★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


CompTIA certification may be the planets many well-respected worldwide certification. So CAS-002 is extremely required for those who find themselves stressed to penetrate the IT company. But its very hard for those who are hectic operating or learning to pass through the CompTIA Advanced Security Practitioner (CASP) check. Pass4sure CompTIA CAS-002 study instructions will help you conserving a great deal of time,energy and useful resource within the CAS-002 check. You can manage this particular CAS-002 check effectively simply by the CAS-002 pdf and check motor. We are able to keep the merchandise promptly and invite people to learn CompTIA knowledge quickly. You can even obtain the CompTIA CAS-002 pdf test edition free.

2021 Apr CAS-002 exam prep

Q31. - (Topic 2) 

A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the following would BEST help the executives meet this goal? 

A. Install GSM tracking on each product for end-to-end delivery visibility. 

B. Implement geo-fencing to track products. 

C. Require drivers to geo-tag documentation at each delivery location. 

D. Equip each truck with an RFID tag for location services. 

Answer:


Q32. - (Topic 4) 

Three companies want to allow their employees to seamlessly connect to each other’s wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companies’ wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement? 

A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation. 

B. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID. 

C. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates. 

D. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller. 

Answer:


Q33. - (Topic 1) 

A popular commercial virtualization platform allows for the creation of virtual hardware. To virtual machines, this virtual hardware is indistinguishable from real hardware. By implementing virtualized TPMs, which of the following trusted system concepts can be implemented? 

A. Software-based root of trust 

B. Continuous chain of trust 

C. Chain of trust with a hardware root of trust 

D. Software-based trust anchor with no root of trust 

Answer:


Q34. - (Topic 2) 

The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15% per year in each of the last four years, but that this year’s growth has slowed to around 7%. Over the same time period, the number of attacks against applications has decreased or stayed flat each year. At the start of the measure period, the incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago, the growth in the number of PC boot loader attacks has grown exponentially. Analysis of these trends would seem to suggest which of the following strategies should be employed? 

A. Spending on SCADA protections should stay steady; application control spending should increase substantially and spending on PC boot loader controls should increase substantially. 

B. Spending on SCADA security controls should stay steady; application control spending should decrease slightly and spending on PC boot loader protections should increase substantially. 

C. Spending all controls should increase by 15% to start; spending on application controls should be suspended, and PC boot loader protection research should increase by 100%. 

D. Spending on SCADA security controls should increase by 15%; application control spending should increase slightly, and spending on PC boot loader protections should remain steady. 

Answer:


Q35. - (Topic 1) 

A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this information and why would it be valuable? 

A. This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection. 

B. This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network. 

C. This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections. 

D. This information can be found by querying the network’s DNS servers, and is valuable because backup DNS servers typically allow recursive queries from Internet hosts. 

Answer:


Avant-garde CAS-002 practice:

Q36. - (Topic 2) 

ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone? 

A. Ensure hypervisor layer firewalling between all VM hosts regardless of security zone. 

B. Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s). 

C. Organize VM hosts into containers based on security zone and restrict access using an ACL. 

D. Require multi-factor authentication when accessing the console at the physical VM host. 

Answer:


Q37. - (Topic 5) 

A large organization that builds and configures every data center against distinct requirements loses efficiency, which results in slow response time to resolve issues. However, total uniformity presents other problems. Which of the following presents the GREATEST risk when consolidating to a single vendor or design solution? 

A. Competitors gain an advantage by increasing their service offerings. 

B. Vendor lock in may prevent negotiation of lower rates or prices. 

C. Design constraints violate the principle of open design. 

D. Lack of diversity increases the impact of specific events or attacks. 

Answer:


Q38. - (Topic 2) 

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system? 

A. Isolate the system on a secure network to limit its contact with other systems 

B. Implement an application layer firewall to protect the payroll system interface 

C. Monitor the system’s security log for unauthorized access to the payroll application 

D. Perform reconciliation of all payroll transactions on a daily basis 

Answer:


Q39. - (Topic 4) 

An external auditor has found that IT security policies in the organization are not maintained and in some cases are nonexistent. As a result of the audit findings, the CISO has been tasked with the objective of establishing a mechanism to manage the lifecycle of IT security policies. Which of the following can be used to BEST achieve the CISO’s objectives? 

A. CoBIT 

B. UCF 

C. ISO 27002 

D. eGRC 

Answer:


Q40. - (Topic 3) 

An intrusion detection system logged an attack attempt from a remote IP address. One week later, the attacker successfully compromised the network. Which of the following MOST likely occurred? 

A. The IDS generated too many false negatives. 

B. The attack occurred after hours. 

C. The IDS generated too many false positives. 

D. No one was reviewing the IDS event logs. 

Answer: