How Does Examcollection CompTIA CAS-002 test Work?

Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading {brand} CAS-002 exam study guides now. We will not let you down with our money-back guarantee.

♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam
(Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:

2017 Mar CAS-002 Study Guide Questions:

Q51. – (Topic 3) 

An IT administrator wants to restrict DNS zone transfers between two geographically dispersed, external company DNS name servers, and has decided to use TSIG. Which of the following are critical when using TSIG? (Select TWO). 

A. Periodic key changes once the initial keys are established between the DNS name servers. 

B. Secure exchange of the key values between the two DNS name servers. 

C. A secure NTP source used by both DNS name servers to avoid message rejection. 

D. DNS configuration files on both DNS name servers must be identically encrypted. 

E. AES encryption with a SHA1 hash must be used to encrypt the configuration files on both DNS name servers. 

Answer: B,C 

Q52. – (Topic 1) 

A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame for whose fault it was that the incident occurred. In which part of the incident response phase would this be addressed in a controlled and productive manner? 

A. During the Identification Phase 

B. During the Lessons Learned phase 

C. During the Containment Phase 

D. During the Preparation Phase 

Answer: B 

Q53. – (Topic 5) 

A security company is developing a new cloud-based log analytics platform. Its purpose is to allow: 

Customers to upload their log files to the “big data” platform 

Customers to perform remote log search 

Customers to integrate into the platform using an API so that third party business intelligence tools can be used for the purpose of trending, insights, and/or discovery 

Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE). 

A. Secure storage and transmission of API keys 

B. Secure protocols for transmission of log files and search results 

C. At least two years retention of log files in case of e-discovery requests 

D. Multi-tenancy with RBAC support 

E. Sanitizing filters to prevent upload of sensitive log file contents 

F. Encrypted storage of all customer log files 

Answer: A,B,D 

CAS-002 practice test

Up to date CAS-002 exam cram:

Q54. CORRECT TEXT – (Topic 3) 

An administrator wants to install a patch to an application. Given the scenario, download, verify and install the patch in the most secure manner. Instructions The last install that is completed will be the final submission 

Answer: You need to check the hash value of download software with md5 utility. 

Q55. – (Topic 3) 

A WAF without customization will protect the infrastructure from which of the following attack combinations? 

A. DDoS, DNS poisoning, Boink, Teardrop 

B. Reflective XSS, HTTP exhaustion, Teardrop 

C. SQL Injection, DOM based XSS, HTTP exhaustion 

D. SQL Injection, CSRF, Clickjacking 

Answer: C 

Q56. – (Topic 4) 

After being informed that the company DNS is unresponsive, the system administrator issues the following command from a Linux workstation: 

Once at the command prompt, the administrator issues the below commanD. 

Which of the following is true about the above situation? 

A. The administrator must use the sudo command in order to restart the service. 

B. The administrator used the wrong SSH port to restart the DNS server. 

C. The service was restarted correctly, but it failed to bind to the network interface. 

D. The service did not restart because the bind command is privileged. 

Answer: A 

CAS-002 exam cost

100% Guarantee CAS-002 questions:

Q57. – (Topic 5) 

The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53? 





Answer: D 

Q58. – (Topic 4) 

Which of the following protocols only facilitates access control? A. XACML 

B. Kerberos 



Answer: A 

Q59. – (Topic 2) 

An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are: 

1. Each lab must be on a separate network segment. 

2. Labs must have access to the Internet, but not other lab networks. 

3. Student devices must have network access, not simple access to hosts on the lab networks. 

4. Students must have a private certificate installed before gaining access. 

5. Servers must have a private certificate installed locally to provide assurance to the students. 

6. All students must use the same VPN connection profile. 

Which of the following components should be used to achieve the design in conjunction with directory services? 

A. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment 

B. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment 

C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment 

D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment 

Answer: C 

Q60. – (Topic 5) 

A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO). 

A. Privacy could be compromised as patient records can be viewed in uncontrolled areas. 

B. Device encryption has not been enabled and will result in a greater likelihood of data loss. 

C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data. 

D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes. 

E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable. 

Answer: A,D