Our pass rate is high to 98.9% and the similarity percentage between our CAS-002 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA CAS-002 exam in just one try? I am currently studying for the CompTIA CAS-002 exam. Latest CompTIA CAS-002 Test exam practice questions and answers, Try CompTIA CAS-002 Brain Dumps First.

P.S. Download CAS-002 answers are available on Google Drive, GET MORE: https://drive.google.com/open?id=1jFEYVEoSSaRH30NOS859G8vaEUVGAdF5

New CompTIA CAS-002 Exam Dumps Collection (Question 9 - Question 18)

New Questions 9

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string:

user@hostname:~$ sudo nmap u2013O

Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:

TCP/22 TCP/111 TCP/512-514 TCP/2049


Based on this information, which of the following operating systems is MOST likely running on the unknown node?

A. Linux

B. Windows

C. Solaris


Answer: C

New Questions 10

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?

A. Isolate the system on a secure network to limit its contact with other systems

B. Implement an application layer firewall to protect the payroll system interface

C. Monitor the systemu2019s security log for unauthorized access to the payroll application

D. Perform reconciliation of all payroll transactions on a daily basis

Answer: A

New Questions 11

A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this

policy. One system will be upgraded in six months, and two are not expected to be upgraded or removed from the network. Which of the following processes should be followed?

A. Establish a risk matrix

B. Inherit the risk for six months

C. Provide a business justification to avoid the risk

D. Provide a business justification for a risk exception

Answer: D

New Questions 12

Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows:

Delivered-To: customer@example.com Received: by

Mon, 1 Nov 2010 11:15:24 -0700 (PDT)

Received: by

Mon, 01 Nov 2010 11:15:23 -0700 (PDT)

Return-Path: <IT@company.com>

Received: from for <customer@example.com>; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from <IT@company.com>)

Received: by smtpex.example.com (SMTP READY)

with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500

Received: from by; Mon, 1 Nov 2010 13:15:14 -0500

From: Company <IT@Company.com>

To: "customer@example.com" <customer@example.com> Date: Mon, 1 Nov 2010 13:15:11 -0500

Subject: New Insurance Application Thread-Topic: New Insurance Application

Please download and install software from the site below to maintain full access to your account.


Additional information: The authorized mail servers IPs are and The networku2019s subnet is

Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).

A. Identify the origination point for malicious activity on the unauthorized mail server.

B. Block port 25 on the firewall for all unauthorized mail servers.

C. Disable open relay functionality.

D. Shut down the SMTP service on the unauthorized mail server.

E. Enable STARTTLS on the spam filter.

Answer: B,D

New Questions 13

A system administrator has just installed a new Linux distribution. The distribution is configured to be u201csecure out of the boxu201d. The system administrator cannot make updates to certain system files and services. Each time changes are attempted, they are denied and a system error is generated. Which of the following troubleshooting steps should the security administrator suggest?

A. Review settings in the SELinux configuration files

B. Reset root permissions on systemd files

C. Perform all administrative actions while logged in as root

D. Disable any firewall software before making changes

Answer: A

New Questions 14

The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?

A. Capture process ID data and submit to anti-virus vendor for review.

B. Reboot the Linux servers, check running processes, and install needed patches.

C. Remove a single Linux server from production and place in quarantine.

D. Notify upper management of a security breach.

E. Conduct a bit level image, including RAM, of one or more of the Linux servers.

Answer: E

New Questions 15

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

A. Implement an IPS to block the application on the network

B. Implement the remote application out to the rest of the servers

A. C. Implement SSL VPN with SAML standards for federation

D. Implement an ACL on the firewall with NAT for remote access

Answer: C

New Questions 16

During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance to regulations. The audit discovers that 40 percent of the desktops do not meet requirements. Which of the following is the MOST likely cause of the noncompliance?

A. The devices are being modified and settings are being overridden in production.

B. The patch management system is causing the devices to be noncompliant after issuing the latest patches.

C. The desktop applications were configured with the default username and password.

D. 40 percent of the devices use full disk encryption.

Answer: A

New Questions 17

Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZu2019s hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory

requirements concerning PII, and administrative complexity on the proposal. Which of the following BEST describes the core concerns of the security architect?

A. Most of company XYZu2019s customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.

B. The availability requirements in SLAs with each hosted customer would have to be re- written to account for the transfer of virtual machines between physical platforms for regular maintenance.

C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.

D. Not all of company XYZu2019s customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.

Answer: C

New Questions 18

A Chief Financial Officer (CFO) has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently funded a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation?

A. The CFO is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.

B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.

C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the CFO.

D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.

Answer: D

Recommend!! Get the Download CAS-002 dumps in VCE and PDF From Examcollectionplus, Welcome to download: https://www.examcollectionplus.net/vce-CAS-002/ (New 532 Q&As Version)