Want to know Ucertify CAS-002 Exam practice test features? Want to lear more about CompTIA CompTIA Advanced Security Practitioner (CASP) certification experience? Study Pinpoint CompTIA CAS-002 answers to Renew CAS-002 questions at Ucertify. Gat a success with an absolute guarantee to pass CompTIA CAS-002 (CompTIA Advanced Security Practitioner (CASP)) test on your first attempt.

Q181. - (Topic 4) 

A corporation implements a mobile device policy on smartphones that utilizes a white list for allowed applications. Recently, the security administrator notices that a consumer cloud based storage application has been added to the mobile device white list. Which of the following security implications should the security administrator cite when recommending the application’s removal from the white list? 

A. Consumer cloud storage systems retain local copies of each file on the smartphone, as well as in the cloud, causing a potential data breach if the phone is lost or stolen. 

B. Smartphones can export sensitive data or import harmful data with this application causing the potential for DLP or malware issues. 

C. Consumer cloud storage systems could allow users to download applications to the smartphone. Installing applications this way would circumvent the application white list. 

D. Smartphones using consumer cloud storage are more likely to have sensitive data remnants on them when they are repurposed. 


Q182. - (Topic 4) 

Which of the following BEST describes the implications of placing an IDS device inside or outside of the corporate firewall? 

A. Placing the IDS device inside the firewall will allow it to monitor potential internal attacks but may increase the load on the system. 

B. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks while still allowing the firewall to block the attack. 

C. Placing the IDS device inside the firewall will allow it to monitor potential remote attacks but may increase the load on the system. 

D. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks but the firewall will not be able to block the attacks. 


Q183. - (Topic 4) 

Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software form running on mobile devices? 

A. Single sign-on 

B. Identity propagation 

C. Remote attestation 

D. Secure code review 


Q184. - (Topic 3) 

At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company. At 10:45 a.m. the security administrator received multiple alerts from the company’s statistical anomaly-based IDS about a company database administrator performing unusual transactions. At 

10:55 a.m. the security administrator resets the database administrator’s password. 

At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user. Which of the following is MOST likely the cause of the alerts? 

A. The IDS logs are compromised. 

B. The new password was compromised. 

C. An input validation error has occurred. 

D. A race condition has occurred. 


Q185. - (Topic 5) 

News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit network mapping and fingerprinting occurs in preparation for further exploitation. Which of the following is the MOST effective solution to protect against unrecognized malware infections, reduce detection time, and minimize any damage that might be done? 

A. Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology. 

B. Implement an application whitelist at all levels of the organization. 

C. Deploy a network based heuristic IDS, configure all layer 3 switches to feed data to the IDS for more effective monitoring. 

D. Update router configuration to pass all network traffic through a new proxy server with advanced malware detection. 


Q186. - (Topic 2) 

A security tester is testing a website and performs the following manual query: 


The following response is received in the payload: 

“ORA-000001: SQL command not properly ended” 

Which of the following is the response an example of? 

A. Fingerprinting 

B. Cross-site scripting 

C. SQL injection 

D. Privilege escalation 


Q187. - (Topic 1) 

The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53? 






Q188. - (Topic 5) 

An intruder was recently discovered inside the data center, a highly sensitive area. To gain access, the intruder circumvented numerous layers of physical and electronic security measures. Company leadership has asked for a thorough review of physical security controls to prevent this from happening again. Which of the following departments are the MOST heavily invested in rectifying the problem? (Select THREE). 

A. Facilities management 

B. Human resources 

C. Research and development 

D. Programming 

E. Data center operations 

F. Marketing 

G. Information technology 

Answer: A,E,G 

Q189. - (Topic 5) 

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers? 

A. SSL certificate revocation 

B. SSL certificate pinning 

C. Mobile device root-kit detection 

D. Extended Validation certificates 


Q190. - (Topic 2) 

A finance manager says that the company needs to ensure that the new system can “replay” data, up to the minute, for every exchange being tracked by the investment departments. The finance manager also states that the company’s transactions need to be tracked against this data for a period of five years for compliance. How would a security engineer BEST interpret the finance manager’s needs? 

A. Compliance standards 

B. User requirements 

C. Data elements 

D. Data storage 

E. Acceptance testing 

F. Information digest 

G. System requirements