Our pass rate is high to 98.9% and the similarity percentage between our CAS-002 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA CAS-002 exam in just one try? I am currently studying for the CompTIA CAS-002 exam. Latest CompTIA CAS-002 Test exam practice questions and answers, Try CompTIA CAS-002 Brain Dumps First.

Q81. - (Topic 5) 

A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self service functionality. The application has been written by developers over the last six months and the project is currently in the test phase. 

Which of the following security activities should be implemented as part of the SDL in order to provide the MOST security coverage over the solution? (Select TWO). 

A. Perform unit testing of the binary code 

B. Perform code review over a sampling of the front end source code 

C. Perform black box penetration testing over the solution 

D. Perform grey box penetration testing over the solution 

E. Perform static code review over the front end source code 

Answer: D,E 


Q82. - (Topic 1) 

The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements? 

A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator. 

B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud. 

C. A SaaS based firewall which logs to the company’s local storage via SSL, and is managed by the change control team. 

D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware. 

Answer:


Q83. - (Topic 5) 

The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53? 

A. PING 

B. NESSUS 

C. NSLOOKUP 

D. NMAP 

Answer:


Q84. - (Topic 2) 

The risk manager at a small bank wants to use quantitative analysis to determine the ALE of running a business system at a location which is subject to fires during the year. A risk analyst reports to the risk manager that the asset value of the business system is $120,000 and, based on industry data, the exposure factor to fires is only 20% due to the fire suppression system installed at the site. Fires occur in the area on average every four years. Which of the following is the ALE? 

A. $6,000 

B. $24,000 

C. $30,000 

D. $96,000 

Answer:


Q85. - (Topic 5) 

A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO). 

A. Demonstration of IPS system 

B. Review vendor selection process 

C. Calculate the ALE for the event 

D. Discussion of event timeline 

E. Assigning of follow up items 

Answer: D,E 


Q86. - (Topic 4) 

Ann, a Physical Security Manager, is ready to replace all 50 analog surveillance cameras with IP cameras with built-in web management. Ann has several security guard desks on different networks that must be able to view the cameras without unauthorized people viewing the video as well. The selected IP camera vendor does not have the ability to authenticate users at the camera level. Which of the following should Ann suggest to BEST secure this environment? 

A. Create an IP camera network and deploy NIPS to prevent unauthorized access. 

B. Create an IP camera network and only allow SSL access to the cameras. 

C. Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras. 

D. Create an IP camera network and restrict access to cameras from a single management host. 

Answer:


Q87. - (Topic 2) 

A medical device manufacturer has decided to work with another international organization to develop the software for a new robotic surgical platform to be introduced into hospitals within the next 12 months. In order to ensure a competitor does not become aware, management at the medical device manufacturer has decided to keep it secret until formal contracts are signed. Which of the following documents is MOST likely to contain a description of the initial terms and arrangement and is not legally enforceable? 

A. OLA 

B. BPA 

C. SLA 

D. SOA 

E. MOU 

Answer:


Q88. - (Topic 1) 

A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs. Which of the following will meet this goal without requiring any hardware pass-through implementations? 

A. vTPM 

B. HSM 

C. TPM 

D. INE 

Answer:


Q89. - (Topic 4) 

An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendor’s RFP responses is in-line with the security and other requirements. Which of the following should the security administrator do to ensure the firewall platform is appropriate for the Association? 

A. Correlate current industry research with the RFP responses to ensure validity. 

B. Create a lab environment to evaluate each of the three firewall platforms. 

C. Benchmark each firewall platform’s capabilities and experiences with similar sized companies. 

D. Develop criteria and rate each firewall platform based on information in the RFP responses. 

Answer:


Q90. - (Topic 5) 

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string: 

user@hostname:~$ sudo nmap –O 192.168.1.54 Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device: 

TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778 

Based on this information, which of the following operating systems is MOST likely running on the unknown node? 

A. Linux 

B. Windows 

C. Solaris 

D. OSX 

Answer: