It is more faster and easier to pass the CompTIA CAS-002 exam by using Tested CompTIA CompTIA Advanced Security Practitioner (CASP) questuins and answers. Immediate access to the Improved CAS-002 Exam and find the same core area CAS-002 questions with professionally verified answers, then PASS your exam with a high score now.

P.S. Tested CAS-002 bundle are available on Google Drive, GET MORE: https://drive.google.com/open?id=1ddthACQd1JGf0imm89GpLL8acwMLf-_e


New CompTIA CAS-002 Exam Dumps Collection (Question 5 - Question 14)

Question No: 5

Company XYZ has employed a consultant to perform a controls assessment of the HR system, backend business operations, and the SCADA system used in the factory. Which of the following correctly states the risk management options that the consultant should use during the assessment?

A. Risk reduction, risk sharing, risk retention, and risk acceptance.

B. Avoid, transfer, mitigate, and accept.

C. Risk likelihood, asset value, and threat level.

D. Calculate risk by determining technical likelihood and potential business impact.

Answer: B


Question No: 6

A storage as a service company implements both encryption at rest as well as encryption in transit of customersu2019 data. The security administrator is concerned with the overall security of the encrypted customer data stored by the company servers and wants the development team to implement a solution that will strengthen the customeru2019s encryption key. Which of the following, if implemented, will MOST increase the time an offline password attack against the customersu2019 data would take?

A. key = NULL ; for (int i=0; i<5000; i++) { key = sha(key + password) }

B. password = NULL ; for (int i=0; i<10000; i++) { password = sha256(key) }

C. password = password + sha(password+salt) + aes256(password+salt)

D. key = aes128(sha256(password), password))

Answer: A


Question No: 7

The security administrator of a large enterprise is tasked with installing and configuring a solution that will allow the company to inspect HTTPS traffic for signs of hidden malware and to detect data exfiltration over encrypted channels. After installing a transparent proxy server, the administrator is ready to configure the HTTPS traffic inspection engine and related network equipment. Which of the following should the security administrator implement as part of the network and proxy design to ensure the browser will not display any certificate errors when browsing HTTPS sites? (Select THREE).

A. Install a self-signed Root CA certificate on the proxy server.

B. The proxy configuration of all usersu2019 browsers must point to the proxy IP.

A. C. TCP port 443 requests must be redirected to TCP port 80 on the web server.

D. All usersu2019 personal certificatesu2019 public key must be installed on the proxy.

E. Implement policy-based routing on a router between the hosts and the Internet.

F. The proxy certificate must be installed on all usersu2019 browsers.

Answer: A,E,F


Question No: 8

The Linux server at Company A hosts a graphical application widely used by the company designers. One designer regularly connects to the server from a Mac laptop in the designeru2019s office down the hall. When the security engineer learns of this it is discovered the connection is not secured and the password can easily be obtained via network sniffing. Which of the following would the security engineer MOST likely implement to secure this connection?

Linux Server: 192.168.10.10/24 Mac Laptop: 192.168.10.200/24

A. From the server, establish an SSH tunnel to the Mac and VPN to 192.168.10.200.

B. From the Mac, establish a remote desktop connection to 192.168.10.10 using Network Layer Authentication and the CredSSP security provider.

C. From the Mac, establish a VPN to the Linux server and connect the VNC to 127.0.0.1.

D. From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to 127.0.0.1.

Answer: D


Question No: 9

The Chief Information Security Officer (CISO) at a software development company is concerned about the lack of introspection during a testing cycle of the companyu2019s flagship product. Testing was conducted by a small offshore consulting firm and the report by the consulting firm clearly indicates that limited test cases were used and many of the code paths remained untested.

The CISO raised concerns about the testing results at the monthly risk committee meeting, highlighting the need to get to the bottom of the product behaving unexpectedly in only some large enterprise deployments.

The Security Assurance and Development teams highlighted their availability to redo the testing if required.

Which of the following will provide the MOST thorough testing?

A. Have the small consulting firm redo the Black box testing.

B. Use the internal teams to perform Grey box testing.

C. Use the internal team to perform Black box testing.

D. Use the internal teams to perform White box testing.

E. Use a larger consulting firm to perform Black box testing.

Answer: D


Question No: 10

After being informed that the company DNS is unresponsive, the system administrator issues the following command from a Linux workstation:

Once at the command prompt, the administrator issues the below commanD. Which of the following is true about the above situation?

A. The administrator must use the sudo command in order to restart the service.

B. The administrator used the wrong SSH port to restart the DNS server.

C. The service was restarted correctly, but it failed to bind to the network interface.

D. The service did not restart because the bind command is privileged.

Answer: A


Question No: 11

CORRECT TEXTAn administrator wants to install a patch to an application. Given the scenario, download, verify and install the patch in the most secure manner. Instructions The last install that is completed will be the final submission

Answer: You need to check the hash value of download software with md5 utility.


Question No: 12

Which of the following BEST describes the implications of placing an IDS device inside or outside of the corporate firewall?

A. Placing the IDS device inside the firewall will allow it to monitor potential internal attacks but may increase the load on the system.

B. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks while still allowing the firewall to block the attack.

C. Placing the IDS device inside the firewall will allow it to monitor potential remote attacks but may increase the load on the system.

D. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks but the firewall will not be able to block the attacks.

Answer: B


Question No: 13

An organization has had component integration related vulnerabilities exploited in consecutive releases of the software it hosts. The only reason the company was able to identify the compromises was because of a correlation of slow server performance and an attentive security analyst noticing unusual outbound network activity from the application

servers. End-to-end management of the development process is the responsibility of the applications development manager and testing is done by various teams of programmers. Which of the following will MOST likely reduce the likelihood of similar incidents?

A. Conduct monthly audits to verify that application modifications do not introduce new vulnerabilities.

B. Implement a peer code review requirement prior to releasing code into production.

C. Follow secure coding practices to minimize the likelihood of creating vulnerable applications.

D. Establish cross-functional planning and testing requirements for software development activities.

Answer: D


Question No: 14

A web developer is responsible for a simple web application that books holiday accommodations. The front-facing web server offers an HTML form, which asks for a useru2019s age. This input gets placed into a signed integer variable and is then checked to ensure that the user is in the adult age range.

Users have reported that the website is not functioning correctly. The web developer has inspected log files and sees that a very large number (in the billions) was submitted just before the issue started occurring. Which of the following is the MOST likely situation that has occurred?

A. The age variable stored the large number and filled up disk space which stopped the application from continuing to function. Improper error handling prevented the application from recovering.

B. The age variable has had an integer overflow and was assigned a very small negative number which led to unpredictable application behavior. Improper error handling prevented the application from recovering.

C. Computers are able to store numbers well above u201cbillionsu201d in size. Therefore, the website issues are not related to the large number being input.

D. The application has crashed because a very large integer has lead to a u201cdivide by zerou201d. Improper error handling prevented the application from recovering.

Answer: B


Recommend!! Get the Tested CAS-002 dumps in VCE and PDF From Dumpscollection, Welcome to download: http://www.dumpscollection.net/dumps/CAS-002/ (New 532 Q&As Version)