1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 381:

    A manager who was attending an all-day training session was overdue entering bonus and payroll information for subordinates. The manager felt the best way to get the changes entered while in training was to log into the payroll system, and then activate desktop sharing with a trusted subordinate. The manager granted the subordinate control of the desktop thereby giving the subordinate full access to the payroll system. The subordinate did not have authorization to be in the payroll system. Another employee reported the incident to the security team. Which of the following would be the MOST appropriate method for dealing with this issue going forward?

    A. Provide targeted security awareness training and impose termination for repeat violators.
    B. Block desktop sharing and web conferencing applications and enable use only with approval.
    C. Actively monitor the data traffic for each employee using desktop sharing or web conferencing applications.
    D. Permanently block desktop sharing and web conferencing applications and do not allow its use at the company.

  • Question 382:

    At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/ or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO).

    A. Add guests with more memory to increase capacity of the infrastructure.
    B. A backup is running on the thin clients at 9am every morning.
    C. Install more memory in the thin clients to handle the increased load while booting.
    D. Booting all the lab desktops at the same time is creating excessive I/O.
    E. Install 10-Gb uplinks between the hosts and the lab to increase network capacity.
    F. Install faster SSD drives in the storage system used in the infrastructure.
    G. The lab desktops are saturating the network while booting.
    H. The lab desktops are using more memory than is available to the host systems.

  • Question 383:

    An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month. The new software product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per month and be more secure. How many years until there is a return on investment for this new package?

    A. 1
    B. 2
    C. 3
    D. 4

  • Question 384:

    DRAG DROP

    An organization is implementing a project to simplify the management of its firewall network flows and implement security controls. The following requirements exist. Drag and drop the BEST security solution to meet the given requirements.

    Options may be used once or not

    at all. All placeholders must be filled.

    Select and Place:

  • Question 385:

    A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO).

    A. The user's certificate private key must be installed on the VPN concentrator.
    B. The CA's certificate private key must be installed on the VPN concentrator.
    C. The user certificate private key must be signed by the CA.
    D. The VPN concentrator's certificate private key must be signed by the CA and installed on the VPN concentrator.
    E. The VPN concentrator's certificate private key must be installed on the VPN concentrator.
    F. The CA's certificate public key must be installed on the VPN concentrator.

  • Question 386:

    When planning a complex system architecture, it is important to build in mechanisms to secure log information, facilitate audit log reduction, and event correlation. Besides synchronizing system time across all devices through NTP, which of the following is also a common design consideration for remote locations?

    A. Two factor authentication for all incident responders
    B. A central SYSLOG server for collecting all logs
    C. A distributed SIEM with centralized sensors
    D. A SIEM server with distributed sensors

  • Question 387:

    Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at Company XYZ's headquarters. Which of the following BEST prevents Company XYZ representatives from gaining access to unauthorized Company ABC systems?

    A. Require each Company XYZ employee to use an IPSec connection to the required systems
    B. Require Company XYZ employees to establish an encrypted VDI session to the required systems
    C. Require Company ABC employees to use two-factor authentication on the required systems
    D. Require a site-to-site VPN for intercompany communications

  • Question 388:

    A security analyst at Company A has been trying to convince the Information Security Officer (ISO) to allocate budget towards the purchase of a new intrusion prevention system (IPS) capable of analyzing encrypted web transactions. Which of the following should the analyst provide to the ISO to support the request? (Select TWO).

    A. Emerging threat reports
    B. Company attack tends
    C. Request for Quote (RFQ)
    D. Best practices
    E. New technologies report

  • Question 389:

    During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

    A. Implement an IPS to block the application on the network
    B. Implement the remote application out to the rest of the servers
    C. Implement SSL VPN with SAML standards for federation
    D. Implement an ACL on the firewall with NAT for remote access

  • Question 390:

    A security administrator has finished building a Linux server which will host multiple virtual machines through hypervisor technology. Management of the Linux server, including monitoring server performance, is achieved through a third party web enabled application installed on the Linux server. The security administrator is concerned about vulnerabilities in the web application that may allow an attacker to retrieve data from the virtual machines.

    Which of the following will BEST protect the data on the virtual machines from an attack?

    A. The security administrator must install the third party web enabled application in a chroot environment.
    B. The security administrator must install a software firewall on both the Linux server and the virtual machines.
    C. The security administrator must install anti-virus software on both the Linux server and the virtual machines.
    D. The security administrator must install the data exfiltration detection software on the perimeter firewall.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.