1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 471:

    At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company. At

    10:45 a.m. the security administrator received multiple alerts from the company's statistical anomaly- based IDS about a company database administrator performing unusual transactions. At

    10:55

    a.m. the security administrator resets the database administrator's password.

    At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user. Which of the following is MOST likely the cause of the alerts?

    A. The IDS logs are compromised.
    B. The new password was compromised.
    C. An input validation error has occurred.
    D. A race condition has occurred.

  • Question 472:

    The following has been discovered in an internally developed application:

    Error - Memory allocated but not freed:

    char *myBuffer = malloc(BUFFER_SIZE);

    if (myBuffer != NULL) {

    *myBuffer = STRING_WELCOME_MESSAGE;

    printf("Welcome to: %s\n", myBuffer);

    }

    exit(0);

    Which of the following security assessment methods are likely to reveal this security weakness? (Select TWO).

    A. Static code analysis
    B. Memory dumping
    C. Manual code review
    D. Application sandboxing
    E. Penetration testing
    F. Black box testing

  • Question 473:

    A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs. Which of the following will meet this goal without requiring any hardware pass-through implementations?

    A. vTPM
    B. HSM
    C. TPM
    D. INE

  • Question 474:

    Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption. Which of the following solutions minimizes the performance impact on the router?

    A. Deploy inline network encryption devices
    B. Install an SSL acceleration appliance
    C. Require all core business applications to use encryption
    D. Add an encryption module to the router and configure IPSec

  • Question 475:

    A systems administrator establishes a CIFS share on a UNIX device to share data to Windows systems. The security authentication on the Windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the UNIX share. Which of the following settings on the UNIX server would correct this problem?

    A. Refuse LM and only accept NTLMv2
    B. Accept only LM
    C. Refuse NTLMv2 and accept LM
    D. Accept only NTLM

  • Question 476:

    The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer's (CSO) request to harden the corporate network's perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?

    A. The corporate network is the only network that is audited by regulators and customers.
    B. The aggregation of employees on a corporate network makes it a more valuable target for attackers.
    C. Home networks are unknown to attackers and less likely to be targeted directly.
    D. Employees are more likely to be using personal computers for general web browsing when they are at home.

  • Question 477:

    Which of the following BEST constitutes the basis for protecting VMs from attacks from other VMs hosted on the same physical platform?

    A. Aggressive patch management on the host and guest OSs.
    B. Host based IDS sensors on all guest OSs.
    C. Different antivirus solutions between the host and guest OSs.
    D. Unique Network Interface Card (NIC) assignment per guest OS.

  • Question 478:

    After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system was restored on a newer revision of the same brand and model device. After the restore, the specialized application no longer works. Which of the following is the MOST likely cause of the problem?

    A. The binary files used by the application have been modified by malware.
    B. The application is unable to perform remote attestation due to blocked ports.
    C. The restored image backup was encrypted with the wrong key.
    D. The hash key summary of hardware and installed software no longer match.

  • Question 479:

    Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software from running on mobile devices?

    A. Single sign-on
    B. Identity propagation
    C. Remote attestation
    D. Secure code review

  • Question 480:

    A security engineer at a software development company has identified several vulnerabilities in a product late in the development cycle. This causes a huge delay for the release of the product. Which of the following should the administrator do to prevent these issues from occurring in the future?

    A. Recommend switching to an SDLC methodology and perform security testing during each maintenance iteration
    B. Recommend switching to a spiral software development model and perform security testing during the requirements gathering
    C. Recommend switching to a waterfall development methodology and perform security testing during the testing phase
    D. Recommend switching to an agile development methodology and perform security testing during iterations

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.