★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


Act now and download your CompTIA CAS-002 test today! Do not waste time for the worthless CompTIA CAS-002 tutorials. Download Updated CompTIA CompTIA Advanced Security Practitioner (CASP) exam with real questions and answers and begin to learn CompTIA CAS-002 with a classic professional.

2021 Feb certainteed cas-002:

Q21. - (Topic 1) 

An organization is concerned with potential data loss in the event of a disaster, and created a backup datacenter as a mitigation strategy. The current storage method is a single NAS used by all servers in both datacenters. Which of the following options increases data availability in the event of a datacenter failure? 

A. Replicate NAS changes to the tape backups at the other datacenter. 

B. Ensure each server has two HBAs connected through two routes to the NAS. 

C. Establish deduplication across diverse storage paths. 

D. Establish a SAN that replicates between datacenters. 

Answer:


Q22. - (Topic 1) 

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete? 

A. They should logon to the system using the username concatenated with the 6-digit code and their original password. 

B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code. 

C. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed. 

D. They should use the username format: first.lastname@company.com, together with a password and their 6-digit code. 

Answer:


Q23. - (Topic 5) 

A court order has ruled that your company must surrender all the email sent and received by a certain employee for the past five years. After reviewing the backup systems, the IT administrator concludes that email backups are not kept that long. Which of the following policies MUST be reviewed to address future compliance? 

A. Tape backup policies 

B. Offsite backup policies 

C. Data retention policies 

D. Data loss prevention policies 

Answer:


Q24. - (Topic 1) 

A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important? 

A. Insecure direct object references, CSRF, Smurf 

B. Privilege escalation, Application DoS, Buffer overflow 

C. SQL injection, Resource exhaustion, Privilege escalation 

D. CSRF, Fault injection, Memory leaks 

Answer:


Q25. - (Topic 3) 

In order for a company to boost profits by implementing cost savings on non-core business activities, the IT manager has sought approval for the corporate email system to be hosted in the cloud. The compliance officer has been tasked with ensuring that data lifecycle issues are taken into account. Which of the following BEST covers the data lifecycle end-to-end? 

A. Creation and secure destruction of mail accounts, emails, and calendar items 

B. Information classification, vendor selection, and the RFP process 

C. Data provisioning, processing, in transit, at rest, and de-provisioning 

D. Securing virtual environments, appliances, and equipment that handle email 

Answer:


Renewal comptia casp cas-002 pdf:

Q26. - (Topic 2) 

Which of the following represents important technical controls for securing a SAN storage infrastructure? (Select TWO). 

A. Synchronous copy of data 

B. RAID configuration 

C. Data de-duplication 

D. Storage pool space allocation 

E. Port scanning 

F. LUN masking/mapping 

G. Port mapping 

Answer: F,G 


Q27. - (Topic 2) 

An employee is performing a review of the organization’s security functions and noticed that there is some cross over responsibility between the IT security team and the financial fraud team. Which of the following security documents should be used to clarify the roles and responsibilities between the teams? 

A. BPA 

B. BIA 

C. MOU 

D. OLA 

Answer:


Q28. - (Topic 4) 

A new internal network segmentation solution will be implemented into the enterprise that consists of 200 internal firewalls. As part of running a pilot exercise, it was determined that it takes three changes to deploy a new application onto the network before it is operational. Security now has a significant affect on overall availability. Which of the following would be the FIRST process to perform as a result of these findings? 

A. Lower the SLA to a more tolerable level and perform a risk assessment to see if the solution could be met by another solution. Reuse the firewall infrastructure on other projects. 

B. Perform a cost benefit analysis and implement the solution as it stands as long as the risks are understood by the business owners around the availability issues. Decrease the current SLA expectations to match the new solution. 

C. Engage internal auditors to perform a review of the project to determine why and how the project did not meet the security requirements. As part of the review ask them to review the control effectiveness. 

D. Review to determine if control effectiveness is in line with the complexity of the solution. Determine if the requirements can be met with a simpler solution. 

Answer:


Q29. - (Topic 3) 

A data processing server uses a Linux based file system to remotely mount physical disks on a shared SAN. The server administrator reports problems related to processing of files where the file appears to be incompletely written to the disk. The network administration team has conducted a thorough review of all network infrastructure and devices and found everything running at optimal performance. Other SAN customers are unaffected. The data being processed consists of millions of small files being written to disk from a network source one file at a time. These files are then accessed by a local Java program for processing before being transferred over the network to a SE Linux host for processing. Which of the following is the MOST likely cause of the processing problem? 

A. The administrator has a PERL script running which disrupts the NIC by restarting the CRON process every 65 seconds. 

B. The Java developers accounted for network latency only for the read portion of the processing and not the write process. 

C. The virtual file system on the SAN is experiencing a race condition between the reads and writes of network files. 

D. The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors. 

Answer:


Q30. - (Topic 5) 

The Chief Risk Officer (CRO) has requested that the MTD, RTO and RPO for key business applications be identified and documented. Which of the following business documents would MOST likely contain the required values? 

A. MOU 

B. BPA 

C. RA 

D. SLA 

E. BIA 

Answer: