1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 351:

    The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company's contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO).

    A. Block traffic from the ISP's networks destined for blacklisted IPs.
    B. Prevent the ISP's customers from querying DNS servers other than those hosted by the ISP.
    C. Scan the ISP's customer networks using an up-to-date vulnerability scanner.
    D. Notify customers when services they run are involved in an attack.
    E. Block traffic with an IP source not allocated to customers from exiting the ISP's network.

  • Question 352:

    A telecommunication company has recently upgraded their teleconference systems to multicast. Additionally, the security team has instituted a new policy which requires VPN to access the company's video conference. All parties must be issued a VPN account and must connect to the company's VPN concentrator to participate in the remote meetings.

    Which of the following settings will increase bandwidth utilization on the VPN concentrator during the remote meetings?

    A. IPSec transport mode is enabled
    B. ICMP is disabled
    C. Split tunneling is disabled
    D. NAT-traversal is enabled

  • Question 353:

    A trust relationship has been established between two organizations with web based services. One organization is acting as the Requesting Authority (RA) and the other acts as the Provisioning Service Provider (PSP). Which of the following is correct about the trust relationship?

    A. The trust relationship uses SAML in the SOAP header. The SOAP body transports the SPML requests / responses.
    B. The trust relationship uses XACML in the SAML header. The SAML body transports the SOAP requests / responses.
    C. The trust relationship uses SPML in the SOAP header. The SOAP body transports the SAML requests / responses.
    D. The trust relationship uses SPML in the SAML header. The SAML body transports the SPML requests / responses.

  • Question 354:

    A firm's Chief Executive Officer (CEO) is concerned that IT staff lacks the knowledge to identify complex vulnerabilities that may exist in a payment system being internally developed. The payment system being developed will be sold to a number of organizations and is in direct competition with another leading product. The CEO highlighted that code base confidentiality is of critical importance to allow the company to exceed the competition in terms of the product's reliability, stability, and performance. Which of the following would provide the MOST thorough testing and satisfy the CEO's requirements?

    A. Sign a MOU with a marketing firm to preserve the company reputation and use in-house resources for random testing.
    B. Sign a BPA with a small software consulting firm and use the firm to perform Black box testing and address all findings.
    C. Sign a NDA with a large security consulting firm and use the firm to perform Grey box testing and address all findings.
    D. Use the most qualified and senior developers on the project to perform a variety of White box testing and code reviews.

  • Question 355:

    Company XYZ recently acquired a manufacturing plant from Company ABC which uses a different manufacturing ICS platform. Company XYZ has strict ICS security regulations while Company ABC does not. Which of the following approaches would the network security administrator for Company XYZ MOST likely proceed with to integrate the new manufacturing plant?

    A. Conduct a network vulnerability assessment of acquired plant ICS platform and correct all identified flaws during integration.
    B. Convert the acquired plant ICS platform to the Company XYZ standard ICS platform solely to eliminate potential regulatory conflicts.
    C. Conduct a risk assessment of the acquired plant ICS platform and implement any necessary or required controls during integration.
    D. Require Company ABC to bring their ICS platform into regulatory compliance prior to integrating the new plant into Company XYZ's network.

  • Question 356:

    Which of the following activities is commonly deemed "OUT OF SCOPE" when undertaking a penetration test?

    A. Attempting to perform blind SQL injection and reflected cross-site scripting attacks
    B. Undertaking network-based denial of service attacks in production environment
    C. Test password complexity of all login fields and input validation of form fields
    D. Reverse engineering any thick client software that has been provided for the test

  • Question 357:

    Which of the following refers to programs running in an isolated space to run untested code and prevents the code from making permanent changes to the OS kernel and other data on the host machine?

    A. Input Validation
    B. Application hardening
    C. Code signing
    D. Application sandboxing

  • Question 358:

    The Chief Executive Officer (CEO) has decided to outsource systems which are not core business functions; however, a recent review by the risk officer has indicated that core business functions are dependent on the outsourced systems. The risk officer has requested that the IT department calculates the priority of restoration for all systems and applications under the new business model. Which of the following is the BEST tool to achieve this?

    A. Business impact analysis
    B. Annualized loss expectancy analysis
    C. TCO analysis
    D. Residual risk and gap analysis

  • Question 359:

    An administrator would like to connect a server to a SAN. Which of the following processes would BEST allow for availability and access control?

    A. Install a dual port HBA on the SAN, create a LUN on the server, and enable deduplication and data snapshots.
    B. Install a multipath LUN on the server with deduplication, and enable LUN masking on the SAN.
    C. Install 2 LUNs on the server, cluster HBAs on the SAN, and enable multipath and data deduplication.
    D. Install a dual port HBA in the server; create a LUN on the SAN, and enable LUN masking and multipath.

  • Question 360:

    An asset manager is struggling with the best way to reduce the time required to perform asset location activities in a large warehouse. A project manager indicated that RFID might be a valid solution if the asset manager's requirements were supported by current RFID capabilities. Which of the following requirements would be MOST difficult for the asset manager to implement?

    A. The ability to encrypt RFID data in transmission
    B. The ability to integrate environmental sensors into the RFID tag
    C. The ability to track assets in real time as they move throughout the facility
    D. The ability to assign RFID tags a unique identifier

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.