Want to know Testking CAS-002 Exam practice test features? Want to lear more about CompTIA CompTIA Advanced Security Practitioner (CASP) certification experience? Study 100% Correct CompTIA CAS-002 answers to Updated CAS-002 questions at Testking. Gat a success with an absolute guarantee to pass CompTIA CAS-002 (CompTIA Advanced Security Practitioner (CASP)) test on your first attempt.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/CAS-002-exam-dumps.html
Q151. - (Topic 2)
A security auditor suspects two employees of having devised a scheme to steal money from the company. While one employee submits purchase orders for personal items, the other employee approves these purchase orders. The auditor has contacted the human resources director with suggestions on how to detect such illegal activities. Which of the following should the human resource director implement to identify the employees involved in these activities and reduce the risk of this activity occurring in the future?
A. Background checks
B. Job rotation
C. Least privilege
D. Employee termination procedures
Answer: B
Q152. - (Topic 2)
Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?
A. Deduplication
B. Data snapshots
C. LUN masking
D. Storage multipaths
Answer: C
Q153. - (Topic 5)
During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?
A. Implement an IPS to block the application on the network
B. Implement the remote application out to the rest of the servers
C. Implement SSL VPN with SAML standards for federation
D. Implement an ACL on the firewall with NAT for remote access
Answer: C
Q154. - (Topic 1)
A security engineer on a large enterprise network needs to schedule maintenance within a fixed window of time. A total outage period of four hours is permitted for servers. Workstations can undergo maintenance from 8:00 pm to 6:00 am daily. Which of the following can specify parameters for the maintenance work? (Select TWO).
A. Managed security service
B. Memorandum of understanding
C. Quality of service
D. Network service provider
E. Operating level agreement
Answer: B,E
Q155. - (Topic 3)
A health service provider is considering the impact of allowing doctors and nurses access to the internal email system from their personal smartphones. The Information Security Officer (ISO) has received a technical document from the security administrator explaining that the current email system is capable of enforcing security policies to personal smartphones, including screen lockout and mandatory PINs. Additionally, the system is able to remotely wipe a phone if reported lost or stolen. Which of the following should the Information Security Officer be MOST concerned with based on this scenario? (Select THREE).
A. The email system may become unavailable due to overload.
B. Compliance may not be supported by all smartphones.
C. Equipment loss, theft, and data leakage.
D. Smartphone radios can interfere with health equipment.
E. Data usage cost could significantly increase.
F. Not all smartphones natively support encryption.
G. Smartphones may be used as rogue access points.
Answer: B,C,F
Q156. - (Topic 4)
A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this policy. One system will be upgraded in six months, and two are not expected to be upgraded or removed from the network. Which of the following processes should be followed?
A. Establish a risk matrix
B. Inherit the risk for six months
C. Provide a business justification to avoid the risk
D. Provide a business justification for a risk exception
Answer: D
Q157. - (Topic 3)
The security administrator at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years. The security administrator is only able to find one year’s worth of email records on the server and is now concerned about the possible legal implications of not complying with the request. Which of the following should the security administrator check BEFORE responding to the request?
A. The company data privacy policies
B. The company backup logs and archives
C. The company data retention policies and guidelines
D. The company data retention procedures
Answer: B
Q158. - (Topic 5)
A security engineer wants to implement forward secrecy but still wants to ensure the number of requests handled by the web server is not drastically reduced due to the larger computational overheads. Browser compatibility is not a concern; however system performance is. Which of the following, when implemented, would BEST meet the engineer’s requirements?
A. DHE
B. ECDHE
C. AES128-SHA
D. DH
Answer: B
Q159. - (Topic 3)
After connecting to a secure payment server at https://pay.xyz.com, an auditor notices that the SSL certificate was issued to *.xyz.com. The auditor also notices that many of the internal development servers use the same certificate. After installing the certificate on dev1.xyz.com, one of the developers reports misplacing the USB thumb-drive where the SSL certificate was stored. Which of the following should the auditor recommend FIRST?
A. Generate a new public key on both servers.
B. Replace the SSL certificate on dev1.xyz.com.
C. Generate a new private key password for both servers.
D. Replace the SSL certificate on pay.xyz.com.
Answer: D
Q160. - (Topic 4)
A retail bank has had a number of issues in regards to the integrity of sensitive information across all of its customer databases. This has resulted in the bank’s share price decreasing in value by 50% and regulatory intervention and monitoring.
The new Chief Information Security Officer (CISO) as a result has initiated a program of work to solve the issues.
The business has specified that the solution needs to be enterprise grade and meet the following requirements:
In order to solve this problem, which of the following security solutions will BEST meet the above requirements? (Select THREE).
A. Implement a security operations center to provide real time monitoring and incident response with self service reporting capability.
B. Implement an aggregation based SIEM solution to be deployed on the log servers of the major platforms, applications, and infrastructure.
C. Implement a security operations center to provide real time monitoring and incident response and an event correlation dashboard with self service reporting capability.
D. Ensure that the network operations center has the tools to provide real time monitoring and incident response and an event correlation dashboard with self service reporting capabilities.
E. Implement an agent only based SIEM solution to be deployed on all major platforms, applications, and infrastructures.
F. Ensure appropriate auditing is enabled to capture the required information.
G. Manually pull the logs from the major platforms, applications, and infrastructures to a central secure server.
Answer: B,C,F