1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 511:

    A company sales manager received a memo from the company's financial department which stated that the company would not be putting its software products through the same security testing as previous years to reduce the research and development cost by 20 percent for the upcoming year. The memo also stated that the marketing material and service level agreement for each product would remain unchanged. The sales manager has reviewed the sales goals for the upcoming year and identified an increased target across the software products that will be affected by the financial department's change. All software products will continue to go through new development in the coming year. Which of the following should the sales manager do to ensure the company stays out of trouble?

    A. Discuss the issue with the software product's user groups
    B. Consult the company's legal department on practices and law
    C. Contact senior finance management and provide background information
    D. Seek industry outreach for software practices and law

  • Question 512:

    A morphed worm carrying a 0-day payload has infiltrated the company network and is now spreading across the organization. The security administrator was able to isolate the worm communication and payload distribution channel to TCP port 445. Which of the following can the administrator do in the short term to minimize the attack?

    A. Deploy the following ACL to the HIPS: DENY - TCP - ANY - ANY ?445.
    B. Run a TCP 445 port scan across the organization and patch hosts with open ports.
    C. Add the following ACL to the corporate firewall: DENY - TCP - ANY - ANY - 445.
    D. Force a signature update and full system scan from the enterprise anti-virus solution.

  • Question 513:

    A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two- factor authentication for customer access to the administrative

    website. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data from customer A was found on a hidden directory within the VM of company B. Company B is not in the same industry as

    company A and the two are not competitors.

    Which of the following has MOST likely occurred?

    A. Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.
    B. A stolen two factor token was used to move data from one virtual guest to another host on the same network segment.
    C. A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access.
    D. An employee with administrative access to the virtual guests was able to dump the guest memory onto a mapped disk.

  • Question 514:

    An information security assessor for an organization finished an assessment that identified critical issues with the human resource new employee management software application. The assessor submitted the report to senior management but nothing has happened. Which of the following would be a logical next step?

    A. Meet the two key VPs and request a signature on the original assessment.
    B. Include specific case studies from other organizations in an updated report.
    C. Schedule a meeting with key human resource application stakeholders.
    D. Craft an RFP to begin finding a new human resource application.

  • Question 515:

    Which of the following is the BEST place to contractually document security priorities, responsibilities, guarantees, and warranties when dealing with outsourcing providers?

    A. SLA
    B. MOU
    C. OLA
    D. NDA

  • Question 516:

    Which of the following is the information owner responsible for?

    A. Developing policies, standards, and baselines.
    B. Determining the proper classification levels for data within the system.
    C. Integrating security considerations into application and system purchasing decisions.
    D. Implementing and evaluating security controls by validating the integrity of the data.

  • Question 517:

    The security administrator at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years. The security administrator is only able to find one year's worth of email records on the server and is now concerned about the possible legal implications of not complying with the request. Which of the following should the security administrator check BEFORE responding to the request?

    A. The company data privacy policies
    B. The company backup logs and archives
    C. The company data retention policies and guidelines
    D. The company data retention procedures

  • Question 518:

    The Chief Executive Officer (CEO) has asked the IT administrator to protect the externally facing web server from SQL injection attacks and ensure the backend database server is monitored for unusual behavior while enforcing rules to terminate unusual behavior. Which of the following would BEST meet the CEO's requirements?

    A. WAF and DAM
    B. UTM and NIDS
    C. DAM and SIEM
    D. UTM and HSM
    E. WAF and SIEM

  • Question 519:

    An Information Security Officer (ISO) has asked a security team to randomly retrieve discarded computers from the warehouse dumpster. The security team was able to retrieve two older computers and a broken MFD network printer. The security team was able to connect the hard drives from the two computers and the network printer to a computer equipped with forensic tools. The security team was able to retrieve PDF files from the network printer hard drive but the data on the two older hard drives was inaccessible.

    Which of the following should the Warehouse Manager do to remediate the security issue?

    A. Revise the hardware and software maintenance contract.
    B. Degauss the printer hard drive to delete data.
    C. Implement a new change control process.
    D. Update the hardware decommissioning procedures.

  • Question 520:

    A company wishes to purchase a new security appliance. A security administrator has extensively researched the appliances, and after presenting security choices to the company's management team, they approve of the proposed solution. Which of the following documents should be constructed to acquire the security appliance?

    A. SLA
    B. RFQ
    C. RFP
    D. RFI

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.