CAS-002 Guide

CAS-002 Exam Royal Pack (In Stock.)

 
  • CompTIA
  • Exam Number/Code CAS-002
  • Product Name CompTIA Advanced Security Practitioner (CASP)
  • Questions and Answers
  • 532 Q&As
  • Last Updated
  • Jun 18,2018
  • List Price
  • $128.99
  • Price
  • Today 49.99 USD

Free TrialVersion: demo Buy Now 50% OFF

10 Tips For CAS-002 candidates

Exambible offers free demo for CAS-002 exam. "CompTIA Advanced Security Practitioner (CASP)", also known as CAS-002 exam, is a CompTIA Certification. This set of posts, Passing the CompTIA CAS-002 exam, will help you answer those questions. The CAS-002 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA CAS-002 exams and revised by experts!

P.S. Breathing CAS-002 pdf are available on Google Drive, GET MORE: https://drive.google.com/open?id=1o83EG0ADisGFtGQxvx-BzUZbRUif5wko


New CompTIA CAS-002 Exam Dumps Collection (Question 15 - Question 24)

Q15. A financial institution wants to reduce the costs associated with managing and

troubleshooting employeesu2019 desktops and applications, while keeping employees from copying data onto external storage. The Chief Information Officer (CIO) has asked the security team to evaluate four solutions submitted by the change management group. Which of the following BEST accomplishes this task?

A. Implement desktop virtualization and encrypt all sensitive data at rest and in transit.

B. Implement server virtualization and move the application from the desktop to the server.

C. Implement VDI and disable hardware and storage mapping from the thin client.

D. Move the critical applications to a private cloud and disable VPN and tunneling.

Answer: C


Q16. A helpdesk manager at a financial company has received multiple reports from employees and customers that their phone calls sound metallic on the voice system. The helpdesk has been using VoIP lines encrypted from the handset to the PBX for several years. Which of the following should be done to address this issue for the future?

A. SIP session tagging and QoS

B. A dedicated VLAN

A. C. Lower encryption setting

D. Traffic shaping

Answer: B


Q17. A recently hired security administrator is advising developers about the secure integration of a legacy in-house application with a new cloud based processing system. The systems must exchange large amounts of fixed format data such as names, addresses, and phone numbers, as well as occasional chunks of data in unpredictable formats. The developers want to construct a new data format and create custom tools to parse and process the data. The security administrator instead suggests that the developers:

A. Create a custom standard to define the data.

B. Use well formed standard compliant XML and strict schemas.

C. Only document the data format in the parsing application code.

D. Implement a de facto corporate standard for all analyzed data.

Answer: B


Q18. New zero-day attacks are announced on a regular basis against a broad range of technology systems. Which of the following best practices should a security manager do to manage the risks of these attack vectors? (Select TWO).

A. Establish an emergency response call tree.

B. Create an inventory of applications.

C. Backup the router and firewall configurations.

D. Maintain a list of critical systems.

E. Update all network diagrams.

Answer: B,D


Q19. A storage as a service company implements both encryption at rest as well as encryption in transit of customersu2019 data. The security administrator is concerned with the overall security of the encrypted customer data stored by the company servers and wants the development team to implement a solution that will strengthen the customeru2019s encryption key. Which of the following, if implemented, will MOST increase the time an offline password attack against the customersu2019 data would take?

A. key = NULL ; for (int i=0; i<5000; i++) { key = sha(key + password) }

B. password = NULL ; for (int i=0; i<10000; i++) { password = sha256(key) }

C. password = password + sha(password+salt) + aes256(password+salt)

D. key = aes128(sha256(password), password))

Answer: A


Q20. A security researcher is about to evaluate a new secure VoIP routing appliance. The appliance manufacturer claims the new device is hardened against all known attacks and several un-disclosed zero day exploits. The code base used for the device is a combination of compiled C and TC/TKL scripts. Which of the following methods should the security research use to enumerate the ports and protocols in use by the appliance?

A. Device fingerprinting

B. Switchport analyzer

C. Grey box testing

D. Penetration testing

Answer: A


Q21. A business wants to start using social media to promote the corporation and to ensure that customers have a good experience with their products. Which of the following security items should the company have in place before implementation? (Select TWO).

A. The company must dedicate specific staff to act as social media representatives of the company.

B. All staff needs to be instructed in the proper use of social media in the work environment.

C. Senior staff blogs should be ghost written by marketing professionals.

D. The finance department must provide a cost benefit analysis for social media.

E. The security policy needs to be reviewed to ensure that social media policy is properly implemented.

F. The company should ensure that the company has sufficient bandwidth to allow for social media traffic.

Answer: A,E


Q22. A small company is developing a new Internet-facing web application. The security requirements are:

Users of the web application must be uniquely identified and authenticated.

Users of the web application will not be added to the companyu2019s directory services.

Passwords must not be stored in the code. Which of the following meets these requirements?

A. Use OpenID and allow a third party to authenticate users.

B. Use TLS with a shared client certificate for all users.

C. Use SAML with federated directory services.

D. Use Kerberos and browsers that support SAML.

Answer: A


Q23. An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability?

A. Source code vulnerability scanning

B. Time-based access control lists

C. ISP to ISP network jitter

D. File-size validation

E. End to end network encryption

Answer: B


Q24. Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components of the proprietary web application before launch. Which of the following is the penetration tester MOST likely to use while performing black box testing of the security of the companyu2019s purchased application? (Select TWO).

A. Code review

B. Sandbox

C. Local proxy

D. Fuzzer

E. Web vulnerability scanner

Answer: C,D


P.S. Easily pass CAS-002 Exam with Allfreedumps Breathing Dumps & pdf vce, Try Free: https://www.allfreedumps.com/CAS-002-dumps.html (532 New Questions)


To know more about the CAS-002, click here.

Tagged as : CompTIA CAS-002 Dumps, Download CAS-002 pdf, CAS-002 VCE, CAS-002 pass4sure, examcollection CAS-002