★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


Want to know Pass4sure CAS-002 Exam practice test features? Want to lear more about CompTIA CompTIA Advanced Security Practitioner (CASP) certification experience? Study Real CompTIA CAS-002 answers to Avant-garde CAS-002 questions at Pass4sure. Gat a success with an absolute guarantee to pass CompTIA CAS-002 (CompTIA Advanced Security Practitioner (CASP)) test on your first attempt.

Q61. - (Topic 4) 

The Universal Research Association has just been acquired by the Association of Medical Business Researchers. The new conglomerate has funds to upgrade or replace hardware as part of the acquisition, but cannot fund labor for major software projects. Which of the following will MOST likely result in some IT resources not being integrated? 

A. One of the companies may use an outdated VDI. 

B. Corporate websites may be optimized for different web browsers. 

C. Industry security standards and regulations may be in conflict. 

D. Data loss prevention standards in one company may be less stringent. 

Answer:


Q62. - (Topic 1) 

A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO’s requirement? 

A. GRC 

B. IPS 

C. CMDB 

D. Syslog-ng 

E. IDS 

Answer:


Q63. - (Topic 3) 

A health service provider is considering the impact of allowing doctors and nurses access to the internal email system from their personal smartphones. The Information Security Officer (ISO) has received a technical document from the security administrator explaining that the current email system is capable of enforcing security policies to personal smartphones, including screen lockout and mandatory PINs. Additionally, the system is able to remotely wipe a phone if reported lost or stolen. Which of the following should the Information Security Officer be MOST concerned with based on this scenario? (Select THREE). 

A. The email system may become unavailable due to overload. 

B. Compliance may not be supported by all smartphones. 

C. Equipment loss, theft, and data leakage. 

D. Smartphone radios can interfere with health equipment. 

E. Data usage cost could significantly increase. 

F. Not all smartphones natively support encryption. 

G. Smartphones may be used as rogue access points. 

Answer: B,C,F 


Q64. - (Topic 4) 

The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following: 

90.76.165.40 – - [08/Mar/2014:10:54:04] “GET calendar.php?create%20table%20hidden HTTP/1.1” 200 5724 

90.76.165.40 – - [08/Mar/2014:10:54:05] “GET ../../../root/.bash_history HTTP/1.1” 200 90.76.165.40 – - [08/Mar/2014:10:54:04] “GET index.php?user=<script>Create</script> HTTP/1.1” 200 5724 

The security administrator also inspects the following file system locations on the database server using the command ‘ls -al /root’ 

drwxrwxrwx 11 root root 4096 Sep 28 22:45 . 

drwxr-xr-x 25 root root 4096 Mar 8 09:30 .. 

-rws------ 25 root root 4096 Mar 8 09:30 .bash_history 

-rw------- 25 root root 4096 Mar 8 09:30 .bash_history 

-rw------- 25 root root 4096 Mar 8 09:30 .profile 

-rw------- 25 root root 4096 Mar 8 09:30 .ssh 

Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO). 

A. Privilege escalation 

B. Brute force attack 

C. SQL injection 

D. Cross-site scripting 

E. Using input validation, ensure the following characters are sanitized. <> 

F. Update crontab with: find / \( -perm -4000 \) –type f –print0 | xargs -0 ls –l | email.sh 

G. Implement the following PHP directive: $clean_user_input = addslashes($user_input) 

H. Set an account lockout policy 

Answer: A,F 


Q65. - (Topic 2) 

An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000, ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the accountant? 

A. $4,800 

B. $24,000 

C. $96,000 

D. $120,000 

Answer:


Q66. - (Topic 2) 

A finance manager says that the company needs to ensure that the new system can “replay” data, up to the minute, for every exchange being tracked by the investment departments. The finance manager also states that the company’s transactions need to be tracked against this data for a period of five years for compliance. How would a security engineer BEST interpret the finance manager’s needs? 

A. Compliance standards 

B. User requirements 

C. Data elements 

D. Data storage 

E. Acceptance testing 

F. Information digest 

G. System requirements 

Answer:


Q67. - (Topic 1) 

The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements? 

A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator. 

B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud. 

C. A SaaS based firewall which logs to the company’s local storage via SSL, and is managed by the change control team. 

D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware. 

Answer:


Q68. - (Topic 1) 

An insurance company is looking to purchase a smaller company in another country. Which of the following tasks would the security administrator perform as part of the security due diligence? 

A. Review switch and router configurations 

B. Review the security policies and standards 

C. Perform a network penetration test 

D. Review the firewall rule set and IPS logs 

Answer:


Q69. - (Topic 4) 

The Chief Information Security Officer (CISO) regularly receives reports of a single department repeatedly violating the corporate security policy. The head of the department in question informs the CISO that the offending behaviors are a result of necessary business activities. The CISO assigns a junior security administrator to solve the issue. Which of the following is the BEST course of action for the junior security administrator to take? 

A. Work with the department head to find an acceptable way to change the business needs so the department no longer violates the corporate security policy. 

B. Draft an RFP for the purchase of a COTS product or consulting services to solve the problem through implementation of technical controls. 

C. Work with the CISO and department head to create an SLA specifying the response times of the IT security department when incidents are reported. 

D. Draft an MOU for the department head and CISO to approve, documenting the limits of the necessary behavior, and actions to be taken by both teams. 

Answer:


Q70. - (Topic 5) 

A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The sales team is continuously contacting the security administrator to answer security questions posed by potential customers/clients. Which of the following is the BEST strategy to minimize the frequency of these requests? 

A. Request the major stakeholder hire a security liaison to assist the sales team with security-related questions. 

B. Train the sales team about basic security, and make them aware of the security policies and procedures of the company. 

C. The job description of the security administrator is to assist the sales team; thus the process should not be changed. 

D. Compile a list of the questions, develop an FAQ on the website, and train the sales team about basic security concepts. 

Answer: