★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


CAS-002 review is CompTIA CompTIA Advanced Security Practitioner (CASP) official code. we industry experts built-up [productnum] questions and replies intended for candidates preparation. Within the CAS-002 review means, contenders covers just about every niche and category with CompTIA certification helping to geared up contenders to get a flourishing CompTIA Qualification.

2021 Dec comptia casp cas-002:

Q1. - (Topic 4) 

The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients. 

Which of the following is MOST likely the cause of this problem? 

A. TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped. 

B. TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall. 

C. Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped. 

D. The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped. 

Answer:


Q2. - (Topic 4) 

The organization has an IT driver on cloud computing to improve delivery times for IT solution provisioning. Separate to this initiative, a business case has been approved for replacing the existing banking platform for credit card processing with a newer offering. It is the security practitioner’s responsibility to evaluate whether the new credit card processing platform can be hosted within a cloud environment. Which of the following BEST balances the security risk and IT drivers for cloud computing? 

A. A third-party cloud computing platform makes sense for new IT solutions. This should be endorsed going forward so as to align with the IT strategy. However, the security practitioner will need to ensure that the third-party cloud provider does regular penetration tests to ensure that all data is secure. 

B. Using a third-party cloud computing environment should be endorsed going forward. This aligns with the organization’s strategic direction. It also helps to shift any risk and regulatory compliance concerns away from the company’s internal IT department. The next step will be to evaluate each of the cloud computing vendors, so that a vendor can then be selected for hosting the new credit card processing platform. 

C. There may be regulatory restrictions with credit cards being processed out of country or processed by shared hosting providers. A private cloud within the company should be considered. An options paper should be created which outlines the risks, advantages, disadvantages of relevant choices and it should recommended a way forward. 

D. Cloud computing should rarely be considered an option for any processes that need to be significantly secured. The security practitioner needs to convince the stakeholders that the new platform can only be delivered internally on physical infrastructure. 

Answer:


Q3. - (Topic 1) 

The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. The helpdesk staff is currently unable to perform effective troubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff is located within the company headquarters and 90% of the callers are telecommuters, which of the following tools should the helpdesk manager use to make the staff more effective at troubleshooting while at the same time reducing company costs? (Select TWO). 

A. Web cameras 

B. Email 

C. Instant messaging 

D. BYOD 

E. Desktop sharing 

F. Presence 

Answer: C,E 


Q4. - (Topic 2) 

An IT manager is working with a project manager to implement a new ERP system capable of transacting data between the new ERP system and the legacy system. As part of this process, both parties must agree to the controls utilized to secure data connections between the two enterprise systems. This is commonly documented in which of the following formal documents? 

A. Memorandum of Understanding 

B. Information System Security Agreement 

C. Interconnection Security Agreement 

D. Interoperability Agreement 

E. Operating Level Agreement 

Answer:


Q5. DRAG DROP - (Topic 3) 

Company A has experienced external attacks on their network and wants to minimize the attacks from reoccurring. Modify the network diagram to prevent SQL injections. XSS attacks, smurf attacks, e-mail spam, downloaded malware. viruses and ping attacks. The company can spend a MAXIMUM of 550.000 USD. A cost list for each item is listed below 

1. Anti-Virus Server- $10,000 2 Firewall-$15,000 3 Load Balanced Server - $10,000 4 NIDS/NIPS-$10,000 

5. Packet Analyzer-55.000 6 Patch Server-$15,000 7 Proxy Server-$20,000 8. Router - S10.000 9 Spam Filter - S5 000 10 Traffic Shaper - $20,000 

11. Web Application Firewall - $10,000 

Instructions: Not all placeholders in the diagram need to be filled and items can only be used once. 

Answer: 

303. - (Topic 3) 

An organization did not know its internal customer and financial databases were compromised until the attacker published sensitive portions of the database on several popular attacker websites. The organization was unable to determine when, how, or who conducted the attacks but rebuilt, restored, and updated the compromised database server to continue operations. 

Which of the following is MOST likely the cause for the organization’s inability to determine what really occurred? 

A. Too few layers of protection between the Internet and internal network 

B. Lack of a defined security auditing methodology 

C. Poor intrusion prevention system placement and maintenance 

D. Insufficient logging and mechanisms for review 

Answer:


Avant-garde comptia casp cas-002 pdf:

Q6. - (Topic 2) 

ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE). 

A. Establish a list of users that must work with each regulation 

B. Establish a list of devices that must meet each regulation 

C. Centralize management of all devices on the network 

D. Compartmentalize the network 

E. Establish a company framework 

F. Apply technical controls to meet compliance with the regulation 

Answer: B,D,F 


Q7. - (Topic 4) 

An audit at a popular on-line shopping site reveals that a flaw in the website allows customers to purchase goods at a discounted rate. To improve security the Chief Information Security Officer (CISO) has requested that the web based shopping cart application undergo testing to validate user input in both free form text fields and drop down boxes. 

Which of the following is the BEST combination of tools and / or methods to use? 

A. Blackbox testing and fingerprinting 

B. Code review and packet analyzer 

C. Fuzzer and HTTP interceptor 

D. Enumerator and vulnerability assessment 

Answer:


Q8. - (Topic 1) 

A security firm is writing a response to an RFP from a customer that is building a new network based software product. The firm’s expertise is in penetration testing corporate networks. The RFP explicitly calls for all possible behaviors of the product to be tested, however, it does not specify any particular method to achieve this goal. Which of the following should be used to ensure the security and functionality of the product? (Select TWO). 

A. Code review 

B. Penetration testing 

C. Grey box testing 

D. Code signing 

E. White box testing 

Answer: A,E 


Q9. - (Topic 3) 

A University uses a card transaction system that allows students to purchase goods using their student ID. Students can put money on their ID at terminals throughout the campus. The security administrator was notified that computer science students have been using the network to illegally put money on their cards. The administrator would like to attempt to reproduce what the students are doing. Which of the following is the BEST course of action? 

A. Notify the transaction system vendor of the security vulnerability that was discovered. 

B. Use a protocol analyzer to reverse engineer the transaction system’s protocol. 

C. Contact the computer science students and threaten disciplinary action if they continue their actions. 

D. Install a NIDS in front of all the transaction system terminals. 

Answer:


Q10. - (Topic 5) 

A security administrator notices a recent increase in workstations becoming compromised by malware. Often, the malware is delivered via drive-by downloads, from malware hosting websites, and is not being detected by the corporate antivirus. Which of the following solutions would provide the BEST protection for the company? 

A. Increase the frequency of antivirus downloads and install updates to all workstations. 

B. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections. 

C. Deploy a NIPS to inspect and block all web traffic which may contain malware and exploits. 

D. Deploy a web based gateway antivirus server to intercept viruses before they enter the network. 

Answer: