1. Home
  2. CompTIA
  3. CAS-002

CompTIA CAS-002 Online Practice Questions and Exam Preparation

CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 61:

    The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?

    A. HIPS
    B. UTM
    C. Antivirus
    D. NIPS
    E. DLP

  • Question 62:

    The Chief Information Security Officer (CISO) has just returned from attending a security conference and now wants to implement a Security Operations Center (SOC) to improve and coordinate the detection of unauthorized access to the enterprise. The CISO's biggest concern is the increased number of attacks that the current infrastructure cannot detect. Which of the following is MOST likely to be used in a SOC to address the CISO's concerns?

    A. DLP, Analytics, SIEM, Forensics, NIPS, HIPS, WIPS and eGRC
    B. Forensics, White box testing, Log correlation, HIDS, and SSO
    C. Vulnerability assessments, NIDP, HIDS, SCAP, Analytics and SIEM
    D. eGRC, WIPS, Federated ID, Network enumerator, NIPS and Port Scanners

  • Question 63:

    A small company has a network with 37 workstations, 3 printers, a 48 port switch, an enterprise class router, and a firewall at the boundary to the ISP. The workstations have the latest patches and all have up- to-date anti-virus software. User authentication is a two-factor system with fingerprint scanners and passwords. Sensitive data on each workstation is encrypted. The network is configured to use IPv4 and is a standard Ethernet network. The network also has a captive portal based wireless hot-spot to accommodate visitors. Which of the following is a problem with the security posture of this company?

    A. No effective controls in place
    B. No transport security controls are implemented
    C. Insufficient user authentication controls are implemented
    D. IPv6 is not incorporated in the network

  • Question 64:

    A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplify the underlying complexity. Which of the following is the MOST suitable integration platform to provide event-driven and standards- based secure software architecture?

    A. Service oriented architecture (SOA)
    B. Federated identities
    C. Object request broker (ORB)
    D. Enterprise service bus (ESB)

  • Question 65:

    The risk committee has endorsed the adoption of a security system development life cycle (SSDLC) designed to ensure compliance with PCI-DSS, HIPAA, and meet the organization's mission. Which of the following BEST describes the correct order of implementing a five phase SSDLC?

    A. Initiation, assessment/acquisition, development/implementation, operations/maintenance and sunset.
    B. Initiation, acquisition/development, implementation/assessment, operations/maintenance and sunset.
    C. Assessment, initiation/development, implementation/assessment, operations/maintenance and disposal.
    D. Acquisition, initiation/development, implementation/assessment, operations/maintenance and disposal.

  • Question 66:

    A security tester is testing a website and performs the following manual query:

    https://www.comptia.com/cookies.jsp?products=5%20and%201=1

    The following response is received in the payload:

    "ORA-000001: SQL command not properly ended"

    Which of the following is the response an example of?

    A. Fingerprinting
    B. Cross-site scripting
    C. SQL injection
    D. Privilege escalation

  • Question 67:

    Company ABC is planning to outsource its Customer Relationship Management system (CRM) and marketing / leads management to Company XYZ. Which of the following is the MOST important to be considered before going ahead with the service?

    A. Internal auditors have approved the outsourcing arrangement.
    B. Penetration testing can be performed on the externally facing web system.
    C. Ensure there are security controls within the contract and the right to audit.
    D. A physical site audit is performed on Company XYZ's management / operation.

  • Question 68:

    An administrator implements a new PHP application into an existing website and discovers the newly added PHP pages do not work. The rest of the site also uses PHP and is functioning correctly. The administrator tested the new application

    on their personal workstation thoroughly before uploading to the server and did not run into any errors. Checking the Apache configuration file, the administrator verifies that the new virtual directory is added as listed:

    DocumentRoot "/var/www"

    AllowOveride none

    Order allow, deny

    Allow from all

    Which of the following is MOST likely occurring so that this application does not run properly?

    A. PHP is overriding the Apache security settings.
    B. SELinux is preventing HTTP access to home directories.
    C. PHP has not been restarted since the additions were added.
    D. The directory had an explicit allow statement rather than the implicit deny.

  • Question 69:

    A facilities manager has observed varying electric use on the company's metered service lines. The facility management rarely interacts with the IT department unless new equipment is being delivered. However, the facility manager thinks that there is a correlation between spikes in electric use and IT department activity. Which of the following business processes and/or practices would provide better management of organizational resources with the IT department's needs? (Select TWO).

    A. Deploying a radio frequency identification tagging asset management system
    B. Designing a business resource monitoring system
    C. Hiring a property custodian
    D. Purchasing software asset management software
    E. Facility management participation on a change control board
    F. Rewriting the change board charter
    G. Implementation of change management best practices

  • Question 70:

    A security administrator is assessing a new application. The application uses an API that is supposed to encrypt text strings that are stored in memory. How might the administrator test that the strings are indeed encrypted in memory?

    A. Use fuzzing techniques to examine application inputs
    B. Run nmap to attach to application memory
    C. Use a packet analyzer to inspect the strings
    D. Initiate a core dump of the application
    E. Use an HTTP interceptor to capture the text strings

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.