1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 51:

    An extensible commercial software system was upgraded to the next minor release version to patch a security vulnerability. After the upgrade, an unauthorized intrusion into the system was detected. The software vendor is called in to

    troubleshoot the issue and reports that all core components were updated properly.

    Which of the following has been overlooked in securing the system? (Select TWO).

    A. The company's IDS signatures were not updated.
    B. The company's custom code was not patched.
    C. The patch caused the system to revert to http.
    D. The software patch was not cryptographically signed.
    E. The wrong version of the patch was used.
    F. Third-party plug-ins were not patched.

  • Question 52:

    Which of the following is an example of single sign-on?

    A. An administrator manages multiple platforms with the same username and hardware token. The same username and token is used across all the platforms.
    B. Multiple applications have been integrated with a centralized LDAP directory for authentication and authorization. A user has to authenticate each time the user accesses an application.
    C. A password is synchronized between multiple platforms and the user is required to authenticate with the same password across each platform.
    D. A web access control infrastructure performs authentication and passes attributes in a HTTP header to multiple applications.

  • Question 53:

    Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?

    A. Deduplication
    B. Data snapshots
    C. LUN masking
    D. Storage multipaths

  • Question 54:

    ODBC access to a database on a network-connected host is required. The host does not have a security mechanism to authenticate the incoming ODBC connection, and the application requires that the connection have read/write permissions. In order to further secure the data, a nonstandard configuration would need to be implemented. The information in the database is not sensitive, but was not readily accessible prior to the implementation of the ODBC connection. Which of the following actions should be taken by the security analyst?

    A. Accept the risk in order to keep the system within the company's standard security configuration.
    B. Explain the risks to the data owner and aid in the decision to accept the risk versus choosing a nonstandard solution.
    C. Secure the data despite the need to use a security control or solution that is not within company standards.
    D. Do not allow the connection to be made to avoid unnecessary risk and avoid deviating from the standard security configuration.

  • Question 55:

    Company XYZ has had repeated vulnerability exploits of a critical nature released to the company's flagship product. The product is used by a number of large customers. At the Chief Information Security Officer's (CISO's) request, the product manager now has to budget for a team of security consultants to introduce major product security improvements.

    Here is a list of improvements in order of priority:

    1.

    A noticeable improvement in security posture immediately.

    2.

    Fundamental changes to resolve systemic issues as an ongoing process

    3.

    Improvements should be strategic as opposed to tactical

    4.

    Customer impact should be minimized

    Which of the following recommendations is BEST for the CISO to put forward to the product manager?

    A. Patch the known issues and provide the patch to customers. Make a company announcement to customers on the main website to reduce the perceived exposure of the application to alleviate customer concerns. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that any defects have been resolved.
    B. Patch the known issues and provide the patch to customers. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that the defects have been resolved. Introduce periodic code review and penetration testing of the product in question and consider including all relevant future projects going forward.
    C. Patch the known issues and provide the patch to customers. Implement an SSDLC / SDL overlay on top of the SDLC. Train architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. Use the product as the primary focal point to close out issues and consider using the SSDLC / SDL overlay for all relevant future projects.
    D. Stop active support of the product. Bring forward end-of-life dates for the product so that it can be decommissioned. Start a new project to develop a replacement product and ensure that an SSDLC / SDL overlay on top of the SDLC is formed. Train BAs, architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases.

  • Question 56:

    A security manager is developing new policies and procedures. Which of the following is a best practice in end user security?

    A. Employee identity badges and physical access controls to ensure only staff are allowed onsite.
    B. A training program that is consistent, ongoing, and relevant.
    C. Access controls to prevent end users from gaining access to confidential data.
    D. Access controls for computer systems and networks with two-factor authentication.

  • Question 57:

    Which of the following precautions should be taken to harden network devices in case of VMEscape?

    A. Database servers should be on the same virtual server as web servers in the DMZ network segment.
    B. Web servers should be on the same physical server as database servers in the network segment.
    C. Virtual servers should only be on the same physical server as others in their network segment.
    D. Physical servers should only be on the same WAN as other physical servers in their network.

  • Question 58:

    A company which manufactures ASICs for use in an IDS wants to ensure that the ASICs' code is not prone to buffer and integer overflows. The ASIC technology is copyrighted and the confidentiality of the ASIC code design is exceptionally important. The company is required to conduct internal vulnerability testing as well as testing by a third party.

    Which of the following should be implemented in the SDLC to achieve these requirements?

    A. Regression testing by the manufacturer and integration testing by the third party
    B. User acceptance testing by the manufacturer and black box testing by the third party
    C. Defect testing by the manufacturer and user acceptance testing by the third party
    D. White box unit testing by the manufacturer and black box testing by the third party

  • Question 59:

    SAML entities can operate in a variety of different roles. Valid SAML roles include which of the following?

    A. Attribute authority and certificate authority
    B. Certificate authority and attribute requestor
    C. Identity provider and service provider
    D. Service provider and administrator

  • Question 60:

    An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following controls should be implemented to mitigate the attack in the future?

    A. Use PAP for secondary authentication on each RADIUS server
    B. Disable unused EAP methods on each RADIUS server
    C. Enforce TLS connections between RADIUS servers
    D. Use a shared secret for each pair of RADIUS servers

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.