The particular examinees who study the Examcollection CompTIA CAS-002 puts are good results associated with highly certified instructors, living an excellent lifestyle. Examcollection may be dedicated to build your future safe and commence the CompTIA CAS-002 CompTIA Advanced Security Practitioner (CASP) examination formulations through the most recent up to date Examcollection checks CAS-002 test engine. Your dreams can come accurate simply by start the CAS-002 vce with regard to CompTIA Advanced Security Practitioner (CASP) examination through Examcollection CompTIA study manuals simply. You wont able to excel your abilities within the first endeavor associated with CAS-002 test if you use a some other pathway compared to CompTIA. CompTIA CompTIA CAS-002 pdf will give you beauty and make you enough certain about your whole lifestyle.

2016 Oct comptia casp cas-002:

Q311. - (Topic 2) 

A security administrator has noticed that an increased number of employees’ workstations are becoming infected with malware. The company deploys an enterprise antivirus system as well as a web content filter, which blocks access to malicious web sites where malware files can be downloaded. Additionally, the company implements technical measures to disable external storage. Which of the following is a technical control that the security administrator should implement next to reduce malware infection? 

A. Implement an Acceptable Use Policy which addresses malware downloads. 

B. Deploy a network access control system with a persistent agent. 

C. Enforce mandatory security awareness training for all employees and contractors. 

D. Block cloud-based storage software on the company network. 

Answer: D 


Q312. - (Topic 4) 

The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented? 

A. Geographical regulation issues, loss of intellectual property and interoperability agreement issues 

B. Improper handling of client data, interoperability agreement issues and regulatory issues 

C. Cultural differences, increased cost of doing business and divestiture issues 

D. Improper handling of customer data, loss of intellectual property and reputation damage 

Answer: D 


Q313. - (Topic 1) 

The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate data and result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with split staff/guest wireless functionality. Which of the following equipment MUST be deployed to guard against unknown threats? 

A. Cloud-based antivirus solution, running as local admin, with push technology for definition updates. 

B. Implementation of an offsite data center hosting all company data, as well as deployment of VDI for all client computing needs. 

C. Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter firewall ACLs. 

D. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed. 

Answer: D 


Q314. - (Topic 2) 

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability? 

A. Source code vulnerability scanning 

B. Time-based access control lists 

C. ISP to ISP network jitter 

D. File-size validation 

E. End to end network encryption 

Answer: B 


Q315. - (Topic 1) 

The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary? 

A. The corporate network is the only network that is audited by regulators and customers. 

B. The aggregation of employees on a corporate network makes it a more valuable target for attackers. 

C. Home networks are unknown to attackers and less likely to be targeted directly. 

D. Employees are more likely to be using personal computers for general web browsing when they are at home. 

Answer: B 


Updated comptia casp cas-002:

Q316. - (Topic 2) 

The IT Security Analyst for a small organization is working on a customer’s system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion? 

A. Contact the local authorities so an investigation can be started as quickly as possible. 

B. Shut down the production network interfaces on the server and change all of the DBMS account passwords. 

C. Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed. 

D. Refer the issue to management for handling according to the incident response process. 

Answer: D 


Q317. - (Topic 3) 

A new web application system was purchased from a vendor and configured by the internal development team. Before the web application system was moved into production, a vulnerability assessment was conducted. A review of the vulnerability assessment report indicated that the testing team discovered a minor security issue with the configuration of the web application. The security issue should be reported to: 

A. CISO immediately in an exception report. 

B. Users of the new web application system. 

C. The vendor who supplied the web application system. 

D. Team lead in a weekly report. 

Answer: D 


Q318. - (Topic 1) 

The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important? 

A. What are the protections against MITM? 

B. What accountability is built into the remote support application? 

C. What encryption standards are used in tracking database? 

D. What snapshot or “undo” features are present in the application? 

E. What encryption standards are used in remote desktop and file transfer functionality? 

Answer: B 


Q319. - (Topic 3) 

An administrator receives reports that the network is running slow for users connected to a certain switch. Viewing the network traffic, the administrator reviews the following: 

18:51:59.042108 IP linuxwksta.55467 > dns.company.com.domain: 39462+ PTR? 222.17.4.10.in-addr.arpa. (42) 

18:51:59.055732 IP dns.company.com.domain > linuxwksta.55467: 39462 NXDomain 0/0/0 (42) 

18:51:59.055842 IP linuxwksta.48287 > dns.company.com.domain: 46767+ PTR? 255.19.4.10.in-addr.arpa. (42) 

18:51:59.069816 IP dns.company.com.domain > linuxwksta.48287: 46767 NXDomain 0/0/0 (42) 

18:51:59.159060 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [P.], seq 1989625106:1989625154, ack 2067334822, win 1525, options [nop,nop,TS val 16021424 ecr 215646227], length 48 

18:51:59.159145 IP linuxwksta.48854 > dns.company.com.domain: 3834+ PTR? 72.17.4.10.in-addr.arpa. (41) 

18:51:59.159314 IP 10.4.17.72.iscsi-target > linuxwksta.42491: Flags [P.], seq 1:49, ack 48, win 124, options [nop,nop,TS val 215647479 ecr 16021424], length 48 

18:51:59.159330 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [.], ack 49, win 1525, options [nop,nop,TS val 16021424 ecr 215647479], length 0 

18:51:59.165342 IP dns.company.com.domain > linuxwksta.48854: 3834 NXDomain 0/0/0 

(41) 

18:51:59.397461 ARP, Request who-has 10.4.16.58 tell 10.4.16.1, length 46 

18:51:59.397597 IP linuxwksta.37684 > dns.company.com.domain: 15022+ PTR? 58.16.4.10.in-addr.arpa. (41) 

Given the traffic report, which of the following is MOST likely causing the slow traffic? 

A. DNS poisoning 

B. Improper network zoning 

C. ARP poisoning 

D. Improper LUN masking 

Answer: B 


Q320. - (Topic 2) 

A company has adopted a BYOD program. The company would like to protect confidential information. However, it has been decided that when an employee leaves, the company will not completely wipe the personal device. Which of the following would MOST likely help the company maintain security when employees leave? 

A. Require cloud storage on corporate servers and disable access upon termination 

B. Whitelist access to only non-confidential information 

C. Utilize an MDM solution with containerization 

D. Require that devices not have local storage 

Answer: C