1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 571:

    The Chief Information Security Officer (CISO) is researching ways to reduce the risk associated with administrative access of six IT staff members while enforcing separation of duties. In the case where an IT staff member is absent, each

    staff member should be able to perform all the necessary duties of their IT co-workers.

    Which of the following policies should the CISO implement to reduce the risk?

    A. Require the use of an unprivileged account, and a second shared account only for administrative purposes.
    B. Require role-based security on primary role, and only provide access to secondary roles on a case-by- case basis.
    C. Require separation of duties ensuring no single administrator has access to all systems.
    D. Require on-going auditing of administrative activities, and evaluate against risk-based metrics.

  • Question 572:

    A company decides to purchase COTS software. This can introduce new security risks to the network. Which of the following is the BEST description of why this is true?

    A. COTS software is typically well known and widely available. Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid a lawsuit.
    B. COTS software is not well known and is only available in limited quantities. Information concerning vulnerabilities is kept internal to the company that developed the software.
    C. COTS software is well known and widely available. Information concerning vulnerabilities and viable attack patterns is typically ignored within the IT community.
    D. COTS software is well known and widely available. Information concerning vulnerabilities and viable attack patterns is typically shared within the IT community.

  • Question 573:

    An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the risks associated with malware and resulting data leakage. Given that the ARO is twice per year, the ALE resulting from a data leak is $25,000 and the ALE after implementing the web filter is $15,000. The web filtering solution will cost the organization $10,000 per year. Which of the following values is the single loss expectancy of a data leakage event after implementing the web filtering solution?

    A. $0
    B. $7,500
    C. $10,000
    D. $12,500
    E. $15,000

  • Question 574:

    A security administrator has noticed that an increased number of employees' workstations are becoming infected with malware. The company deploys an enterprise antivirus system as well as a web content filter, which blocks access to malicious web sites where malware files can be downloaded. Additionally, the company implements technical measures to disable external storage. Which of the following is a technical control that the security administrator should implement next to reduce malware infection?

    A. Implement an Acceptable Use Policy which addresses malware downloads.
    B. Deploy a network access control system with a persistent agent.
    C. Enforce mandatory security awareness training for all employees and contractors.
    D. Block cloud-based storage software on the company network.

  • Question 575:

    VPN users cannot access the active FTP server through the router but can access any server in the data center.

    Additional network information:

    DMZ network -192.168.5.0/24 (FTP server is 192.168.5.11)

    VPN network -192.168.1.0/24

    Datacenter -192.168.2.0/24

    User network - 192.168.3.0/24

    HR network -192.168.4.0/24\

    Traffic shaper configuration:

    VLAN Bandwidth Limit (Mbps)

    VPN50

    User175

    HR250

    Finance250

    Guest0

    Router ACL:

    ActionSourceDestination

    Permit192.168.1.0/24192.168.2.0/24

    Permit192.168.1.0/24192.168.3.0/24

    Permit192.168.1.0/24192.168.5.0/24

    Permit192.168.2.0/24192.168.1.0/24

    Permit192.168.3.0/24192.168.1.0/24

    Permit192.168.5.1/32192.168.1.0/24

    Deny192.168.4.0/24192.168.1.0/24

    Deny192.168.1.0/24192.168.4.0/24

    Denyanyany

    Which of the following solutions would allow the users to access the active FTP server?

    A. Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network
    B. Add a permit statement to allow traffic to 192.168.5.1 from the VPN network
    C. IPS is blocking traffic and needs to be reconfigured
    D. Configure the traffic shaper to limit DMZ traffic
    E. Increase bandwidth limit on the VPN network

  • Question 576:

    An IT auditor is reviewing the data classification for a sensitive system. The company has classified the data stored in the sensitive system according to the following matrix: DATA TYPECONFIDENTIALITYINTEGRITYAVAILABILITY ---------------------------------------------------------------------------------------------------------------- FinancialHIGHHIGHLOW Client nameMEDIUMMEDIUMHIGH Client addressLOWMEDIUMLOW

    AGGREGATEMEDIUMMEDIUMMEDIUM

    The auditor is advising the company to review the aggregate score and submit it to senior management. Which of the following should be the revised aggregate score?

    A. HIGH, MEDIUM, LOW
    B. MEDIUM, MEDIUM, LOW
    C. HIGH, HIGH, HIGH
    D. MEDIUM, MEDIUM, MEDIUM

  • Question 577:

    The company is considering issuing non-standard tablet computers to executive management. Which of the following is the FIRST step the security manager should perform?

    A. Apply standard security policy settings to the devices.
    B. Set up an access control system to isolate the devices from the network.
    C. Integrate the tablets into standard remote access systems.
    D. Develop the use case for the devices and perform a risk analysis.

  • Question 578:

    A company with 2000 workstations is considering purchasing a HIPS to minimize the impact of a system compromise from malware. Currently, the company projects a total cost of $50,000 for the next three years responding to and eradicating workstation malware. The Information Security Officer (ISO) has received three quotes from different companies that provide HIPS.

    The first quote requires a $10,000 one-time fee, annual cost of $6 per workstation, and a 10% annual support fee based on the number of workstations. The second quote requires a $15,000 one-time fee, an annual cost of $5 per workstation, and a 12% annual fee based on the number of workstations. The third quote has no one-time fee, an annual cost of $8 per workstation, and a 15% annual fee based on the number of workstations.

    Which solution should the company select if the contract is only valid for three years?

    A. First quote
    B. Second quote
    C. Third quote
    D. Accept the risk

  • Question 579:

    A new malware spreads over UDP Port 8320 and several network hosts have been infected. A new security administrator has determined a possible cause, and the infected machines have been quarantined. Which of the following actions could a new security administrator take to further mitigate this issue?

    A. Limit source ports on the firewall to specific IP addresses.
    B. Add an explicit deny-all and log rule as the final entry of the firewall rulebase.
    C. Implement stateful UDP filtering on UDP ports above 1024.
    D. Configure the firewall to use IPv6 by default.

  • Question 580:

    A health service provider is considering the impact of allowing doctors and nurses access to the internal email system from their personal smartphones. The Information Security Officer (ISO) has received a technical document from the security administrator explaining that the current email system is capable of enforcing security policies to personal smartphones, including screen lockout and mandatory PINs. Additionally, the system is able to remotely wipe a phone if reported lost or stolen. Which of the following should the Information Security Officer be MOST concerned with based on this scenario? (Select THREE).

    A. The email system may become unavailable due to overload.
    B. Compliance may not be supported by all smartphones.
    C. Equipment loss, theft, and data leakage.
    D. Smartphone radios can interfere with health equipment.
    E. Data usage cost could significantly increase.
    F. Not all smartphones natively support encryption.
    G. Smartphones may be used as rogue access points.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.