Proper study guides for Avant-garde CompTIA CompTIA Advanced Security Practitioner (CASP) certified begins with CompTIA CAS-002 preparation products which designed to deliver the High quality CAS-002 questions by making you pass the CAS-002 test at your first time. Try the free CAS-002 demo right now.

P.S. High quality CAS-002 answers are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 8 - Question 17)

Question No: 8

The marketing department at Company A regularly sends out emails signed by the companyu2019s Chief Executive Officer (CEO) with announcements about the company. The CEO sends company and personal emails from a different email account. During legal proceedings against the company, the Chief Information Officer (CIO) must prove which emails came from the CEO and which came from the marketing department. The email server allows emails to be digitally signed and the corporate PKI provisioning allows for one certificate per user. The CEO did not share their password with anyone. Which of the following will allow the CIO to state which emails the CEO sent and which the marketing department sent?

A. Identity proofing

B. Non-repudiation

C. Key escrow

D. Digital rights management

Answer: B

Question No: 9

In single sign-on, the secondary domain needs to trust the primary domain to do which of the following? (Select TWO).

A. Correctly assert the identity and authorization credentials of the end user.

B. Correctly assert the authentication and authorization credentials of the end user.

C. Protect the authentication credentials used to verify the end user identity to the secondary domain for unauthorized use.

D. Protect the authentication credentials used to verify the end user identity to the secondary domain for authorized use.

A. E. Protect the accounting credentials used to verify the end user identity to the secondary domain for unauthorized use.

F. Correctly assert the identity and authentication credentials of the end user.

Answer: D,F

Topic 4, Volume D

Question No: 10

The security administrator at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years. The security administrator is only able to find one yearu2019s worth of email records on the server and is now concerned about the possible legal implications of not complying with the request. Which of the following should the security administrator check BEFORE responding to the request?

A. The company data privacy policies

B. The company backup logs and archives

C. The company data retention policies and guidelines

D. The company data retention procedures

Answer: B

Question No: 11

An organization recently upgraded its wireless infrastructure to support 802.1x and requires all clients to use this method. After the upgrade, several critical wireless clients fail to

connect because they are only pre-shared key compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the 802.1x requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?

A. Create a separate SSID and require the use of dynamic encryption keys.

B. Create a separate SSID with a pre-shared key to support the legacy clients and rotate the key at random intervals.

C. Create a separate SSID and pre-shared WPA2 key on a new network segment and only allow required communication paths.

D. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.

Answer: B

Question No: 12

New zero-day attacks are announced on a regular basis against a broad range of technology systems. Which of the following best practices should a security manager do to manage the risks of these attack vectors? (Select TWO).

A. Establish an emergency response call tree.

B. Create an inventory of applications.

C. Backup the router and firewall configurations.

D. Maintain a list of critical systems.

E. Update all network diagrams.

Answer: B,D

Question No: 13

CORRECT TEXTThe IDS has detected abnormal behavior on this network. Click on the network devices to view device information. Based on this information, the following tasks should be completed:

1. Select the server that is a victim of a cross-site scripting (XSS) attack. 2 Select the source of the brute force password attack.

3. Modify the access control list (ACL) on the router(s) to ONLY block the XSS attack.

Instructions: Simulations can be reset at anytime to the initial state: however, all selections will be deleted

Answer: Please review following steps:

Question No: 14

Three companies want to allow their employees to seamlessly connect to each otheru2019s wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure

that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companiesu2019 wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement?

A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation.

B. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID.

C. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates.

D. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller.

Answer: A

Question No: 15

When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.

Which of the following would impact the security of conferenceu2019s resources?

A. Wireless network security may need to be increased to decrease access of mobile devices.

B. Physical security may need to be increased to deter or prevent theft of mobile devices.

C. Network security may need to be increased by reducing the number of available physical network jacks.

D. Wireless network security may need to be decreased to allow for increased access of mobile devices.

Answer: C

Question No: 16

In a situation where data is to be recovered from an attackeru2019s location, which of the following are the FIRST things to capture? (Select TWO).

A. Removable media

B. Passwords written on scrap paper

C. Snapshots of data on the monitor

D. Documents on the printer

E. Volatile system memory

F. System hard drive

Answer: C,E

Question No: 17

An administrator is notified that contract workers will be onsite assisting with a new project. The administrator wants each worker to be aware of the corporate policy pertaining to USB storage devices. Which of the following should each worker review and understand before beginning work?

A. Interconnection Security Agreement

B. Memorandum of Understanding

C. Business Partnership Agreement

D. Non-Disclosure Agreement

Answer: C

100% Avant-garde CompTIA CAS-002 Questions & Answers shared by 2passeasy, Get HERE: (New 532 Q&As)