1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 371:

    Since the implementation of IPv6 on the company network, the security administrator has been unable to identify the users associated with certain devices utilizing IPv6 addresses, even when the devices are centrally managed. en1: flags=8863 mtu 1500 ether f8:1e:af:ab:10:a3 inet6 fw80::fa1e:dfff:fee6:9d8%en1 prefixlen 64 scopeid 0x5 inet 192.168.1.14 netmask 0xffffff00 broadcast 192.168.1.255 inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen 64 autoconf inet6 2001:200:5:922:10ab:5e21:aa9a:6393 prefixlen 64 autoconf temporary nd6 options=1 media: autoselect status: active Given this output, which of the following protocols is in use by the company and what can the system administrator do to positively map users with IPv6 addresses in the future? (Select TWO).

    A. The devices use EUI-64 format
    B. The routers implement NDP
    C. The network implements 6to4 tunneling
    D. The router IPv6 advertisement has been disabled
    E. The administrator must disable IPv6 tunneling
    F. The administrator must disable the mobile IPv6 router flag
    G. The administrator must disable the IPv6 privacy extensions
    H. The administrator must disable DHCPv6 option code 1

  • Question 372:

    A company data center provides Internet based access to email and web services.

    The firewall is separated into four zones: RED ZONE is an Internet zone

    ORANGE ZONE a Web DMZ

    YELLOW ZONE an email DMZ

    GREEN ZONE is a management interface

    There are 15 email servers and 10 web servers. The data center administrator plugs a laptop into the management interface to make firewall changes. The administrator would like to secure this environment but has a limited budget. Assuming each addition is an appliance, which of the following would provide the MOST appropriate placement of security solutions while minimizing the expenses?

    A. RED ZONE: none ORANGE ZONE: WAF YELLOW ZONE: SPAM Filter GREEN ZONE: none
    B. RED ZONE: Virus Scanner, SPAM Filter ORANGE ZONE: NIPS YELLOW ZONE: NIPS GREEN ZONE: NIPS
    C. RED ZONE: WAF, Virus Scanner ORANGE ZONE: NIPS YELLOW ZONE: NIPS GREEN ZONE: SPAM Filter
    D. RED ZONE: NIPS ORANGE ZONE: WAF YELLOW ZONE: Virus Scanner, SPAM Filter GREEN ZONE: none

  • Question 373:

    A user has a laptop configured with multiple operating system installations. The operating systems are all installed on a single SSD, but each has its own partition and logical volume. Which of the following is the BEST way to ensure confidentiality of individual operating system data?

    A. Encryption of each individual partition
    B. Encryption of the SSD at the file level
    C. FDE of each logical volume on the SSD
    D. FDE of the entire SSD as a single disk

  • Question 374:

    An insurance company has an online quoting system for insurance premiums. It allows potential customers to fill in certain details about their car and obtain a quote. During an investigation, the following patterns were detected:

    Pattern 1 -Analysis of the logs identifies that insurance premium forms are being filled in but only single fields are incrementally being updated.

    Pattern 2 -For every quote completed, a new customer number is created; due to legacy systems, customer numbers are running out.

    Which of the following is the attack type the system is susceptible to, and what is the BEST way to defend against it? (Select TWO).

    A. Apply a hidden field that triggers a SIEM alert
    B. Cross site scripting attack
    C. Resource exhaustion attack
    D. Input a blacklist of all known BOT malware IPs into the firewall
    E. SQL injection
    F. Implement an inline WAF and integrate into SIEM
    G. Distributed denial of service
    H. Implement firewall rules to block the attacking IP addresses

  • Question 375:

    A corporation implements a mobile device policy on smartphones that utilizes a white list for allowed applications. Recently, the security administrator notices that a consumer cloud based storage application has been added to the mobile device white list. Which of the following security implications should the security administrator cite when recommending the application's removal from the white list?

    A. Consumer cloud storage systems retain local copies of each file on the smartphone, as well as in the cloud, causing a potential data breach if the phone is lost or stolen.
    B. Smartphones can export sensitive data or import harmful data with this application causing the potential for DLP or malware issues.
    C. Consumer cloud storage systems could allow users to download applications to the smartphone. Installing applications this way would circumvent the application white list.
    D. Smartphones using consumer cloud storage are more likely to have sensitive data remnants on them when they are repurposed.

  • Question 376:

    A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the following would BEST help the executives meet this goal?

    A. Install GSM tracking on each product for end-to-end delivery visibility.
    B. Implement geo-fencing to track products.
    C. Require drivers to geo-tag documentation at each delivery location.
    D. Equip each truck with an RFID tag for location services.

  • Question 377:

    A company has decided to move to an agile software development methodology. The company gives all of its developers security training. After a year of agile, a management review finds that the number of items on a vulnerability scan has actually increased since the methodology change. Which of the following best practices has MOST likely been overlooked in the agile implementation?

    A. Penetration tests should be performed after each sprint.
    B. A security engineer should be paired with a developer during each cycle.
    C. The security requirements should be introduced during the implementation phase.
    D. The security requirements definition phase should be added to each sprint.

  • Question 378:

    When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones. Which of the following would impact the security of conference's resources?

    A. Wireless network security may need to be increased to decrease access of mobile devices.
    B. Physical security may need to be increased to deter or prevent theft of mobile devices.
    C. Network security may need to be increased by reducing the number of available physical network jacks.
    D. Wireless network security may need to be decreased to allow for increased access of mobile devices.

  • Question 379:

    At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/ or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO).

    A. Add guests with more memory to increase capacity of the infrastructure.
    B. A backup is running on the thin clients at 9am every morning.
    C. Install more memory in the thin clients to handle the increased load while booting.
    D. Booting all the lab desktops at the same time is creating excessive I/O.
    E. Install 10-Gb uplinks between the hosts and the lab to increase network capacity.
    F. Install faster SSD drives in the storage system used in the infrastructure.
    G. The lab desktops are saturating the network while booting.
    H. The lab desktops are using more memory than is available to the host systems.

  • Question 380:

    When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard. Which of the following BEST describes why this is necessary?

    A. The user needs a non-repudiation data source in order for the application to generate the key pair.
    B. The user is providing entropy so the application can use random data to create the key pair.
    C. The user is providing a diffusion point to the application to aid in creating the key pair.
    D. The application is requesting perfect forward secrecy from the user in order to create the key pair.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.