CompTIA CAS-002 ExamCompTIA Advanced Security Practitioner (CASP)

Total Question: 532 Last Updated: May 19,2017
  • Updated CAS-002 Dumps
  • Based on Real CAS-002 Exams Scenarios
  • Free CAS-002 pdf Demo Available
  • Check out our CAS-002 Dumps in a new PDF format
  • Instant CAS-002 download
  • Guarantee CAS-002 success in first attempt

Price: $110.95 $55.95

Buy Now Free Trial
PDF Version Software Version

100% Guarantee on Products High Success Rate, supported by our 99.3% pass rate history and money back guarantee should you fail your exam.

Updated regularly Get hold of Updated Exam Materials Every time. Free updates without any extra charges to the actual exam.

CAS-002 PDF Questions & Answers Available in a universal Adobe PDF format. Portable and printable anywhere anytime.

Quality and Value Exact Exam Questions with Correct Answers, verified by Experts with years of Experience in IT Field.

Customizable Testing Engine Simulates a real world exam environment to prepare you for CAS-002 Success.

Unlimited Practice CAS-002 Exam Re-takes Practice Until you get it right. With options to Highlight missed questions, you can analyse your mistakes and prepare for Ultimate CAS-002 Success.

Special Promotion More than 30% Discount for Royal Pack.

What Update CAS-002 Is?

Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Actualtests CAS-002 exam study guides now. We will not let you down with our money-back guarantee.

Q291. - (Topic 5) 

An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following controls should be implemented to mitigate the attack in the future? 

A. Use PAP for secondary authentication on each RADIUS server 

B. Disable unused EAP methods on each RADIUS server 

C. Enforce TLS connections between RADIUS servers 

D. Use a shared secret for each pair of RADIUS servers 

Answer:


Q292. - (Topic 4) 

Company A needs to export sensitive data from its financial system to company B’s database, using company B’s API in an automated manner. Company A’s policy prohibits the use of any intermediary external systems to transfer or store its sensitive data, therefore the transfer must occur directly between company A’s financial system and company B’s destination server using the supplied API. Additionally, company A’s legacy financial software does not support encryption, while company B’s API supports encryption. Which of the following will provide end-to-end encryption for the data transfer while adhering to these requirements? 

A. Company A must install an SSL tunneling service on the financial system. 

B. Company A’s security administrator should use an HTTPS capable browser to transfer the data. 

C. Company A should use a dedicated MPLS circuit to transfer the sensitive data to company B. 

D. Company A and B must create a site-to-site IPSec VPN on their respective firewalls. 

Answer:


Q293. - (Topic 3) 

Several business units have requested the ability to use collaborative web-based meeting places with third party vendors. Generally these require user registration, installation of client-based ActiveX or Java applets, and also the ability for the user to share their desktop in read-only or read-write mode. In order to ensure that information security is not compromised, which of the following controls is BEST suited to this situation? 

A. Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation. 

B. Hire an outside consultant firm to perform both a quantitative and a qualitative risk-based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur. 

C. Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked. 

D. Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited. 

Answer:


Q294. - (Topic 4) 

A company has implemented data retention policies and storage quotas in response to their legal department's requests and the SAN administrator's recommendation. The retention policy states all email data older than 90 days should be eliminated. As there are no technical controls in place, users have been instructed to stick to a storage quota of 500Mb of network storage and 200Mb of email storage. After being presented with an e-discovery request from an opposing legal council, the security administrator discovers that the user in the suit has 1Tb of files and 300Mb of email spanning over two years. Which of the following should the security administrator provide to opposing council? 

A. Delete files and email exceeding policy thresholds and turn over the remaining files and email. 

B. Delete email over the policy threshold and hand over the remaining emails and all of the files. 

C. Provide the 1Tb of files on the network and the 300Mb of email files regardless of age. 

D. Provide the first 200Mb of e-mail and the first 500Mb of files as per policy. 

Answer:


Q295. - (Topic 2) 

After reviewing a company’s NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS export. The security administrator decides to remove the no_root_squash directive from the export and add the nosuid directive. Which of the following is true about the security controls implemented by the security administrator? 

A. The newly implemented security controls are in place to ensure that NFS encryption can only be controlled by the root user. 

B. Removing the no_root_squash directive grants the root user remote NFS read/write access to important files owned by root on the NAS. 

