1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 611:

    A business unit of a large enterprise has outsourced the hosting and development of a new external website which will be accessed by premium customers, in order to speed up the time to market timeline. Which of the following is the MOST appropriate?

    A. The external party providing the hosting and website development should be obligated under contract to provide a secure service which is regularly tested (vulnerability and penetration). SLAs should be in place for the resolution of newly identified vulnerabilities and a guaranteed uptime.
    B. The use of external organizations to provide hosting and web development services is not recommended as the costs are typically higher than what can be achieved internally. In addition, compliance with privacy regulations becomes more complex and guaranteed uptimes are difficult to track and measure.
    C. Outsourcing transfers all the risk to the third party. An SLA should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.
    D. Outsourcing transfers the risk to the third party, thereby minimizing the cost and any legal obligations. An MOU should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.

  • Question 612:

    A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected?

    A. The malware file's modify, access, change time properties.
    B. The timeline analysis of the file system.
    C. The time stamp of the malware in the swap file.
    D. The date/time stamp of the malware detection in the antivirus logs.

  • Question 613:

    The source workstation image for new accounting PCs has begun blue-screening. A technician notices that the date/time stamp of the image source appears to have changed. The desktop support director has asked the Information Security department to determine if any changes were made to the source image. Which of the following methods would BEST help with this process? (Select TWO).

    A. Retrieve source system image from backup and run file comparison analysis on the two images.
    B. Parse all images to determine if extra data is hidden using steganography.
    C. Calculate a new hash and compare it with the previously captured image hash.
    D. Ask desktop support if any changes to the images were made.
    E. Check key system files to see if date/time stamp is in the past six months.

  • Question 614:

    An ecommerce application on a Linux server does not properly track the number of incoming connections to the server and may leave the server vulnerable to which of following?

    A. Buffer Overflow Attack
    B. Storage Consumption Attack
    C. Denial of Service Attack
    D. Race Condition

  • Question 615:

    A small company is developing a new Internet-facing web application. The security requirements are:

    1.

    Users of the web application must be uniquely identified and authenticated.

    2.

    Users of the web application will not be added to the company's directory services.

    3.

    Passwords must not be stored in the code. Which of the following meets these requirements?

    A. Use OpenID and allow a third party to authenticate users.
    B. Use TLS with a shared client certificate for all users.
    C. Use SAML with federated directory services.
    D. Use Kerberos and browsers that support SAML.

  • Question 616:

    An administrator has four virtual guests on a host server. Two of the servers are corporate SQL servers, one is a corporate mail server, and one is a testing web server for a small group of developers. The administrator is experiencing difficulty connecting to the host server during peak network usage times. Which of the following would allow the administrator to securely connect to and manage the host server during peak usage times?

    A. Increase the virtual RAM allocation to high I/O servers.
    B. Install a management NIC and dedicated virtual switch.
    C. Configure the high I/O virtual servers to use FCoE rather than iSCSI.
    D. Move the guest web server to another dedicated host.

  • Question 617:

    It has come to the IT administrator's attention that the "post your comment" field on the company blog page has been exploited, resulting in cross-site scripting attacks against customers reading the blog. Which of the following would be the MOST effective at preventing the "post your comment" field from being exploited?

    A. Update the blog page to HTTPS
    B. Filter metacharacters
    C. Install HIDS on the server
    D. Patch the web application
    E. Perform client side input validation

  • Question 618:

    In single sign-on, the secondary domain needs to trust the primary domain to do which of the following? (Select TWO).

    A. Correctly assert the identity and authorization credentials of the end user.
    B. Correctly assert the authentication and authorization credentials of the end user.
    C. Protect the authentication credentials used to verify the end user identity to the secondary domain for unauthorized use.
    D. Protect the authentication credentials used to verify the end user identity to the secondary domain for authorized use.
    E. Protect the accounting credentials used to verify the end user identity to the secondary domain for unauthorized use.
    F. Correctly assert the identity and authentication credentials of the end user.

  • Question 619:

    Company ABC's SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new SAN?

    A. Enable multipath to increase availability
    B. Enable deduplication on the storage pools
    C. Implement snapshots to reduce virtual disk size
    D. Implement replication to offsite datacenter

  • Question 620:

    A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?

    A. Deploy new perimeter firewalls at all stores with UTM functionality.
    B. Change antivirus vendors at the store and the corporate office.
    C. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution.
    D. Deploy a proxy server with content filtering at the corporate office and route all traffic through it.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.