Exam Code: CAS-002 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass CAS-002 Exam.
2021 Dec CAS-002 real exam
Q191. - (Topic 5)
A company uses a custom Line of Business (LOB) application to facilitate all back-end manufacturing control. Upon investigation, it has been determined that the database used by the LOB application uses a proprietary data format. The risk management group has flagged this as a potential weakness in the company’s operational robustness. Which of the following would be the GREATEST concern when analyzing the manufacturing control application?
A. Difficulty backing up the custom database
B. Difficulty migrating to new hardware
C. Difficulty training new admin personnel
D. Difficulty extracting data from the database
Answer: D
Q192. - (Topic 4)
The security administrator of a large enterprise is tasked with installing and configuring a solution that will allow the company to inspect HTTPS traffic for signs of hidden malware and to detect data exfiltration over encrypted channels. After installing a transparent proxy server, the administrator is ready to configure the HTTPS traffic inspection engine and related network equipment. Which of the following should the security administrator implement as part of the network and proxy design to ensure the browser will not display any certificate errors when browsing HTTPS sites? (Select THREE).
A. Install a self-signed Root CA certificate on the proxy server.
B. The proxy configuration of all users’ browsers must point to the proxy IP.
C. TCP port 443 requests must be redirected to TCP port 80 on the web server.
D. All users’ personal certificates’ public key must be installed on the proxy.
E. Implement policy-based routing on a router between the hosts and the Internet.
F. The proxy certificate must be installed on all users’ browsers.
Answer: A,E,F
Q193. - (Topic 1)
The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following:
90.76.165.40 – - [08/Mar/2014:10:54:04] “GET calendar.php?create%20table%20hidden HTTP/1.1” 200 5724
90.76.165.40 – - [08/Mar/2014:10:54:05] “GET ../../../root/.bash_history HTTP/1.1” 200 5724
90.76.165.40 – - [08/Mar/2014:10:54:04] “GET index.php?user=<script>Create</script> HTTP/1.1” 200 5724
The security administrator also inspects the following file system locations on the database server using the command ‘ls -al /root’
drwxrwxrwx 11 root root 4096 Sep 28 22:45 .
drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..
-rws------ 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .profile
-rw------- 25 root root 4096 Mar 8 09:30 .ssh
Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).
A. Privilege escalation
B. Brute force attack
C. SQL injection
D. Cross-site scripting
E. Using input validation, ensure the following characters are sanitized: <>
F. Update crontab with: find / \( -perm -4000 \) –type f –print0 | xargs -0 ls –l | email.sh
G. Implement the following PHP directive: $clean_user_input = addslashes($user_input)
H. Set an account lockout policy
Answer: A,F
Q194. - (Topic 5)
The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. The helpdesk staff is currently unable to perform effective troubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff is located within the company headquarters and 90% of the callers are telecommuters, which of the following tools should the helpdesk manager use to make the staff more effective at troubleshooting while at the same time reducing company costs? (Select TWO).
A. Web cameras
B. Email
C. Instant messaging
D. BYOD
E. Desktop sharing
F. Presence
Answer: C,E
Q195. - (Topic 5)
An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third-party? (Select TWO).
A. LDAP/S
B. SAML
C. NTLM
D. OAUTH
E. Kerberos
Answer: B,E
Regenerate CAS-002 exam cost:
Q196. - (Topic 2)
A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network. Vendors were authenticating directly to the retailer’s AD servers, and an improper firewall rule allowed pivoting from the AD server to the DMZ where credit card servers were kept. The firewall rule was needed for an internal application that was developed, which presents risk. The retailer determined that because the vendors were required to have site to site VPN’s no other security action was taken.
To prove to the retailer the monetary value of this risk, which of the following type of calculations is needed?
A. Residual Risk calculation
B. A cost/benefit analysis
C. Quantitative Risk Analysis
D. Qualitative Risk Analysis
Answer: C
Q197. - (Topic 5)
The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53?
A. PING
B. NESSUS
C. NSLOOKUP
D. NMAP
Answer: D
Q198. - (Topic 3)
A security manager is developing new policies and procedures. Which of the following is a best practice in end user security?
A. Employee identity badges and physical access controls to ensure only staff are allowed onsite.
B. A training program that is consistent, ongoing, and relevant.
C. Access controls to prevent end users from gaining access to confidential data.
D. Access controls for computer systems and networks with two-factor authentication.
Answer: B
Q199. - (Topic 4)
An organization has just released a new mobile application for its customers. The application has an inbuilt browser and native application to render content from existing websites and the organization’s new web services gateway. All rendering of the content is performed on the mobile application.
The application requires SSO between the application, the web services gateway and legacy UI. Which of the following controls MUST be implemented to securely enable SSO?
A. A registration process is implemented to have a random number stored on the client.
B. The identity is passed between the applications as a HTTP header over REST.
C. Local storage of the authenticated token on the mobile application is secured.
D. Attestation of the XACML payload to ensure that the client is authorized.
Answer: C
Q200. - (Topic 4)
The security administrator is reviewing the business continuity plan which consists of virtual infrastructures at corporate headquarters and at the backup site. The administrator is concerned that the VLAN used to perform live migrations of virtual machines to the backup site is across the network provider’s MPLS network. This is a concern due to which of the following?
A. The hypervisor virtual switches only support Q-in-Q VLANS, not MPLS. This may cause live migrations to the backup site to fail.
B. VLANs are not compatible with MPLS, which may cause intermittent failures while performing live migrations virtual machines during a disaster.
C. Passwords are stored unencrypted in memory, which are then transported across the MPLS network.
D. Transport encryption is being used during the live migration of virtual machines which will impact the performance of the MPLS network.
Answer: C