CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 21:

    Two universities are making their 802.11n wireless networks available to the other university's students. The infrastructure will pass the student's credentials back to the home school for authentication via the Internet.

    The requirements are: Mutual authentication of clients and authentication server The design should not limit connection speeds Authentication must be delegated to the home school No passwords should be sent unencrypted The following design was implemented: WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security RADIUS proxy servers will be used to forward authentication requests to the home school The RADIUS servers will have certificates from a common public certificate authority A strong shared secret will be used for RADIUS server authentication Which of the following security considerations should be added to the design?

    A. The transport layer between the RADIUS servers should be secured
    B. WPA Enterprise should be used to decrease the network overhead
    C. The RADIUS servers should have local accounts for the visiting students
    D. Students should be given certificates to use for authentication to the network

  • Question 22:

    An administrator receives a notification from legal that an investigation is being performed on members of the finance department. As a precaution, legal has advised a legal hold on all documents for an unspecified period of time. Which of the following policies will MOST likely be violated? (Select TWO).

    A. Data Storage Policy
    B. Data Retention Policy
    C. Corporate Confidentiality Policy
    D. Data Breach Mitigation Policy
    E. Corporate Privacy Policy

  • Question 23:

    An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?

    A. File system information, swap files, network processes, system processes and raw disk blocks.
    B. Raw disk blocks, network processes, system processes, swap files and file system information.
    C. System processes, network processes, file system information, swap files and raw disk blocks.
    D. Raw disk blocks, swap files, network processes, system processes, and file system information.

  • Question 24:

    Company ABC has recently completed the connection of its network to a national high speed private research network. Local businesses in the area are seeking sponsorship from Company ABC to connect to the high speed research network by directly connecting through Company ABC's network. Company ABC's Chief Information Officer (CIO) believes that this is an opportunity to increase revenues and visibility for the company, as well as promote research and development in the area.

    Which of the following must Company ABC require of its sponsored partners in order to document the technical security requirements of the connection?

    A. SLA
    B. ISA
    C. NDA
    D. BPA

  • Question 25:

    DRAG DROP

    Drag and Drop the following information types on to the appropriate CIA category.

    Select and Place:

  • Question 26:

    After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position?

    A. Least privilege
    B. Job rotation
    C. Mandatory vacation
    D. Separation of duties

  • Question 27:

    The telecommunications manager wants to improve the process for assigning company- owned mobile devices and ensuring data is properly removed when no longer needed. Additionally, the manager wants to onboard and offboard personally owned mobile devices that will be used in the BYOD initiative. Which of the following should be implemented to ensure these processes can be automated? (Select THREE).

    A. SIM's PIN
    B. Remote wiping
    C. Chargeback system
    D. MDM software
    E. Presence software
    F. Email profiles
    G. Identity attestation
    H. GPS tracking

  • Question 28:

    A court order has ruled that your company must surrender all the email sent and received by a certain employee for the past five years. After reviewing the backup systems, the IT administrator concludes that email backups are not kept that long. Which of the following policies MUST be reviewed to address future compliance?

    A. Tape backup policies
    B. Offsite backup policies
    C. Data retention policies
    D. Data loss prevention policies

  • Question 29:

    A company provides on-demand virtual computing for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two-factor authentication for access to sensitive data. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data was found on a hidden directory within the hypervisor. Which of the following has MOST likely occurred?

    A. A stolen two factor token and a memory mapping RAM exploit were used to move data from one virtual guest to an unauthorized similar token.
    B. An employee with administrative access to the virtual guests was able to dump the guest memory onto their mapped disk.
    C. A host server was left un-patched and an attacker was able to use a VMEscape attack to gain unauthorized access.
    D. A virtual guest was left un-patched and an attacker was able to use a privilege escalation attack to gain unauthorized access.

  • Question 30:

    The finance department for an online shopping website has discovered that a number of customers were able to purchase goods and services without any payments. Further analysis conducted by the security investigations team indicated that the website allowed customers to update a payment amount for shipping. A specially crafted value could be entered and cause a roll over, resulting in the shipping cost being subtracted from the balance and in some instances resulted in a negative balance. As a result, the system processed the negative balance as zero dollars. Which of the following BEST describes the application issue?

    A. Race condition
    B. Click-jacking
    C. Integer overflow
    D. Use after free
    E. SQL injection

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.