1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 651:

    An employee was terminated and promptly escorted to their exit interview, after which the employee left the building. It was later discovered that this employee had started a consulting business using screen shots of their work at the company which included live customer data. This information had been removed through the use of a USB device. After this incident, it was determined a process review must be conducted to ensure this issue does not recur. Which of the following business areas should primarily be involved in this discussion? (Select TWO).

    A. Database Administrator
    B. Human Resources
    C. Finance
    D. Network Administrator
    E. IT Management

  • Question 652:

    A business is currently in the process of upgrading its network infrastructure to accommodate a personnel growth of over fifty percent within the next six months. All preliminary planning has been completed and a risk assessment plan is being adopted to decide which security controls to put in place throughout each phase.

    Which of the following risk responses is MOST likely being considered if the business is creating an SLA with a third party?

    A. Accepting risk
    B. Mitigating risk
    C. Identifying risk
    D. Transferring risk

  • Question 653:

    CORRECT TEXT

  • Question 654:

    A security engineer wants to implement forward secrecy but still wants to ensure the number of requests handled by the web server is not drastically reduced due to the larger computational overheads. Browser compatibility is not a concern; however system performance is. Which of the following, when implemented, would BEST meet the engineer's requirements?

    A. DHE
    B. ECDHE
    C. AES128-SHA
    D. DH

  • Question 655:

    A University uses a card transaction system that allows students to purchase goods using their student ID. Students can put money on their ID at terminals throughout the campus. The security administrator was notified that computer science students have been using the network to illegally put money on their cards. The administrator would like to attempt to reproduce what the students are doing. Which of the following is the BEST course of action?

    A. Notify the transaction system vendor of the security vulnerability that was discovered.
    B. Use a protocol analyzer to reverse engineer the transaction system's protocol.
    C. Contact the computer science students and threaten disciplinary action if they continue their actions.
    D. Install a NIDS in front of all the transaction system terminals.

  • Question 656:

    An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate?

    A. Intermediate Root Certificate
    B. Wildcard Certificate
    C. EV x509 Certificate
    D. Subject Alternative Names Certificate

  • Question 657:

    A company has implemented data retention policies and storage quotas in response to their legal department's requests and the SAN administrator's recommendation. The retention policy states all email data older than 90 days should be eliminated. As there are no technical controls in place, users have been instructed to stick to a storage quota of 500Mb of network storage and 200Mb of email storage. After being presented with an e- discovery request from an opposing legal council, the security administrator discovers that the user in the suit has 1Tb of files and 300Mb of email spanning over two years. Which of the following should the security administrator provide to opposing council?

    A. Delete files and email exceeding policy thresholds and turn over the remaining files and email.
    B. Delete email over the policy threshold and hand over the remaining emails and all of the files.
    C. Provide the 1Tb of files on the network and the 300Mb of email files regardless of age.
    D. Provide the first 200Mb of e-mail and the first 500Mb of files as per policy.

  • Question 658:

    Company XYZ has invested an increasing amount in security due to the changing threat landscape. The company is going through a cost cutting exercise and the Chief Financial Officer (CFO) has queried the security budget allocated to the Chief Information Security Officer (CISO). At the same time, the CISO is actively promoting business cases for additional funding to support new initiatives. These initiatives will mitigate several security incidents that have occurred due to ineffective controls.

    A security advisor is engaged to assess the current controls framework and to provide recommendations on whether preventative, detective, or corrective controls should be implemented. How should the security advisor respond when explaining which controls to implement?

    A. Preventative controls are useful before an event occurs, detective controls are useful during an event, and corrective controls are useful after an event has occurred. A combination of controls can be used.
    B. Corrective controls are more costly to implement, but are only needed for real attacks or high value assets; therefore, controls should only be put in place after a real attack has occurred.
    C. Detective controls are less costly to implement than preventative controls; therefore, they should be encouraged wherever possible. Corrective controls are used during an event or security incident. Preventative controls are hard to achieve in practice due to current market offerings.
    D. Always advise the use of preventative controls as this will prevent security incidents from occurring in the first place. Detective and corrective controls are redundant compensating controls and are not required if preventative controls are implemented.

  • Question 659:

    A new IT company has hired a security consultant to implement a remote access system, which will enable employees to telecommute from home using both company issued as well as personal computing devices, including mobile devices. The company wants a flexible system to provide confidentiality and integrity for data in transit to the company's internally developed application GUI. Company policy prohibits employees from having administrative rights to company issued devices. Which of the following remote access solutions has the lowest technical complexity?

    A. RDP server
    B. Client-based VPN
    C. IPSec
    D. Jump box
    E. SSL VPN

  • Question 660:

    Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows:

    Delivered-To: [email protected]

    Received: by 10.14.120.205

    Mon, 1 Nov 2010 11:15:24 -0700 (PDT)

    Received: by 10.231.31.193

    Mon, 01 Nov 2010 11:15:23 -0700 (PDT)

    Return-Path:

    Received: from 127.0.0.1 for ; Mon, 1 Nov 2010 13:15:14 -0500 (envelope- from )

    Received: by smtpex.example.com (SMTP READY)

    with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500

    Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500

    From: Company

    To: "[email protected]"

    Date: Mon, 1 Nov 2010 13:15:11 -0500

    Subject: New Insurance Application

    Thread-Topic: New Insurance Application

    Please download and install software from the site below to maintain full access to your account.

    www.examplesite.com

    Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11.

    The network's subnet is 192.168.2.0/25.

    Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).

    A. Identify the origination point for malicious activity on the unauthorized mail server.
    B. Block port 25 on the firewall for all unauthorized mail servers.
    C. Disable open relay functionality.
    D. Shut down the SMTP service on the unauthorized mail server.
    E. Enable STARTTLS on the spam filter.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.