Cause all that matters here is passing the CompTIA CAS-002 exam. Cause all that you need is a high score of CAS-002 CompTIA Advanced Security Practitioner (CASP) exam. The only one thing you need to do is downloading Exambible CAS-002 exam study guides now. We will not let you down with our money-back guarantee.

Q121. - (Topic 2) 

A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is concerned about the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a downside of using presence technology? 

A. Insider threat 

B. Network reconnaissance 

C. Physical security 

D. Industrial espionage 


Q122. CORRECT TEXT - (Topic 4) 

The IDS has detected abnormal behavior on this network. Click on the network devices to view device information. Based on this information, the following tasks should be completed: 

1. Select the server that is a victim of a cross-site scripting (XSS) attack. 

2 Select the source of the brute force password attack. 

3. Modify the access control list (ACL) on the router(s) to ONLY block the XSS attack. 

Instructions: Simulations can be reset at anytime to the initial state: however, all selections will be deleted 

Answer: Please review following steps: 

Q123. - (Topic 4) 

A general insurance company wants to set up a new online business. The requirements are that the solution needs to be: 

The conceptual solution architecture has specified that the application will consist of a traditional three tiered architecture for the front end components, an ESB to provide services, data transformation capability and legacy system integration and a web services gateway. 

Which of the following security components will BEST meet the above requirements and fit into the solution architecture? (Select TWO). 

A. Implement WS-Security for services authentication and XACML for service authorization. 

B. Use end-to-end application level encryption to encrypt all fields and store them encrypted in the database. 

C. Implement a certificate based solution on a smart card in combination with a PIN to provide authentication and authorization of users. 

D. Implement WS-Security as a federated single sign-on solution for authentication authorization of users. 

E. Implement SSL encryption for all sensitive data flows and encryption of passwords of the data at rest. 

F. Use application level encryption to encrypt sensitive fields, SSL encryption on sensitive flows, and database encryption for sensitive data storage. 

Answer: A,F 

Q124. - (Topic 4) 

A corporation implements a mobile device policy on smartphones that utilizes a white list for allowed applications. Recently, the security administrator notices that a consumer cloud based storage application has been added to the mobile device white list. Which of the following security implications should the security administrator cite when recommending the application’s removal from the white list? 

A. Consumer cloud storage systems retain local copies of each file on the smartphone, as well as in the cloud, causing a potential data breach if the phone is lost or stolen. 

B. Smartphones can export sensitive data or import harmful data with this application causing the potential for DLP or malware issues. 

C. Consumer cloud storage systems could allow users to download applications to the smartphone. Installing applications this way would circumvent the application white list. 

D. Smartphones using consumer cloud storage are more likely to have sensitive data remnants on them when they are repurposed. 


Q125. - (Topic 1) 

An insurance company is looking to purchase a smaller company in another country. Which of the following tasks would the security administrator perform as part of the security due diligence? 

A. Review switch and router configurations 

B. Review the security policies and standards 

C. Perform a network penetration test 

D. Review the firewall rule set and IPS logs 


Q126. - (Topic 3) 

An architect has been engaged to write the security viewpoint of a new initiative. Which of the following BEST describes a repeatable process that can be used for establishing the security architecture? 

A. Inspect a previous architectural document. Based on the historical decisions made, consult the architectural control and pattern library within the organization and select the controls that appear to best fit this new architectural need. 

B. Implement controls based on the system needs. Perform a risk analysis of the system. For any remaining risks, perform continuous monitoring. 

C. Classify information types used within the system into levels of confidentiality, integrity, and availability. Determine minimum required security controls. Conduct a risk analysis. Decide on which security controls to implement. 

D. Perform a risk analysis of the system. Avoid extreme risks. Mitigate high risks. Transfer medium risks and accept low risks. Perform continuous monitoring to ensure that the system remains at an adequate security posture. 


Q127. - (Topic 5) 

A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. However, comparing a hash of the infected files with the original, non-infected files which were restored from backup, shows that the hash is the same. Which of the following explains this? 

A. The infected files were using obfuscation techniques to evade detection by antivirus software. 

B. The infected files were specially crafted to exploit a collision in the hash function. 

C. The infected files were using heuristic techniques to evade detection by antivirus software. 

D. The infected files were specially crafted to exploit diffusion in the hash function. 


491. - (Topic 5) 

The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary? 

A. The corporate network is the only network that is audited by regulators and customers. 

B. The aggregation of employees on a corporate network makes it a more valuable target for attackers. 

C. Home networks are unknown to attackers and less likely to be targeted directly. 

D. Employees are more likely to be using personal computers for general web browsing when they are at home. 


Q128. - (Topic 2) 

A system administrator has just installed a new Linux distribution. The distribution is configured to be “secure out of the box”. The system administrator cannot make updates to certain system files and services. Each time changes are attempted, they are denied and a system error is generated. Which of the following troubleshooting steps should the security administrator suggest? 

A. Review settings in the SELinux configuration files 

B. Reset root permissions on systemd files 

C. Perform all administrative actions while logged in as root 

D. Disable any firewall software before making changes 


Q129. - (Topic 3) 

New zero-day attacks are announced on a regular basis against a broad range of technology systems. Which of the following best practices should a security manager do to manage the risks of these attack vectors? (Select TWO). 

A. Establish an emergency response call tree. 

B. Create an inventory of applications. 

C. Backup the router and firewall configurations. 

D. Maintain a list of critical systems. 

E. Update all network diagrams. 

Answer: B,D 

Q130. - (Topic 2) 

A large company is preparing to merge with a smaller company. The smaller company has been very profitable, but the smaller company’s main applications were created in-house. Which of the following actions should the large company’s security administrator take in preparation for the merger? 

A. A review of the mitigations implemented from the most recent audit findings of the smaller company should be performed. 

B. An ROI calculation should be performed to determine which company's application should be used. 

C. A security assessment should be performed to establish the risks of integration or co-existence. 

D. A regression test should be performed on the in-house software to determine security risks associated with the software.