Most recent CAS-002 Exam Study Guides With New Update Exam Questions

Your success in CompTIA CAS-002 is our sole target and we develop all our CAS-002 braindumps in a way that facilitates the attainment of this target. Not only is our CAS-002 study material the best you can find, it is also the most detailed and the most updated. CAS-002 Practice Exams for CompTIA CASP CAS-002 are written to the highest standards of technical accuracy.


Free VCE & PDF File for CompTIA CAS-002 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:

Q101. – (Topic 3) 

As part of the ongoing information security plan in a large software development company, the Chief Information officer (CIO) has decided to review and update the company’s privacy policies and procedures to reflect the changing business environment and business requirements. 

Training and awareness of the new policies and procedures has been incorporated into the security awareness program which should be: 

A. presented by top level management to only data handling staff. 

B. customized for the various departments and staff roles. 

C. technical in nature to ensure all development staff understand the procedures. 

D. used to promote the importance of the security department. 


Q102. – (Topic 4) 

Company XYZ recently acquired a manufacturing plant from Company ABC which uses a different manufacturing ICS platform. Company XYZ has strict ICS security regulations while Company ABC does not. Which of the following approaches would the network security administrator for Company XYZ MOST likely proceed with to integrate the new manufacturing plant? 

A. Conduct a network vulnerability assessment of acquired plant ICS platform and correct all identified flaws during integration. 

B. Convert the acquired plant ICS platform to the Company XYZ standard ICS platform solely to eliminate potential regulatory conflicts. 

C. Conduct a risk assessment of the acquired plant ICS platform and implement any necessary or required controls during integration. 

D. Require Company ABC to bring their ICS platform into regulatory compliance prior to integrating the new plant into Company XYZ’s network. 


Q103. – (Topic 1) 

A security engineer is responsible for monitoring company applications for known vulnerabilities. Which of the following is a way to stay current on exploits and information security news? 

A. Update company policies and procedures 

B. Subscribe to security mailing lists 

C. Implement security awareness training 

D. Ensure that the organization vulnerability management plan is up-to-date 


Q104. – (Topic 1) 

A forensic analyst works for an e-discovery firm where several gigabytes of data are processed daily. While the business is lucrative, they do not have the resources or the scalability to adequately serve their clients. Since it is an e-discovery firm where chain of custody is important, which of the following scenarios should they consider? 

A. Offload some data processing to a public cloud 

B. Aligning their client intake with the resources available 

C. Using a community cloud with adequate controls 

D. Outsourcing the service to a third party cloud provider 


Q105. – (Topic 2) 

A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various security devices compiled from a report through the company’s security information and event management server. 


Log 1: 

Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 3 packets 

Log 2: 

HTTP:// aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 

Log 3: Security Error Alert Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream 

and has disconnected the client 

Log 4: 

Encoder oe = new OracleEncoder (); 

String query = “Select user_id FROM user_data WHERE user_name = ‘ ” 

+ oe.encode ( req.getParameter(“userID”) ) + “ ‘ and user_password = ‘ “ 

+ oe.encode ( req.getParameter(“pwd”) ) +” ‘ “; 


Buffer overflow 

SQL injection 



Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select TWO). 

A. Log 1 

B. Log 2 

C. Log 3 

D. Log 4 

E. Buffer overflow 



H. SQL injection 

Answer: B,E 

Q106. – (Topic 3) 

An administrator at a small company replaces servers whenever budget money becomes available. Over the past several years the company has acquired and still uses 20 servers and 50 desktops from five different computer manufacturers. Which of the following are management challenges and risks associated with this style of technology lifecycle management? 

A. Decreased security posture, decommission of outdated hardware, inability to centrally manage, and performance bottlenecks on old hardware. 

B. Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware. 

C. OS end-of-support issues, ability to backup data, hardware parts availability, and firmware update availability and management. 

D. Inability to use virtualization, trusted OS complexities, and multiple patch versions based on OS dependency. 


Q107. – (Topic 4) 

A Linux security administrator is attempting to resolve performance issues with new software installed on several baselined user systems. After investigating, the security administrator determines that the software is not initializing or executing correctly. For security reasons, the company has implemented trusted operating systems with the goal of preventing unauthorized changes to the configuration baseline. The MOST likely cause of this problem is that SE Linux is set to: 

A. Enforcing mode with an incorrectly configured policy. 

B. Enforcing mode with no policy configured. 

C. Disabled with a correctly configured policy. 

D. Permissive mode with an incorrectly configured policy. 


Q108. – (Topic 1) 

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers? 

A. SSL certificate revocation 

B. SSL certificate pinning 

C. Mobile device root-kit detection 

D. Extended Validation certificates 


Q109. – (Topic 1) 

A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card details. Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input? 

A. Client side input validation 

B. Stored procedure 

C. Encrypting credit card details 

D. Regular expression matching 


Q110. – (Topic 3) 

A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention. Which of the following recommendations should the consultant provide to the security administrator? 

A. Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ. 

B. Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ. 

C. Disable AH. Enable ESP on the internal network, and use NIPS on both networks. 

D. Enable ESP on the internal network, and place NIPS on both networks.