1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 251:

    An administrator wants to integrate the Credential Security Support Provider (CredSSP) protocol network level authentication (NLA) into the remote desktop terminal services environment. Which of the following are supported authentication or encryption methods to use while implementing this? (Select THREE).

    A. Kerberos
    B. NTLM
    C. RADIUS
    D. TACACS+
    E. TLS
    F. HMAC
    G. Camellia

  • Question 252:

    A technician states that workstations that are on the network in location B are unable to validate certificates, while workstations that are on the main location A's network are having no issues. Which of the following methods allows a certificate to be validated by a single server that returns the validity of that certificate?

    A. XACML
    B. OCSP
    C. ACL
    D. CRL

  • Question 253:

    A security manager has started a new job and has identified that a key application for a new client does not have an accreditation status and is currently not meeting the compliance requirement for the contract's SOW. The security manager has competing priorities and wants to resolve this issue quickly with a system determination and risk assessment. Which of the following approaches presents the MOST risk to the security assessment?

    A. The security manager reviews the system description for the previous accreditation, but does not review application change records.
    B. The security manager decides to use the previous SRTM without reviewing the system description.
    C. The security manager hires an administrator from the previous contract to complete the assessment.
    D. The security manager does not interview the vendor to determine if the system description is accurate.

  • Question 254:

    A production server has been compromised. Which of the following is the BEST way to preserve the non- volatile evidence?

    A. Shut the server down and image the hard drive.
    B. Remove all power sources from the server.
    C. Install remote backup software and copy data to write-once media.
    D. Login remotely and perform a full backup of the server.

  • Question 255:

    After connecting to a secure payment server at https://pay.xyz.com, an auditor notices that the SSL certificate was issued to *.xyz.com. The auditor also notices that many of the internal development servers use the same certificate. After installing the certificate on dev1.xyz.com, one of the developers reports misplacing the USB thumb-drive where the SSL certificate was stored. Which of the following should the auditor recommend FIRST?

    A. Generate a new public key on both servers.
    B. Replace the SSL certificate on dev1.xyz.com.
    C. Generate a new private key password for both servers.
    D. Replace the SSL certificate on pay.xyz.com.

  • Question 256:

    A security audit has uncovered that some of the encryption keys used to secure the company B2B financial transactions with its partners may be too weak. The security administrator needs to implement a process to ensure that financial transactions will not be compromised if a weak encryption key is found. Which of the following should the security administrator implement?

    A. Entropy should be enabled on all SSLv2 transactions.
    B. AES256-CBC should be implemented for all encrypted data.
    C. PFS should be implemented on all VPN tunnels.
    D. PFS should be implemented on all SSH connections.

  • Question 257:

    Which of the following should be used to identify overflow vulnerabilities?

    A. Fuzzing
    B. Input validation
    C. Privilege escalation
    D. Secure coding standards

  • Question 258:

    Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete?

    A. They should logon to the system using the username concatenated with the 6-digit code and their original password.
    B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code.
    C. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed.
    D. They should use the username format: [email protected], together with a password and their 6-digit code.

  • Question 259:

    A new vendor product has been acquired to replace a legacy perimeter security product. There are significant time constraints due to the existing solution nearing end-of-life with no options for extended support. It has been emphasized that only essential activities be performed. Which of the following sequences BEST describes the order of activities when balancing security posture and time constraints?

    A. Install the new solution, migrate to the new solution, and test the new solution.
    B. Purchase the new solution, test the new solution, and migrate to the new solution.
    C. Decommission the old solution, install the new solution, and test the new solution.
    D. Test the new solution, migrate to the new solution, and decommission the old solution.

  • Question 260:

    An external penetration tester compromised one of the client organization's authentication servers and retrieved the password database. Which of the following methods allows the penetration tester to MOST efficiently use any obtained administrative credentials on the client organization's other systems, without impacting the integrity of any of the systems?

    A. Use the pass the hash technique
    B. Use rainbow tables to crack the passwords
    C. Use the existing access to change the password
    D. Use social engineering to obtain the actual password

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.