1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 601:

    -- Exhibit ?

    -- Exhibit -

    Company management has indicated that instant messengers (IM) add to employee productivity. Management would like to implement an IM solution, but does not have a budget for the project. The security engineer creates a feature matrix

    to help decide the most secure product. Click on the Exhibit button.

    Which of the following would the security engineer MOST likely recommend based on the table?

    A. Product A
    B. Product B
    C. Product C
    D. Product D

  • Question 602:

    The security administrator reports that the physical security of the Ethernet network has been breached, but the fibre channel storage network was not breached. Why might this still concern the storage administrator? (Select TWO).

    A. The storage network uses FCoE.
    B. The storage network uses iSCSI.
    C. The storage network uses vSAN.
    D. The storage network uses switch zoning.
    E. The storage network uses LUN masking.

  • Question 603:

    A security administrator is performing VDI traffic data collection on a virtual server which migrates from one host to another. While reviewing the data collected by the protocol analyzer, the security administrator notices that sensitive data is present in the packet capture. Which of the following should the security administrator recommend to ensure the confidentiality of sensitive information during live VM migration, while minimizing latency issues?

    A. A separate physical interface placed on a private VLAN should be configured for live host operations.
    B. Database record encryption should be used when storing sensitive information on virtual servers.
    C. Full disk encryption should be enabled across the enterprise to ensure the confidentiality of sensitive data.
    D. Sensitive data should be stored on a backend SAN which uses an isolated fiber channel network.

  • Question 604:

    A company has decided to change its current business direction and refocus on core business. Consequently, several company sub-businesses are in the process of being sold-off. A security consultant has been engaged to advise on residual information security concerns with a de-merger. From a high-level perspective, which of the following BEST provides the procedure that the consultant should follow?

    A. Perform a penetration test for the current state of the company. Perform another penetration test after the de-merger. Identify the gaps between the two tests.
    B. Duplicate security-based assets should be sold off for commercial gain to ensure that the security posture of the company does not decline.
    C. Explain that security consultants are not trained to offer advice on company acquisitions or demergers. This needs to be handled by legal representatives well versed in corporate law.
    D. Identify the current state from a security viewpoint. Based on the demerger, assess what the security gaps will be from a physical, technical, DR, and policy/ awareness perspective.

  • Question 605:

    The new security policy states that only authorized software will be allowed on the corporate network and all personally owned equipment needs to be configured by the IT security staff before being allowed on the network. The security administrator creates standard images with all the required software and proper security controls. These images are required to be loaded on all personally owned equipment prior to connecting to the corporate network. These measures ensure compliance with the new security policy. Which of the following security risks still needs to be addressed in this scenario?

    A. An employee copying gigabytes of personal video files from the employee's personal laptop to their company desktop to share files.
    B. An employee connecting their personal laptop to use a non-company endorsed accounting application that the employee used at a previous company.
    C. An employee using a corporate FTP application to transfer customer lists and other proprietary files to an external computer and selling them to a competitor.
    D. An employee accidentally infecting the network with a virus by connecting a USB drive to the employee's personal laptop.

  • Question 606:

    The security administrator at a bank is receiving numerous reports that customers are unable to login to the bank website. Upon further investigation, the security administrator discovers that the name associated with the bank website points to an unauthorized IP address.

    Which of the following solutions will MOST likely mitigate this type of attack?

    A. Security awareness and user training
    B. Recursive DNS from the root servers
    C. Configuring and deploying TSIG
    D. Firewalls and IDS technologies

  • Question 607:

    A security firm is writing a response to an RFP from a customer that is building a new network based software product. The firm's expertise is in penetration testing corporate networks. The RFP explicitly calls for all possible behaviors of the product to be tested, however, it does not specify any particular method to achieve this goal. Which of the following should be used to ensure the security and functionality of the product? (Select TWO).

    A. Code review
    B. Penetration testing
    C. Grey box testing
    D. Code signing
    E. White box testing

  • Question 608:

    Using SSL, an administrator wishes to secure public facing server farms in three subdomains:

    dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the following is the number of wildcard SSL certificates that should be purchased?

    B. 1
    C. 3
    D. 6

  • Question 609:

    The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to

    co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required.

    Which of the following BEST describes the risk assurance officer's concerns?

    A. Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.
    B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.
    C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.
    D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues.

  • Question 610:

    A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self service functionality. The application has been written by developers over the last six months and the project is currently in the test phase.

    Which of the following security activities should be implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select TWO).

    A. Perform unit testing of the binary code
    B. Perform code review over a sampling of the front end source code
    C. Perform black box penetration testing over the solution
    D. Perform grey box penetration testing over the solution
    E. Perform static code review over the front end source code

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.