1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 191:

    A database administrator comes across the below records in one of the databases during an internal audit of the payment system:

    UserIDAddressCredit Card No.Password

    jsmith123 fake street55XX-XXX-XXXX-1397Password100

    jqdoe234 fake street42XX-XXX-XXXX-202717DEC12

    From a security perspective, which of the following should be the administrator's GREATEST concern, and what will correct the concern?

    A. Concern: Passwords are stored in plain text. Correction: Require a minimum of 8 alphanumeric characters and hash the password.
    B. Concern: User IDs are also usernames, and could be enumerated, thereby disclosing sensitive account information. Correction: Require user IDs to be more complex by using alphanumeric characters and hash the UserIDs.
    C. Concern: User IDs are confidential private information. Correction: Require encryption of user IDs.
    D. Concern: More than four digits within a credit card number are stored. Correction: Only store the last four digits of a credit card to protect sensitive financial information.

  • Question 192:

    A systems administrator establishes a CIFS share on a Unix device to share data to windows systems. The security authentication on the windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the Unix share. Which of the following settings on the Unix server is the cause of this problem?

    A. Refuse LM and only accept NTLMv2
    B. Accept only LM
    C. Refuse NTLMv2 and accept LM
    D. Accept only NTLM

  • Question 193:

    ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone?

    A. Ensure hypervisor layer firewalling between all VM hosts regardless of security zone.
    B. Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s).
    C. Organize VM hosts into containers based on security zone and restrict access using an ACL.
    D. Require multi-factor authentication when accessing the console at the physical VM host.

  • Question 194:

    Continuous monitoring is a popular risk reduction technique in many large organizations with formal certification processes for IT projects. In order to implement continuous monitoring in an effective manner which of the following is correct?

    A. Only security related alerts should be forwarded to the network team for resolution.
    B. All logs must be centrally managed and access to the logs restricted only to data storage staff.
    C. Logging must be set appropriately and alerts delivered to security staff in a timely manner.
    D. Critical logs must be monitored hourly and adequate staff must be assigned to the network team.

  • Question 195:

    A large enterprise is expanding through the acquisition of a second corporation. Which of the following should be undertaken FIRST before connecting the networks of the newly formed entity?

    A. A system and network scan to determine if all of the systems are secure.
    B. Implement a firewall/DMZ system between the networks.
    C. Develop a risk analysis for the merged networks.
    D. Conduct a complete review of the security posture of the acquired corporation.

  • Question 196:

    As part of the ongoing information security plan in a large software development company, the Chief Information officer (CIO) has decided to review and update the company's privacy policies and procedures to reflect the changing business environment and business requirements.

    Training and awareness of the new policies and procedures has been incorporated into the security awareness program which should be:

    A. presented by top level management to only data handling staff.
    B. customized for the various departments and staff roles.
    C. technical in nature to ensure all development staff understand the procedures.
    D. used to promote the importance of the security department.

  • Question 197:

    Which of the following are components defined within an Enterprise Security Architecture Framework? (Select THREE).

    A. Implementation run-sheets
    B. Solution designs
    C. Business capabilities
    D. Solution architectures
    E. Business requirements documents
    F. Reference models
    G. Business cases
    H. Business vision and drivers

  • Question 198:

    The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important?

    A. What are the protections against MITM?
    B. What accountability is built into the remote support application?
    C. What encryption standards are used in tracking database?
    D. What snapshot or "undo" features are present in the application?
    E. What encryption standards are used in remote desktop and file transfer functionality?

  • Question 199:

    The audit department at a company requires proof of exploitation when conducting internal network penetration tests. Which of the following provides the MOST conclusive proof of compromise without further compromising the integrity of the system?

    A. Provide a list of grabbed service banners.
    B. Modify a file on the system and include the path in the test's report.
    C. Take a packet capture of the test activity.
    D. Add a new test user account on the system.

  • Question 200:

    A finance manager says that the company needs to ensure that the new system can "replay" data, up to the minute, for every exchange being tracked by the investment departments. The finance manager also states that the company's transactions need to be tracked against this data for a period of five years for compliance. How would a security engineer BEST interpret the finance manager's needs?

    A. Compliance standards
    B. User requirements
    C. Data elements
    D. Data storage
    E. Acceptance testing
    F. Information digest
    G. System requirements

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.