It is more faster and easier to pass the CompTIA CAS-002 exam by using High quality CompTIA CompTIA Advanced Security Practitioner (CASP) questuins and answers. Immediate access to the Latest CAS-002 Exam and find the same core area CAS-002 questions with professionally verified answers, then PASS your exam with a high score now.

2016 Sep comptia casp cas-002:

Q151. - (Topic 3) 

An administrator at a small company replaces servers whenever budget money becomes available. Over the past several years the company has acquired and still uses 20 servers and 50 desktops from five different computer manufacturers. Which of the following are management challenges and risks associated with this style of technology lifecycle management? 

A. Decreased security posture, decommission of outdated hardware, inability to centrally manage, and performance bottlenecks on old hardware. 

B. Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware. 

C. OS end-of-support issues, ability to backup data, hardware parts availability, and firmware update availability and management. 

D. Inability to use virtualization, trusted OS complexities, and multiple patch versions based on OS dependency. 

Answer: B 


Q152. - (Topic 4) 

A medium-sized company has recently launched an online product catalog. It has decided to keep the credit card purchasing in-house as a secondary potential income stream has been identified in relation to sales leads. The company has decided to undertake a PCI assessment in order to determine the amount of effort required to meet the business objectives. Which compliance category would this task be part of? 

A. Government regulation 

B. Industry standard 

C. Company guideline 

D. Company policy 

Answer: B 


Q153. - (Topic 3) 

Which of the following provides the HIGHEST level of security for an integrated network providing services to authenticated corporate users? 

A. Point to point VPN tunnels for external users, three-factor authentication, a cold site, physical security guards, cloud based servers, and IPv6 networking. 

B. IPv6 networking, port security, full disk encryption, three-factor authentication, cloud based servers, and a cold site. 

C. Port security on switches, point to point VPN tunnels for user server connections, two-factor cryptographic authentication, physical locks, and a standby hot site. 

D. Port security on all switches, point to point VPN tunnels for user connections to servers, two-factor authentication, a sign-in roster, and a warm site. 

Answer: C 


Q154. - (Topic 4) 

After being informed that the company DNS is unresponsive, the system administrator issues the following command from a Linux workstation: 

Once at the command prompt, the administrator issues the below commanD. 

Which of the following is true about the above situation? 

A. The administrator must use the sudo command in order to restart the service. 

B. The administrator used the wrong SSH port to restart the DNS server. 

C. The service was restarted correctly, but it failed to bind to the network interface. 

D. The service did not restart because the bind command is privileged. 

Answer: A 


Q155. - (Topic 1) 

An administrator wants to enable policy based flexible mandatory access controls on an open source OS to prevent abnormal application modifications or executions. Which of the following would BEST accomplish this? 

A. Access control lists 

B. SELinux 

C. IPtables firewall 

D. HIPS 

Answer: B 


CAS-002 practice question

Regenerate comptia casp cas-002 pdf:

Q156. - (Topic 5) 

The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important? 

A. What are the protections against MITM? 

B. What accountability is built into the remote support application? 

C. What encryption standards are used in tracking database? 

D. What snapshot or “undo” features are present in the application? 

E. What encryption standards are used in remote desktop and file transfer functionality? 

Answer: B 


Q157. - (Topic 1) 

A user has a laptop configured with multiple operating system installations. The operating systems are all installed on a single SSD, but each has its own partition and logical volume. Which of the following is the BEST way to ensure confidentiality of individual operating system data? 

A. Encryption of each individual partition 

B. Encryption of the SSD at the file level 

C. FDE of each logical volume on the SSD 

D. FDE of the entire SSD as a single disk 

Answer: A 


Q158. - (Topic 1) 

The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system? 

A. Virtualize the system and migrate it to a cloud provider. 

B. Segment the device on its own secure network. 

C. Install an antivirus and HIDS on the system. 

D. Hire developers to reduce vulnerabilities in the code. 

Answer: B 


Q159. - (Topic 1) 

Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption. Which of the following solutions minimizes the performance impact on the router? 

A. Deploy inline network encryption devices 

B. Install an SSL acceleration appliance 

C. Require all core business applications to use encryption 

D. Add an encryption module to the router and configure IPSec 

Answer: A 


Q160. - (Topic 2) 

After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system was restored on a newer revision of the same brand and model device. After the restore, the specialized application no longer works. Which of the following is the MOST likely cause of the problem? 

A. The binary files used by the application have been modified by malware. 

B. The application is unable to perform remote attestation due to blocked ports. 

C. The restored image backup was encrypted with the wrong key. 

D. The hash key summary of hardware and installed software no longer match. 

Answer: D