Want to know Examcollection CAS-002 Exam practice test features? Want to lear more about CompTIA CompTIA Advanced Security Practitioner (CASP) certification experience? Study Approved CompTIA CAS-002 answers to Leading CAS-002 questions at Examcollection. Gat a success with an absolute guarantee to pass CompTIA CAS-002 (CompTIA Advanced Security Practitioner (CASP)) test on your first attempt.

Q151. - (Topic 5) 

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted? 

A. The company should develop an in-house solution and keep the algorithm a secret. 

B. The company should use the CEO’s encryption scheme. 

C. The company should use a mixture of both systems to meet minimum standards. 

D. The company should use the method recommended by other respected information security organizations. 

Answer:


Q152. - (Topic 4) 

Continuous monitoring is a popular risk reduction technique in many large organizations with formal certification processes for IT projects. In order to implement continuous monitoring in an effective manner which of the following is correct? 

A. Only security related alerts should be forwarded to the network team for resolution. 

B. All logs must be centrally managed and access to the logs restricted only to data storage staff. 

C. Logging must be set appropriately and alerts delivered to security staff in a timely manner. 

D. Critical logs must be monitored hourly and adequate staff must be assigned to the network team. 

Answer:


Q153. - (Topic 1) 

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers? 

A. SSL certificate revocation 

B. SSL certificate pinning 

C. Mobile device root-kit detection 

D. Extended Validation certificates 

Answer:


Q154. - (Topic 5) 

An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials? 

A. Ensure the SaaS provider supports dual factor authentication. 

B. Ensure the SaaS provider supports encrypted password transmission and storage. 

C. Ensure the SaaS provider supports secure hash file exchange. 

D. Ensure the SaaS provider supports role-based access control. 

E. Ensure the SaaS provider supports directory services federation. 

Answer:


Q155. - (Topic 1) 

The Chief Information Officer (CIO) is reviewing the IT centric BIA and RA documentation. The documentation shows that a single 24 hours downtime in a critical business function will cost the business $2.3 million. Additionally, the business unit which depends on the critical business function has determined that there is a high probability that a threat will materialize based on historical data. The CIO’s budget does not allow for full system hardware replacement in case of a catastrophic failure, nor does it allow for the purchase of additional compensating controls. Which of the following should the CIO recommend to the finance director to minimize financial loss? 

A. The company should mitigate the risk. 

B. The company should transfer the risk. 

C. The company should avoid the risk. 

D. The company should accept the risk. 

Answer:


Q156. - (Topic 2) 

The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point? 

A. Capture process ID data and submit to anti-virus vendor for review. 

B. Reboot the Linux servers, check running processes, and install needed patches. 

C. Remove a single Linux server from production and place in quarantine. 

D. Notify upper management of a security breach. 

E. Conduct a bit level image, including RAM, of one or more of the Linux servers. 

Answer:


Q157. - (Topic 1) 

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets. 

The information security team has been a part of the department meetings and come away with the following notes: 

-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application. 

-Sales is asking for easy order tracking to facilitate feedback to customers. 

-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction. 

-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy. 

-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining. 

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption. 

Which of the following departments’ request is in contrast to the favored solution? 

A. Manufacturing 

B. Legal 

C. Sales 

D. Quality assurance 

E. Human resources 

Answer:


Q158. - (Topic 3) 

The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required. 

Which of the following BEST describes the risk assurance officer’s concerns? 

A. Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS. 

B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails. 

C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS. 

D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues. 

Answer:


Q159. - (Topic 5) 

The risk manager has requested a security solution that is centrally managed, can easily 

be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement? 

A. HIPS 

B. UTM 

C. Antivirus 

D. NIPS 

E. DLP 

Answer:


Q160. DRAG DROP - (Topic 2) 

An organization is implementing a project to simplify the management of its firewall network flows and implement security controls. The following requirements exist. Drag and drop the BEST security solution to meet the given requirements. Options may be used once or not at all. All placeholders must be filled. 

Answer: