Certleader offers free demo for CAS-002 exam. "CompTIA Advanced Security Practitioner (CASP)", also known as CAS-002 exam, is a CompTIA Certification. This set of posts, Passing the CompTIA CAS-002 exam, will help you answer those questions. The CAS-002 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA CAS-002 exams and revised by experts!

P.S. Precise CAS-002 testing material are available on Google Drive, GET MORE: https://drive.google.com/open?id=1o83EG0ADisGFtGQxvx-BzUZbRUif5wko

New CompTIA CAS-002 Exam Dumps Collection (Question 8 - Question 17)

New Questions 8

A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self service functionality. The application has been written by developers over the last six months and the project is currently in the test phase.

Which of the following security activities should be implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select TWO).

A. Perform unit testing of the binary code

B. Perform code review over a sampling of the front end source code

C. Perform black box penetration testing over the solution

D. Perform grey box penetration testing over the solution

E. Perform static code review over the front end source code

Answer: D,E

New Questions 9

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string:

user@hostname:~$ sudo nmap u2013O

Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:

TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778

Based on this information, which of the following operating systems is MOST likely running on the unknown node?

A. Linux

A. B. Windows

C. Solaris


Answer: C

New Questions 10

An administrator receives a notification from legal that an investigation is being performed on members of the finance department. As a precaution, legal has advised a legal hold on all documents for an unspecified period of time. Which of the following policies will MOST likely be violated? (Select TWO).

A. Data Storage Policy

B. Data Retention Policy

C. Corporate Confidentiality Policy

D. Data Breach Mitigation Policy

E. Corporate Privacy Policy

Answer: A,B

New Questions 11

The IT manager is evaluating IPS products to determine which would be most effective at stopping network traffic that contains anomalous content on networks that carry very specific types of traffic. Based on the IT manageru2019s requirements, which of the following

types of IPS products would be BEST suited for use in this situation?

A. Signature-based

B. Rate-based

C. Anomaly-based

D. Host-based

Answer: A

New Questions 12

A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:

Customers to upload their log files to the u201cbig datau201d platform Customers to perform remote log search

Customers to integrate into the platform using an API so that third party business intelligence tools can be used for the purpose of trending, insights, and/or discovery

Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).

A. Secure storage and transmission of API keys

B. Secure protocols for transmission of log files and search results

C. At least two years retention of log files in case of e-discovery requests

D. Multi-tenancy with RBAC support

E. Sanitizing filters to prevent upload of sensitive log file contents

F. Encrypted storage of all customer log files

Answer: A,B,D

New Questions 13

A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. However, comparing a hash of the infected files with the original, non-infected files which were restored from backup, shows that the hash is the same. Which of the following explains this?

A. The infected files were using obfuscation techniques to evade detection by antivirus software.

B. The infected files were specially crafted to exploit a collision in the hash function.

C. The infected files were using heuristic techniques to evade detection by antivirus software.

D. The infected files were specially crafted to exploit diffusion in the hash function.

Answer: B

New Questions 14

A corporation implements a mobile device policy on smartphones that utilizes a white list for allowed applications. Recently, the security administrator notices that a consumer cloud based storage application has been added to the mobile device white list. Which of the following security implications should the security administrator cite when recommending the applicationu2019s removal from the white list?

A. Consumer cloud storage systems retain local copies of each file on the smartphone, as well as in the cloud, causing a potential data breach if the phone is lost or stolen.

B. Smartphones can export sensitive data or import harmful data with this application causing the potential for DLP or malware issues.

C. Consumer cloud storage systems could allow users to download applications to the smartphone. Installing applications this way would circumvent the application white list.

D. Smartphones using consumer cloud storage are more likely to have sensitive data remnants on them when they are repurposed.

Answer: B

New Questions 15

Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. Which of the following would be the advantage of conducting this kind of penetration test?

A. The risk of unplanned server outages is reduced.

A. B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on.

C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness.

D. The results should reflect what attackers may be able to learn about the company.

Answer: D

New Questions 16

The Chief Information Officer (CIO) is focused on improving IT governance within the organization to reduce system downtime. The CIO has mandated that the following improvements be implemented:

-All business units must now identify IT risks and include them in their business risk profiles.

-Key controls must be identified and monitored.

-Incidents and events must be recorded and reported with management oversight.

-Exemptions to the information security policy must be formally recorded, approved, and managed.

-IT strategy will be reviewed to ensure it is aligned with the businesses strategy and objectives.

In addition to the above, which of the following would BEST help the CIO meet the requirements?

A. Establish a register of core systems and identify technical service owners

B. Establish a formal change management process

C. Develop a security requirement traceability matrix

D. Document legacy systems to be decommissioned and the disposal process

Answer: B

New Questions 17

A company has received the contract to begin developing a new suite of software tools to replace an aging collaboration solution. The original collaboration solution has been in place for nine years, contains over a million lines of code, and took over two years to develop originally. The SDLC has broken the primary delivery stages into eight different deliverables, with each section requiring an in-depth risk analysis before moving on to the next phase. Which of the following software development methods is MOST applicable?

A. Spiral model

B. Incremental model

C. Waterfall model

D. Agile model

Answer: D

P.S. Easily pass CAS-002 Exam with Examcollectionplus Precise Dumps & pdf vce, Try Free: https://www.examcollectionplus.net/vce-CAS-002/ (450 New Questions)