C. Users with root access on remote NFS client computers can always use the SU command to modify other user’s files on the NAS. 

D. Adding the nosuid directive disables regular users from accessing files owned by the root user over NFS even after using the SU command. 

Answer:


Q296. - (Topic 3) 

A large financial company has a team of security-focused architects and designers that contribute into broader IT architecture and design solutions. Concerns have been raised due to the security contributions having varying levels of quality and consistency. It has been agreed that a more formalized methodology is needed that can take business drivers, capabilities, baselines, and re-usable patterns into account. Which of the following would BEST help to achieve these objectives? 

A. Construct a library of re-usable security patterns 

B. Construct a security control library 

C. Introduce an ESA framework 

D. Include SRTM in the SDLC 

Answer:


Q297. - (Topic 1) 

News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit, network mapping and fingerprinting is conducted to prepare for further exploitation. Which of the following is the MOST effective solution to protect against unrecognized malware infections? 

A. Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology. 

B. Implement an application whitelist at all levels of the organization. 

C. Deploy a network based heuristic IDS, configure all layer 3 switches to feed data to the IDS for more effective monitoring. 

D. Update router configuration to pass all network traffic through a new proxy server with advanced malware detection. 

Answer:


Q298. - (Topic 2) 

The IT Security Analyst for a small organization is working on a customer’s system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion? 

A. Contact the local authorities so an investigation can be started as quickly as possible. 

B. Shut down the production network interfaces on the server and change all of the DBMS account passwords. 

C. Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed. 

D. Refer the issue to management for handling according to the incident response process. 

Answer:


Q299. - (Topic 4) 

Company ABC will test connecting networks with Company XYZ as part of their upcoming merger and are both concerned with minimizing security exposures to each others network throughout the test. Which of the following is the FIRST thing both sides should do prior to connecting the networks? 

A. Create a DMZ to isolate the two companies and provide a security inspection point for all inter-company network traffic. 

B. Determine the necessary data flows between the two companies. 

C. Implement a firewall that restricts everything except the IPSec VPN traffic connecting the two companies. 

D. Implement inline NIPS on the connection points between the two companies. 

Answer:


Q300. - (Topic 2) 

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE). 

A. Check log files for logins from unauthorized IPs. 

B. Check /proc/kmem for fragmented memory segments. 

C. Check for unencrypted passwords in /etc/shadow. 

D. Check timestamps for files modified around time of compromise. 

E. Use lsof to determine files with future timestamps. 

F. Use gpg to encrypt compromised data files. 

G. Verify the MD5 checksum of system binaries. 

H. Use vmstat to look for excessive disk I/O. 

Answer: A,D,G 


Related CAS-002 Articles

best-it-exam-    | for-our-work-    | hottst-on-sale-    | it-sale-    | tast-dumps-us-    | test-king-number-    | pass-do-it-    | just-do-it-    | pass-with-us-    | passresults-everything-    | passtutor-our-dumps-    | realtests-us-exam-    | latest-update-source-for-    | cbtnuggets-sale-exam    | experts-revised-exam    | certguide-sale-exam    | test4actual-sale-exam    | get-well-prepared-    | certkiller-sale-exam    | buy-discount-dumps    | how-to-get-prepared-for-the    | in-an-easy-way    | brain-dumps-sale    | with-pass-exam-guarantee    | accurate-study-material    | at-first-try    | 100%-successful-rate    | get-certification-easily    | material-provider-exam    | real-exam-practice    | with-pass-score-guarantee    | certification-material-provider    | for-certification-professionals    | get-your-certification-successfully    | 100%-Pass-Rate    | in-pdf-file    | practice-exam-for    | it-study-guides    | study-material-sku    | study-guide-pdf    | prep-guide-demo    | certification-material-id    | actual-tests-demo    | brain-demos-test    | best-pdf-download    | our-certification-material    | best-practice-test    | leading-provider-on    | this-course-is-about    | the-most-reliable    | high-pass-rate-of    | money-back-guarantee    | high-pass-rate-demo    | recenty-updated-key    | only-for-students-free-download    | courseware-plus-kit-for    | accurate-answers-of    | the-most-reliable-id    | provide-training-for    | welcome-to-buy    | material-for-success-pass    | provide-free-support    | best-book-for-pass    | accuracy-of-the-answers    | pass-guarantee-id    |
http://rent4you.pt/    | http://rent4you.pt/    |