Proper study guides for Improved CompTIA CompTIA Advanced Security Practitioner (CASP) certified begins with CompTIA CAS-002 preparation products which designed to deliver the Best Quality CAS-002 questions by making you pass the CAS-002 test at your first time. Try the free CAS-002 demo right now.

Q221. - (Topic 2) 

The Chief Information Security Officer (CISO) at a large organization has been reviewing some security-related incidents at the organization and comparing them to current industry trends. The desktop security engineer feels that the use of USB storage devices on office computers has contributed to the frequency of security incidents. The CISO knows the acceptable use policy prohibits the use of USB storage devices. Every user receives a popup warning about this policy upon login. The SIEM system produces a report of USB violations on a monthly basis; yet violations continue to occur. Which of the following preventative controls would MOST effectively mitigate the logical risks associated with the use of USB storage devices? 

A. Revise the corporate policy to include possible termination as a result of violations 

B. Increase the frequency and distribution of the USB violations report 

C. Deploy PKI to add non-repudiation to login sessions so offenders cannot deny the offense 

D. Implement group policy objects 


Q222. - (Topic 5) 

A large organization that builds and configures every data center against distinct requirements loses efficiency, which results in slow response time to resolve issues. However, total uniformity presents other problems. Which of the following presents the GREATEST risk when consolidating to a single vendor or design solution? 

A. Competitors gain an advantage by increasing their service offerings. 

B. Vendor lock in may prevent negotiation of lower rates or prices. 

C. Design constraints violate the principle of open design. 

D. Lack of diversity increases the impact of specific events or attacks. 


Q223. - (Topic 2) 

A security manager is looking into the following vendor proposal for a cloud-based SIEM solution. The intention is that the cost of the SIEM solution will be justified by having reduced the number of incidents and therefore saving on the amount spent investigating incidents. 


External cloud-based software as a service subscription costing $5,000 per month. Expected to reduce the number of current incidents per annum by 50%. 

The company currently has ten security incidents per annum at an average cost of $10,000 per incident. Which of the following is the ROI for this proposal after three years? 

A. -$30,000 

B. $120,000 

C. $150,000 

D. $180,000 


Q224. - (Topic 3) 

An organization has had component integration related vulnerabilities exploited in consecutive releases of the software it hosts. The only reason the company was able to identify the compromises was because of a correlation of slow server performance and an attentive security analyst noticing unusual outbound network activity from the application servers. End-to-end management of the development process is the responsibility of the applications development manager and testing is done by various teams of programmers. Which of the following will MOST likely reduce the likelihood of similar incidents? 

A. Conduct monthly audits to verify that application modifications do not introduce new vulnerabilities. 

B. Implement a peer code review requirement prior to releasing code into production. 

C. Follow secure coding practices to minimize the likelihood of creating vulnerable applications. 

D. Establish cross-functional planning and testing requirements for software development activities. 


Q225. - (Topic 5) 

An IT administrator has been tasked with implementing an appliance-based web proxy server to control external content accessed by internal staff. Concerned with the threat of corporate data leakage via web-based email, the IT administrator wants to decrypt all outbound HTTPS sessions and pass the decrypted content to an ICAP server for inspection by the corporate DLP software. Which of the following is BEST at protecting the internal certificates used in the decryption process? 








Q226. - (Topic 2) 

Ann is testing the robustness of a marketing website through an intercepting proxy. She has intercepted the following HTTP request: 

POST /login.aspx HTTP/1.1 


Content-type: text/html 


Which of the following should Ann perform to test whether the website is susceptible to a simple authentication bypass? 

A. Remove all of the post data and change the request to /login.aspx from POST to GET 

B. Attempt to brute force all usernames and passwords using a password cracker 

C. Remove the txtPassword post data and change alreadyLoggedIn from false to true 

D. Remove the txtUsername and txtPassword post data and toggle submit from true to false 


Q227. - (Topic 5) 

An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third-party? (Select TWO). 





E. Kerberos 

Answer: B,E 

Q228. - (Topic 1) 

A forensic analyst works for an e-discovery firm where several gigabytes of data are processed daily. While the business is lucrative, they do not have the resources or the scalability to adequately serve their clients. Since it is an e-discovery firm where chain of custody is important, which of the following scenarios should they consider? 

A. Offload some data processing to a public cloud 

B. Aligning their client intake with the resources available 

C. Using a community cloud with adequate controls 

D. Outsourcing the service to a third party cloud provider 


Q229. - (Topic 4) 

A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE). 

A. Security of data storage 

B. The cost of the solution 

C. System availability 

D. User authentication strategy 

E. PBX integration of the service 

F. Operating system compatibility 

Answer: A,C,D 

Q230. - (Topic 3) 

A company receives an e-discovery request for the Chief Information Officer’s (CIO’s) email data. The storage administrator reports that the data retention policy relevant to their industry only requires one year of email data. However the storage administrator also reports that there are three years of email data on the server and five years of email data on backup tapes. How many years of data MUST the company legally provide? 

A. 1 

B. 2 

C. 3 

D. 5 Answer: D