Actual of CAS-002 practice test materials and cram for CompTIA certification for IT candidates, Real Success Guaranteed with Updated CAS-002 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP) exam Today!

2021 Apr CAS-002 answers

Q81. - (Topic 5) 

A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame as to whose fault it was that the incident occurred. In which part of the incident response phase would this be addressed in a controlled and productive manner? 

A. During the Identification Phase 

B. During the Lessons Learned phase 

C. During the Containment Phase 

D. During the Preparation Phase 

Answer:


Q82. - (Topic 1) 

The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements? 

A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator. 

B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud. 

C. A SaaS based firewall which logs to the company’s local storage via SSL, and is managed by the change control team. 

D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware. 

Answer:


Q83. - (Topic 3) 

Company A is purchasing Company B. Company A uses a change management system for all IT processes while Company B does not have one in place. Company B’s IT staff needs to purchase a third party product to enhance production. Which of the following NEXT steps should be implemented to address the security impacts this product may cause? 

A. Purchase the product and test it in a lab environment before installing it on any live system. 

B. Allow Company A and B’s IT staff to evaluate the new product prior to purchasing it. 

C. Purchase the product and test it on a few systems before installing it throughout the entire company. 

D. Use Company A’s change management process during the evaluation of the new product. 

Answer:


Q84. - (Topic 5) 

A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected? 

A. The malware file’s modify, access, change time properties. 

B. The timeline analysis of the file system. 

C. The time stamp of the malware in the swap file. 

D. The date/time stamp of the malware detection in the antivirus logs. 

Answer:


Q85. - (Topic 1) 

An organization has decided to reduce labor costs by outsourcing back office processing of credit applications to a provider located in another country. Data sovereignty and privacy concerns raised by the security team resulted in the third-party provider only accessing and processing the data via remote desktop sessions. To facilitate communications and improve productivity, staff at the third party has been provided with corporate email accounts that are only accessible via the remote desktop sessions. Email forwarding is blocked and staff at the third party can only communicate with staff within the organization. Which of the following additional controls should be implemented to prevent data loss? (Select THREE). 

A. Implement hashing of data in transit 

B. Session recording and capture 

C. Disable cross session cut and paste 

D. Monitor approved credit accounts 

E. User access audit reviews 

F. Source IP whitelisting 

Answer: C,E,F 


Rebirth CAS-002 practice exam:

Q86. - (Topic 2) 

The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15% per year in each of the last four years, but that this year’s growth has slowed to around 7%. Over the same time period, the number of attacks against applications has decreased or stayed flat each year. At the start of the measure period, the incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago, the growth in the number of PC boot loader attacks has grown exponentially. Analysis of these trends would seem to suggest which of the following strategies should be employed? 

A. Spending on SCADA protections should stay steady; application control spending should increase substantially and spending on PC boot loader controls should increase substantially. 

B. Spending on SCADA security controls should stay steady; application control spending should decrease slightly and spending on PC boot loader protections should increase substantially. 

C. Spending all controls should increase by 15% to start; spending on application controls should be suspended, and PC boot loader protection research should increase by 100%. 

D. Spending on SCADA security controls should increase by 15%; application control spending should increase slightly, and spending on PC boot loader protections should remain steady. 

Answer:


Q87. - (Topic 5) 

Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. Which of the following would be the advantage of conducting this kind of penetration test? 

A. The risk of unplanned server outages is reduced. 

B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on. 

C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness. 

D. The results should reflect what attackers may be able to learn about the company. 

Answer:


Q88. - (Topic 4) 

Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption. Which of the following solutions minimizes the performance impact on the router? 

A. Deploy inline network encryption devices 

B. Install an SSL acceleration appliance 

C. Require all core business applications to use encryption 

D. Add an encryption module to the router and configure IPSec 

Answer:


Q89. - (Topic 3) 

A hosting company provides inexpensive guest virtual machines to low-margin customers. Customers manage their own guest virtual machines. Some customers want basic guarantees of logical separation from other customers and it has been indicated that some customers would like to have configuration control of this separation; whereas others want this provided as a value-added service by the hosting company. Which of the following BEST meets these requirements? 

A. The hosting company should install a hypervisor-based firewall and allow customers to manage this on an as-needed basis. 

B. The hosting company should manage the hypervisor-based firewall; while allowing customers to configure their own host-based firewall. 

C. Customers should purchase physical firewalls to protect their guest hosts and have the hosting company manage these if requested. 

D. The hosting company should install a host-based firewall on customer guest hosts and offer to administer host firewalls for customers if requested. 

Answer:


Q90. - (Topic 1) 

The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system? 

A. Virtualize the system and migrate it to a cloud provider. 

B. Segment the device on its own secure network. 

C. Install an antivirus and HIDS on the system. 

D. Hire developers to reduce vulnerabilities in the code. 

Answer: