Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Testking CAS-002 exam study guides now. We will not let you down with our money-back guarantee.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/CAS-002-exam-dumps.html
P.S. Free CAS-002 training tools are available on Google Drive, GET MORE: https://drive.google.com/open?id=1i-DSDDbU7Ij9pDq-9iid94VozRUrxe72
New CompTIA CAS-002 Exam Dumps Collection (Question 6 - Question 15)
New Questions 6
A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The sales team is continuously contacting the security administrator to answer security questions posed by potential customers/clients. Which of the following is the BEST strategy to minimize the frequency of these requests?
A. Request the major stakeholder hire a security liaison to assist the sales team with security-related questions.
B. Train the sales team about basic security, and make them aware of the security policies and procedures of the company.
C. The job description of the security administrator is to assist the sales team; thus the process should not be changed.
D. Compile a list of the questions, develop an FAQ on the website, and train the sales team about basic security concepts.
Answer: D
New Questions 7
A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers?
A. SSL certificate revocation
B. SSL certificate pinning
A. C. Mobile device root-kit detection
D. Extended Validation certificates
Answer: B
New Questions 8
An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?
A. Ensure the SaaS provider supports dual factor authentication.
B. Ensure the SaaS provider supports encrypted password transmission and storage.
C. Ensure the SaaS provider supports secure hash file exchange.
D. Ensure the SaaS provider supports role-based access control.
E. Ensure the SaaS provider supports directory services federation.
Answer: E
New Questions 9
A system administrator has a responsibility to maintain the security of the video teleconferencing system. During a self-audit of the video teleconferencing room, the administrator notices that speakers and microphones are hard-wired and wireless enabled. Which of the following security concerns should the system administrator have about the existing technology in the room?
A. Wired transmissions could be intercepted by remote users.
B. Bluetooth speakers could cause RF emanation concerns.
C. Bluetooth is an unsecure communication channel.
D. Wireless transmission causes interference with the video signal.
Answer: C
New Questions 10
A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organizationu2021s customer database. The database will be accessed by both the companyu2021s users and its customers. The procurement department has asked what security activities must be performed for the deal to proceed. Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO).
A. Physical penetration test of the datacenter to ensure there are appropriate controls.
B. Penetration testing of the solution to ensure that the customer data is well protected.
C. Security clauses are implemented into the contract such as the right to audit.
D. Review of the organizations security policies, procedures and relevant hosting certifications.
E. Code review of the solution to ensure that there are no back doors located in the software.
Answer: C,D
New Questions 11
An external auditor has found that IT security policies in the organization are not maintained and in some cases are nonexistent. As a result of the audit findings, the CISO has been tasked with the objective of establishing a mechanism to manage the lifecycle of IT security policies. Which of the following can be used to BEST achieve the CISOu2021s objectives?
A. CoBIT
B. UCF
C. ISO 27002
D. eGRC
Answer: D
New Questions 12
A large international business has completed the acquisition of a small business and it is now in the process of integrating the small businessu2021 IT department. Both parties have agreed that the large business will retain 95% of the smaller businessu2021 IT staff. Additionally, the larger business has a strong interest in specific processes that the smaller business has in place to handle its regional interests. Which of the following IT security related objectives should the small businessu2021 IT staff consider reviewing during the integration process? (Select TWO).
A. How the large business operational procedures are implemented.
B. The memorandum of understanding between the two businesses.
C. New regulatory compliance requirements.
D. Service level agreements between the small and the large business.
E. The initial request for proposal drafted during the merger.
F. The business continuity plan in place at the small business.
Answer: A,C
New Questions 13
A system administrator needs to meet the maximum amount of security goals for a new DNS infrastructure. The administrator deploys DNSSEC extensions to the domain names and infrastructure. Which of the following security goals does this meet? (Select TWO).
A. Availability
B. Authentication
C. Integrity
D. Confidentiality
E. Encryption
Answer: B,C
New Questions 14
The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. The helpdesk staff is currently unable to perform effective troubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff is located within the company headquarters and 90% of the callers are telecommuters, which of the following tools should the helpdesk manager use to make the staff more effective at troubleshooting while at the same time reducing company costs? (Select TWO).
A. Web cameras
B. Email
C. Instant messaging
D. BYOD
E. Desktop sharing
F. Presence
Answer: C,E
New Questions 15
An IT administrator has been tasked by the Chief Executive Officer with implementing security using a single device based on the following requirements:
1. Selective sandboxing of suspicious code to determine malicious intent.
2. VoIP handling for SIP and H.323 connections.
3. Block potentially unwanted applications.
1. Which of the following devices would BEST meet all of these requirements?
A. UTM
B. HIDS
C. NIDS
D. WAF
E. HSM
Answer: A
P.S. Easily pass CAS-002 Exam with Surepassexam Free Dumps & pdf vce, Try Free: https://www.surepassexam.com/CAS-002-exam-dumps.html (532 New Questions)