1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 561:

    Statement: "The system shall implement measures to notify system administrators prior to a security incident occurring."

    Which of the following BEST restates the above statement to allow it to be implemented by a team of software developers?

    A. The system shall cease processing data when certain configurable events occur.
    B. The system shall continue processing in the event of an error and email the security administrator the error logs.
    C. The system shall halt on error.
    D. The system shall throw an error when specified incidents pass a configurable threshold.

  • Question 562:

    An organization recently upgraded its wireless infrastructure to support 802.1x and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only pre-shared key compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the 802.1x requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?

    A. Create a separate SSID and require the use of dynamic encryption keys.
    B. Create a separate SSID with a pre-shared key to support the legacy clients and rotate the key at random intervals.
    C. Create a separate SSID and pre-shared WPA2 key on a new network segment and only allow required communication paths.
    D. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.

  • Question 563:

    As part of the testing phase in the SDLC, a software developer wants to verify that an application is properly handling user error exceptions. Which of the following is the BEST tool or process for the developer use?

    A. SRTM review
    B. Fuzzer
    C. Vulnerability assessment
    D. HTTP interceptor

  • Question 564:

    A company Chief Information Officer (CIO) is unsure which set of standards should govern the company's IT policy. The CIO has hired consultants to develop use cases to test against various government and industry security standards. The CIO is convinced that there is large overlap between the configuration checks and security controls governing each set of standards. Which of the following selections represent the BEST option for the CIO?

    A. Issue a RFQ for vendors to quote a complete vulnerability and risk management solution to the company.
    B. Issue a policy that requires only the most stringent security standards be implemented throughout the company.
    C. Issue a policy specifying best practice security standards and a baseline to be implemented across the company.
    D. Issue a RFI for vendors to determine which set of security standards is best for the company.

  • Question 565:

    A company receives a subpoena for email that is four years old. Which of the following should the company consult to determine if it can provide the email in question?

    A. Data retention policy
    B. Business continuity plan
    C. Backup and archive processes
    D. Electronic inventory

  • Question 566:

    The security administrator of a small private firm is researching and putting together a proposal to purchase an IPS to replace an existing IDS. A specific brand and model has been selected, but the security administrator needs to gather various cost information for that product. Which of the following documents would perform a cost analysis report and include information such as payment terms?

    A. RFI
    B. RTO
    C. RFQ
    D. RFC

  • Question 567:

    The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system?

    A. Virtualize the system and migrate it to a cloud provider.
    B. Segment the device on its own secure network.
    C. Install an antivirus and HIDS on the system.
    D. Hire developers to reduce vulnerabilities in the code.

  • Question 568:

    In a situation where data is to be recovered from an attacker's location, which of the following are the FIRST things to capture? (Select TWO).

    A. Removable media
    B. Passwords written on scrap paper
    C. Snapshots of data on the monitor
    D. Documents on the printer
    E. Volatile system memory
    F. System hard drive

  • Question 569:

    A new startup company with very limited funds wants to protect the organization from external threats by implementing some type of best practice security controls across a number of hosts located in the application zone, the production zone, and the core network. The 50 hosts in the core network are a mixture of Windows and Linux based systems, used by development staff to develop new applications. The single Windows host in the application zone is used exclusively by the production team to control software deployments into the production zone. There are 10 UNIX web application hosts in the production zone which are publically accessible.

    Development staff is required to install and remove various types of software from their hosts on a regular basis while the hosts in the zone rarely require any type of configuration changes. Which of the following when implemented would provide the BEST level of protection with the LEAST amount of disruption to staff?

    A. NIPS in the production zone, HIPS in the application zone, and anti-virus / anti-malware across all Windows hosts.
    B. NIPS in the production zone, NIDS in the application zone, HIPS in the core network, and anti-virus / anti-malware across all hosts.
    C. HIPS in the production zone, NIPS in the application zone, and HIPS in the core network.
    D. NIDS in the production zone, HIDS in the application zone, and anti-virus / anti-malware across all hosts.

  • Question 570:

    A database is hosting information assets with a computed CIA aggregate value of high. The database is located within a secured network zone where there is flow control between the client and datacenter networks. Which of the following is the MOST likely threat?

    A. Inappropriate administrator access
    B. Malicious code
    C. Internal business fraud
    D. Regulatory compliance

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.