Your success in CompTIA CAS-002 is our sole target and we develop all our CAS-002 braindumps in a way that facilitates the attainment of this target. Not only is our CAS-002 study material the best you can find, it is also the most detailed and the most updated. CAS-002 Practice Exams for CompTIA CASP CAS-002 are written to the highest standards of technical accuracy.
2017 NEW RECOMMEND
Free VCE & PDF File for CompTIA CAS-002 Real Exam
Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions
Q101. – (Topic 3)
As part of the ongoing information security plan in a large software development company, the Chief Information officer (CIO) has decided to review and update the companyâs privacy policies and procedures to reflect the changing business environment and business requirements.
Training and awareness of the new policies and procedures has been incorporated into the security awareness program which should be:
A. presented by top level management to only data handling staff.
B. customized for the various departments and staff roles.
C. technical in nature to ensure all development staff understand the procedures.
D. used to promote the importance of the security department.
Q102. – (Topic 4)
Company XYZ recently acquired a manufacturing plant from Company ABC which uses a different manufacturing ICS platform. Company XYZ has strict ICS security regulations while Company ABC does not. Which of the following approaches would the network security administrator for Company XYZ MOST likely proceed with to integrate the new manufacturing plant?
A. Conduct a network vulnerability assessment of acquired plant ICS platform and correct all identified flaws during integration.
B. Convert the acquired plant ICS platform to the Company XYZ standard ICS platform solely to eliminate potential regulatory conflicts.
C. Conduct a risk assessment of the acquired plant ICS platform and implement any necessary or required controls during integration.
D. Require Company ABC to bring their ICS platform into regulatory compliance prior to integrating the new plant into Company XYZâs network.
Q103. – (Topic 1)
A security engineer is responsible for monitoring company applications for known vulnerabilities. Which of the following is a way to stay current on exploits and information security news?
A. Update company policies and procedures
B. Subscribe to security mailing lists
C. Implement security awareness training
D. Ensure that the organization vulnerability management plan is up-to-date
Q104. – (Topic 1)
A forensic analyst works for an e-discovery firm where several gigabytes of data are processed daily. While the business is lucrative, they do not have the resources or the scalability to adequately serve their clients. Since it is an e-discovery firm where chain of custody is important, which of the following scenarios should they consider?
A. Offload some data processing to a public cloud
B. Aligning their client intake with the resources available
C. Using a community cloud with adequate controls
D. Outsourcing the service to a third party cloud provider
Q105. – (Topic 2)
A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various security devices compiled from a report through the companyâs security information and event management server.
Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 10.2.5.81 3 packets
Log 3: Security Error Alert Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream
and has disconnected the client
Encoder oe = new OracleEncoder ();
String query = âSelect user_id FROM user_data WHERE user_name = â â
+ oe.encode ( req.getParameter(âuserIDâ) ) + â â and user_password = â â
+ oe.encode ( req.getParameter(âpwdâ) ) +â â â;
Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select TWO).
A. Log 1
B. Log 2
C. Log 3
D. Log 4
E. Buffer overflow
H. SQL injection
Q106. – (Topic 3)
An administrator at a small company replaces servers whenever budget money becomes available. Over the past several years the company has acquired and still uses 20 servers and 50 desktops from five different computer manufacturers. Which of the following are management challenges and risks associated with this style of technology lifecycle management?
A. Decreased security posture, decommission of outdated hardware, inability to centrally manage, and performance bottlenecks on old hardware.
B. Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware.
C. OS end-of-support issues, ability to backup data, hardware parts availability, and firmware update availability and management.
D. Inability to use virtualization, trusted OS complexities, and multiple patch versions based on OS dependency.
Q107. – (Topic 4)
A Linux security administrator is attempting to resolve performance issues with new software installed on several baselined user systems. After investigating, the security administrator determines that the software is not initializing or executing correctly. For security reasons, the company has implemented trusted operating systems with the goal of preventing unauthorized changes to the configuration baseline. The MOST likely cause of this problem is that SE Linux is set to:
A. Enforcing mode with an incorrectly configured policy.
B. Enforcing mode with no policy configured.
C. Disabled with a correctly configured policy.
D. Permissive mode with an incorrectly configured policy.
Q108. – (Topic 1)
A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers?
A. SSL certificate revocation
B. SSL certificate pinning
C. Mobile device root-kit detection
D. Extended Validation certificates
Q109. – (Topic 1)
A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card details. Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input?
A. Client side input validation
B. Stored procedure
C. Encrypting credit card details
D. Regular expression matching
Q110. – (Topic 3)
A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention. Which of the following recommendations should the consultant provide to the security administrator?
A. Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.
B. Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.
C. Disable AH. Enable ESP on the internal network, and use NIPS on both networks.
D. Enable ESP on the internal network, and place NIPS on both networks.