¯s network or information systems from within? (Select TWO).
A. RAS
B. Vulnerability scanner
C. HTTP intercept
D. HIDS
E. Port scanner
F. Protocol analyzer
A. RAS
B. Vulnerability scanner
C. HTTP intercept
D. HIDS
E. Port scanner
F. Protocol analyzer
Answer: D, F
Question No : 7
An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the following practices satisfy continuous monitoring of authorized information systems?
A. Independent verification and validation
B. Security test and evaluation
C. Risk assessment
D. Ongoing authorization
A. Independent verification and validation
B. Security test and evaluation
C. Risk assessment
D. Ongoing authorization
Answer: D
Question No : 8
Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string:
[email protected]:~$ sudo nmap ¨CO 192.168.1.54
Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:
TCP/22
TCP/111
TCP/512-514
TCP/2049
TCP/32778
Based on this information, which of the following operating systems is MOST likely running on the unknown node?
A. Linux
B. Windows
C. Solaris
D. OSX
[email protected]:~$ sudo nmap ¨CO 192.168.1.54
Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:
TCP/22
TCP/111
TCP/512-514
TCP/2049
TCP/32778
Based on this information, which of the following operating systems is MOST likely running on the unknown node?
A. Linux
B. Windows
C. Solaris
D. OSX
Answer: C
Question No : 9
A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO¡¯s requirement?
A. GRC
B. IPS
C. CMDB
D. Syslog-ng
E. IDS
A. GRC
B. IPS
C. CMDB
D. Syslog-ng
E. IDS
Answer: A
Question No : 10
An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?
A. Ensure the SaaS provider supports dual factor authentication.
B. Ensure the SaaS provider supports encrypted password transmission and storage.
C. Ensure the SaaS provider supports secure hash file exchange.
D. Ensure the SaaS provider supports role-based access control.
E. Ensure the SaaS provider supports directory services federation.
A. Ensure the SaaS provider supports dual factor authentication.
B. Ensure the SaaS provider supports encrypted password transmission and storage.
C. Ensure the SaaS provider supports secure hash file exchange.
D. Ensure the SaaS provider supports role-based access control.
E. Ensure the SaaS provider supports directory services federation.
Answer: E
Question No : 11
The source workstation image for new accounting PCs has begun blue-screening. A technician notices that the date/time stamp of the image source appears to have changed. The desktop support director has asked the Information Security department to determine if any changes were made to the source image. Which of the following methods would BEST help with this process? (Select TWO).
A. Retrieve source system image from backup and run file comparison analysis on the two images.
B. Parse all images to determine if extra data is hidden using steganography.
C. Calculate a new hash and compare it with the previously captured image hash.
D. Ask desktop support if any changes to the images were made.
E. Check key system files to see if date/time stamp is in the past six months.
A. Retrieve source system image from backup and run file comparison analysis on the two images.
B. Parse all images to determine if extra data is hidden using steganography.
C. Calculate a new hash and compare it with the previously captured image hash.
D. Ask desktop support if any changes to the images were made.
E. Check key system files to see if date/time stamp is in the past six months.
Answer: A, C
Question No : 12
A security firm is writing a response to an RFP from a customer that is building a new network based software product. The firm¡¯s expertise is in penetration testing corporate networks. The RFP explicitly calls for all possible behaviors of the product to be tested, however, it does not specify any particular method to achieve this goal. Which of the following should be used to ensure the security and functionality of the product? (Select TWO).
A. Code review
B. Penetration testing
C. Grey box testing
D. Code signing
E. White box testing
A. Code review
B. Penetration testing
C. Grey box testing
D. Code signing
E. White box testing
Answer: A, E
Question No : 13
A human resources manager at a software development company has been tasked with recruiting personnel for a new cyber defense division in the company. This division will require personnel to have high technology skills and industry certifications. Which of the following is the BEST method for this manager to gain insight into this industry to execute the task?
A. Interview candidates, attend training, and hire a staffing company that specializes in technology jobs
B. Interview employees and managers to discover the industry hot topics and trends
C. Attend meetings with staff, internal training, and become certified in software management
D. Attend conferences, webinars, and training to remain current with the industry and job requirements
A. Interview candidates, attend training, and hire a staffing company that specializes in technology jobs
B. Interview employees and managers to discover the industry hot topics and trends
C. Attend meetings with staff, internal training, and become certified in software management
D. Attend conferences, webinars, and training to remain current with the industry and job requirements
Answer: D
Question No : 14
After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position?
A. Least privilege
B. Job rotation
C. Mandatory vacation
D. Separation of duties
A. Least privilege
B. Job rotation
C. Mandatory vacation
D. Separation of duties
Answer: B
Question No : 15
A software development manager is taking over an existing software development project. The team currently suffers from poor communication due to a long delay between requirements documentation and feature delivery. This gap is resulting in an above average number of security-related bugs making it into production. Which of the following development methodologies is the team MOST likely using now?
A. Agile
B. Waterfall
C. Scrum
D. Spiral
A. Agile
B. Waterfall
C. Scrum
D. Spiral
Answer: B