CAS-002 Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CAS-002 Online Questions & Answers

  • Question 711:

    Warehouse users are reporting performance issues at the end of each month when trying to access cloud applications to complete their end of the month financial reports. They have no problem accessing those applications at the beginning

    of the month.

    Network information:

    DMZ network ?192.168.5.0/24

    VPN network ?192.168.1.0/24

    Datacenter ?192.168.2.0/24

    User network - 192.168.3.0/24

    HR network ?192.168.4.0/24

    Warehouse network ?192.168.6.0/24

    Finance network 192.168.7.0/24

    Traffic shaper configuration:

    VLAN Bandwidth limit (Mbps)

    VPN50

    User175

    HR220

    Finance230

    Warehouse75

    Guest50

    External firewall allows all networks to access the Internet.

    Internal Firewall Rules:

    ActionSourceDestination

    Permit192.168.1.0/24192.168.2.0/24

    Permit192.168.1.0/24192.168.3.0/24

    Permit192.168.1.0/24192.168.5.0/24

    Permit192.168.2.0/24192.168.1.0/24

    Permit192.168.3.0/24192.168.1.0/24

    Permit192.168.5.0/24192.168.1.0/24

    Permit192.168.4.0/24192.168.7.0/24

    Permit192.168.7.0/24192.168.4.0/24

    Permit192.168.7.0/24any

    Deny192.168.4.0/24any

    Deny192.168.1.0/24192.168.4.0/24

    Denyanyany

    Which of the following restrictions is the MOST likely cause?

    A. Bandwidth limit on the traffic shaper for the finance department
    B. Proxy server preventing the warehouse from accessing cloud applications
    C. Deny statements in the firewall for the warehouse network
    D. Bandwidth limit on the traffic shaper for the warehouse department

  • Question 712:

    A bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/ JSON calls. The bank wants to ensure that the communication is stateless between the mobile application and the web services gateway. Which of the following controls MUST be implemented to enable stateless communication?

    A. Generate a one-time key as part of the device registration process.
    B. Require SSL between the mobile application and the web services gateway.
    C. The jsession cookie should be stored securely after authentication.
    D. Authentication assertion should be stored securely on the client.

  • Question 713:

    After three vendors submit their requested documentation, the CPO and the SPM can better understand what each vendor does and what solutions that they can provide. But now they want to see the intricacies of how these solutions can adequately match the requirements needed by the firm. Upon the directive of the CPO, the CISO should submit which of the following to the three submitting firms?

    A. A TandM contract
    B. An RFP
    C. A FFP agreement
    D. A new RFQ

  • Question 714:

    A small company has recently placed a newly installed DNS server on the DMZ and wants to secure it by allowing Internet hosts to query the DNS server. Since the company deploys an internal DNS server, all DNS queries to that server coming from the company network should be blocked. An IT administrator has placed the following ACL on the company firewall:

    Testing shows that the DNS server in the DMZ is not working. Which of the following should the administrator do to resolve the problem?

    A. Modify the SRC and DST ports of ACL 1
    B. Modify the SRC IP of ACL 1 to 0.0.0.0/32
    C. Modify the ACTION of ACL 2 to Permit
    D. Modify the PROTO of ACL 1 to TCP

  • Question 715:

    A port in a fibre channel switch failed, causing a costly downtime on the company's primary website. Which of the following is the MOST likely cause of the downtime?

    A. The web server iSCSI initiator was down.
    B. The web server was not multipathed.
    C. The SAN snapshots were not up-to-date.
    D. The SAN replication to the backup site failed.

  • Question 716:

    An architect has been engaged to write the security viewpoint of a new initiative. Which of the following BEST describes a repeatable process that can be used for establishing the security architecture?

    A. Inspect a previous architectural document. Based on the historical decisions made, consult the architectural control and pattern library within the organization and select the controls that appear to best fit this new architectural need.
    B. Implement controls based on the system needs. Perform a risk analysis of the system. For any remaining risks, perform continuous monitoring.
    C. Classify information types used within the system into levels of confidentiality, integrity, and availability. Determine minimum required security controls. Conduct a risk analysis. Decide on which security controls to implement.
    D. Perform a risk analysis of the system. Avoid extreme risks. Mitigate high risks. Transfer medium risks and accept low risks. Perform continuous monitoring to ensure that the system remains at an adequate security posture.

  • Question 717:

    Wireless users are reporting issues with the company's video conferencing and VoIP systems. The security administrator notices DOS attacks on the network that are affecting the company's VoIP system (i.e. premature call drops and garbled call signals). The security administrator also notices that the SIP servers are unavailable during these attacks. Which of the following security controls will MOST likely mitigate the VoIP DOS attacks on the network? (Select TWO).

    A. Configure 802.11b on the network
    B. Configure 802.1q on the network
    C. Configure 802.11e on the network
    D. Update the firewall managing the SIP servers
    E. Update the HIDS managing the SIP servers

  • Question 718:

    The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

    A. Review the flow data against each server's baseline communications profile.
    B. Configure the server logs to collect unusual activity including failed logins and restarted services.
    C. Correlate data loss prevention logs for anomalous communications from the server.
    D. Setup a packet capture on the firewall to collect all of the server communications.

  • Question 719:

    A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organization's configuration management process using?

    A. Agile
    B. SDL
    C. Waterfall
    D. Joint application development

  • Question 720:

    Which of the following attacks does Unicast Reverse Path Forwarding prevent?

    A. Man in the Middle
    B. ARP poisoning
    C. Broadcast storm
    D. IP Spoofing

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.