Want to know Testking CAS-002 Exam practice test features? Want to lear more about CompTIA CompTIA Advanced Security Practitioner (CASP) certification experience? Study Download CompTIA CAS-002 answers to Most up-to-date CAS-002 questions at Testking. Gat a success with an absolute guarantee to pass CompTIA CAS-002 (CompTIA Advanced Security Practitioner (CASP)) test on your first attempt.

Q131. - (Topic 3) 

A company receives a subpoena for email that is four years old. Which of the following should the company consult to determine if it can provide the email in question? 

A. Data retention policy 

B. Business continuity plan 

C. Backup and archive processes 

D. Electronic inventory 


Q132. - (Topic 1) 

A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO’s requirement? 




D. Syslog-ng 



Q133. - (Topic 5) 

An organization has decided to reduce labor costs by outsourcing back office processing of credit applications to a provider located in another country. Data sovereignty and privacy concerns raised by the security team resulted in the third-party provider only accessing and processing the data via remote desktop sessions. To facilitate communications and improve productivity, staff at the third party has been provided with corporate email accounts that are only accessible via the remote desktop sessions. Email forwarding is blocked and staff at the third party can only communicate with staff within the organization. Which of the following additional controls should be implemented to prevent data loss? (Select THREE). 

A. Implement hashing of data in transit 

B. Session recording and capture 

C. Disable cross session cut and paste 

D. Monitor approved credit accounts 

E. User access audit reviews 

F. Source IP whitelisting 

Answer: C,E,F 

Q134. - (Topic 2) 

An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate? 

A. Intermediate Root Certificate 

B. Wildcard Certificate 

C. EV x509 Certificate 

D. Subject Alternative Names Certificate 


Q135. - (Topic 2) 

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability? 

A. Source code vulnerability scanning 

B. Time-based access control lists 

C. ISP to ISP network jitter 

D. File-size validation 

E. End to end network encryption 


Q136. - (Topic 4) 

Three companies want to allow their employees to seamlessly connect to each other’s wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companies’ wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement? 

A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation. 

B. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID. 

C. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates. 

D. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller. 


Q137. - (Topic 2) 

A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the BEST description of why this is true? 

A. Commercially available software packages are typically well known and widely available. Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid lawsuits. 

B. Commercially available software packages are often widely available. Information concerning vulnerabilities is often kept internal to the company that developed the software. 

C. Commercially available software packages are not widespread and are only available in limited areas. Information concerning vulnerabilities is often ignored by business managers. 

D. Commercially available software packages are well known and widely available. Information concerning vulnerabilities and viable attack patterns are always shared within the IT community. 


Q138. - (Topic 4) 

The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take? 

A. Address the security concerns through the network design and security controls. 

B. Implement mitigations to the security risks and address the poor communications on the team with the project manager. 

C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager. 

D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect. 


Q139. - (Topic 4) 

A new IDS device is generating a very large number of irrelevant events. Which of the following would BEST remedy this problem? 

A. Change the IDS to use a heuristic anomaly filter. 

B. Adjust IDS filters to decrease the number of false positives. 

C. Change the IDS filter to data mine the false positives for statistical trending data. 

D. Adjust IDS filters to increase the number of false negatives. 


Q140. - (Topic 1) 

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company’s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE). 

A. Business or technical justification for not implementing the requirements. 

B. Risks associated with the inability to implement the requirements. 

C. Industry best practices with respect to the technical implementation of the current controls. 

D. All sections of the policy that may justify non-implementation of the requirements. 

E. A revised DRP and COOP plan to the exception form. 

F. Internal procedures that may justify a budget submission to implement the new requirement. 

G. Current and planned controls to mitigate the risks. 

Answer: A,B,G