1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 201:

    In order to reduce cost and improve employee satisfaction, a large corporation has decided to allow personal communication devices to access email and to remotely connect to the corporate network. Which of the following security measures should the IT organization implement? (Select TWO).

    A. A device lockdown according to policies
    B. An IDS on the internal networks
    C. A data disclosure policy
    D. A privacy policy
    E. Encrypt data in transit for remote access

  • Question 202:

    Unit testing for security functionality and resiliency to attack, as well as developing secure code and exploit mitigation, occur in which of the following phases of the Secure Software Development Lifecycle?

    A. Secure Software Requirements
    B. Secure Software Implementation
    C. Secure Software Design
    D. Software Acceptance

  • Question 203:

    A developer has implemented a piece of client-side JavaScript code to sanitize a user's provided input to a web page login screen. The code ensures that only the upper case and lower case letters are entered in the username field, and that only a 6-digit PIN is entered in the password field. A security administrator is concerned with the following web server log:

    10.235.62.11 -- [02/Mar/2014:06:13:04] "GET /site/script.php?user=adminandpass=pass%20or%201=1 HTTP/1.1" 200 5724

    Given this log, which of the following is the security administrator concerned with and which fix should be implemented by the developer?

    A. The security administrator is concerned with nonprintable characters being used to gain administrative access, and the developer should strip all nonprintable characters.
    B. The security administrator is concerned with XSS, and the developer should normalize Unicode characters on the browser side.
    C. The security administrator is concerned with SQL injection, and the developer should implement server side input validation.
    D. The security administrator is concerned that someone may log on as the administrator, and the developer should ensure strong passwords are enforced.

  • Question 204:

    An employee is performing a review of the organization's security functions and noticed that there is some cross over responsibility between the IT security team and the financial fraud team. Which of the following security documents should be used to clarify the roles and responsibilities between the teams?

    A. BPA
    B. BIA
    C. MOU
    D. OLA

  • Question 205:

    A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame as to whose fault it was that the incident occurred. In which part of the incident response phase would this be addressed in a controlled and productive manner?

    A. During the Identification Phase
    B. During the Lessons Learned phase
    C. During the Containment Phase
    D. During the Preparation Phase

  • Question 206:

    Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. Which of the following would be the advantage of conducting this kind of penetration test?

    A. The risk of unplanned server outages is reduced.
    B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on.
    C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness.
    D. The results should reflect what attackers may be able to learn about the company.

  • Question 207:

    During an incident involving the company main database, a team of forensics experts is hired to respond to the breach. The team is in charge of collecting forensics evidence from the company's database server. Which of the following is the correct order in which the forensics team should engage?

    A. Notify senior management, secure the scene, capture volatile storage, capture non- volatile storage, implement chain of custody, and analyze original media.
    B. Take inventory, secure the scene, capture RAM, capture had drive, implement chain of custody, document, and analyze the data.
    C. Implement chain of custody, take inventory, secure the scene, capture volatile and non- volatile storage, and document the findings.
    D. Secure the scene, take inventory, capture volatile storage, capture non-volatile storage, document, and implement chain of custody.

  • Question 208:

    A security administrator at Company XYZ is trying to develop a body of knowledge to enable heuristic and behavior based security event monitoring of activities on a geographically distributed network. Instrumentation is chosen to allow for monitoring and measuring the network. Which of the following is the BEST methodology to use in establishing this baseline?

    A. Model the network in a series of VMs; instrument the systems to record comprehensive metrics; run a large volume of simulated data through the model; record and analyze results; document expected future behavior.
    B. Completely duplicate the network on virtual machines; replay eight hours of captured corporate network traffic through the duplicate network; instrument the network; analyze the results; document the baseline.
    C. Instrument the operational network; simulate extra traffic on the network; analyze net flow information from all network devices; document the baseline volume of traffic.
    D. Schedule testing on operational systems when users are not present; instrument the systems to log all network traffic; monitor the network for at least eight hours; analyze the results; document the established baseline.

  • Question 209:

    Several business units have requested the ability to use collaborative web-based meeting places with third party vendors. Generally these require user registration, installation of client-based ActiveX or Java applets, and also the ability for the user to share their desktop in read-only or read-write mode. In order to ensure that information security is not compromised, which of the following controls is BEST suited to this situation?

    A. Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation.
    B. Hire an outside consultant firm to perform both a quantitative and a qualitative risk- based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur.
    C. Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked.
    D. Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited.

  • Question 210:

    A software project manager has been provided with a requirement from the customer to place limits on the types of transactions a given user can initiate without external interaction from another user with elevated privileges. This requirement is BEST described as an implementation of:

    A. an administrative control
    B. dual control
    C. separation of duties
    D. least privilege
    E. collusion

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.