Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Exambible CAS-002 answers. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.

Q91. - (Topic 3) 

When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones. 

Which of the following would impact the security of conference’s resources? 

A. Wireless network security may need to be increased to decrease access of mobile devices. 

B. Physical security may need to be increased to deter or prevent theft of mobile devices. 

C. Network security may need to be increased by reducing the number of available physical network jacks. 

D. Wireless network security may need to be decreased to allow for increased access of mobile devices. 

Answer:


Q92. - (Topic 1) 

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string: 

user@hostname:~$ sudo nmap –O 192.168.1.54 

Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device: 

TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778 

Based on this information, which of the following operating systems is MOST likely running on the unknown node? 

A. Linux 

B. Windows 

C. Solaris 

D. OSX 

Answer:


Q93. - (Topic 2) 

ODBC access to a database on a network-connected host is required. The host does not have a security mechanism to authenticate the incoming ODBC connection, and the application requires that the connection have read/write permissions. In order to further secure the data, a nonstandard configuration would need to be implemented. The information in the database is not sensitive, but was not readily accessible prior to the implementation of the ODBC connection. Which of the following actions should be taken by the security analyst? 

A. Accept the risk in order to keep the system within the company’s standard security configuration. 

B. Explain the risks to the data owner and aid in the decision to accept the risk versus choosing a nonstandard solution. 

C. Secure the data despite the need to use a security control or solution that is not within company standards. 

D. Do not allow the connection to be made to avoid unnecessary risk and avoid deviating from the standard security configuration. 

Answer:


Q94. - (Topic 4) 

The Chief Information Security Officer (CISO) regularly receives reports of a single department repeatedly violating the corporate security policy. The head of the department in question informs the CISO that the offending behaviors are a result of necessary business activities. The CISO assigns a junior security administrator to solve the issue. Which of the following is the BEST course of action for the junior security administrator to take? 

A. Work with the department head to find an acceptable way to change the business needs so the department no longer violates the corporate security policy. 

B. Draft an RFP for the purchase of a COTS product or consulting services to solve the problem through implementation of technical controls. 

C. Work with the CISO and department head to create an SLA specifying the response times of the IT security department when incidents are reported. 

D. Draft an MOU for the department head and CISO to approve, documenting the limits of the necessary behavior, and actions to be taken by both teams. 

Answer:


Q95. - (Topic 2) 

Company policy requires that all company laptops meet the following baseline requirements: 

Software requirements: 

Antivirus Anti-malware Anti-spyware Log monitoring Full-disk encryption 

Terminal services enabled for RDP 

Administrative access for local users 

Hardware restrictions: 

Bluetooth disabled 

FireWire disabled 

WiFi adapter disabled 

Ann, a web developer, reports performance issues with her laptop and is not able to access any network resources. After further investigation, a bootkit was discovered and it was trying to access external websites. Which of the following hardening techniques should be applied to mitigate this specific issue from reoccurring? (Select TWO). 

A. Group policy to limit web access 

B. Restrict VPN access for all mobile users 

C. Remove full-disk encryption 

D. Remove administrative access to local users 

E. Restrict/disable TELNET access to network resources 

F. Perform vulnerability scanning on a daily basis 

G. Restrict/disable USB access 

Answer: D,G 


Q96. - (Topic 3) 

An administrator has a system hardening policy to only allow network access to certain services, to always use similar hardware, and to protect from unauthorized application configuration changes. 

Which of the following technologies would help meet this policy requirement? (Select TWO). 

A. Spam filter 

B. Solid state drives 

C. Management interface 

D. Virtualization 

E. Host firewall 

Answer: D,E 


Q97. - (Topic 2) 

A port in a fibre channel switch failed, causing a costly downtime on the company’s primary website. Which of the following is the MOST likely cause of the downtime? 

A. The web server iSCSI initiator was down. 

B. The web server was not multipathed. 

C. The SAN snapshots were not up-to-date. 

D. The SAN replication to the backup site failed. 

Answer:


Q98. - (Topic 5) 

A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO). 

A. Privacy could be compromised as patient records can be viewed in uncontrolled areas. 

B. Device encryption has not been enabled and will result in a greater likelihood of data loss. 

C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data. 

D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes. 

E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable. 

Answer: A,D 


Q99. - (Topic 3) 

A company is preparing to upgrade its NIPS at five locations around the world. The three platforms the team plans to test, claims to have the most advanced features and lucrative pricing. 

Assuming all platforms meet the functionality requirements, which of the following methods should be used to select the BEST platform? 

A. Establish return on investment as the main criteria for selection. 

B. Run a cost/benefit analysis based on the data received from the RFP. 

C. Evaluate each platform based on the total cost of ownership. 

D. Develop a service level agreement to ensure the selected NIPS meets all performance requirements. 

Answer:


Q100. - (Topic 5) 

A security engineer at a software development company has identified several vulnerabilities in a product late in the development cycle. This causes a huge delay for the release of the product. Which of the following should the administrator do to prevent these issues from occurring in the future? 

A. Recommend switching to an SDLC methodology and perform security testing during each maintenance iteration 

B. Recommend switching to a spiral software development model and perform security testing during the requirements gathering 

C. Recommend switching to a waterfall development methodology and perform security testing during the testing phase 

D. Recommend switching to an agile development methodology and perform security testing during iterations 

Answer: