Want to Pass CAS-002 Exam In Next HOURS? Get it now →
November 7, 2018

Finding Down to date CAS-002 keys

Your success in CompTIA CAS-002 is our sole target and we develop all our CAS-002 braindumps in a way that facilitates the attainment of this target. Not only is our CAS-002 study material the best you can find, it is also the most detailed and the most updated. CAS-002 Practice Exams for CompTIA CASP CAS-002 are written to the highest standards of technical accuracy.

P.S. High quality CAS-002 dump are available on Google Drive, GET MORE: https://drive.google.com/open?id=1o83EG0ADisGFtGQxvx-BzUZbRUif5wko


New CompTIA CAS-002 Exam Dumps Collection (Question 15 - Question 24)

Q15. A data breach has occurred at Company A and as a result, the Chief Information Officer (CIO) has resigned. The CIO's laptop, cell phone and PC were all wiped of data per company policy. A month later, prosecutors in litigation with Company A suspect the CIO knew about the data breach long before it was discovered and have issued a subpoena requesting all the CIO's email from the last 12 months. The corporate retention policy recommends keeping data for no longer than 90 days. Which of the following should occur?

A. Restore the CIO's email from an email server backup and provide the last 90 days from the date of the subpoena request.

B. Inform the litigators that the CIOs information has been deleted as per corporate policy.

C. Restore the CIO's email from an email server backup and provide the last 90 days from the date of the CIO resignation.

D. Restore the CIO's email from an email server backup and provide whatever is available up to the last 12 months from the subpoena date.

Answer: D


Q16. An enterprise must ensure that all devices that connect to its networks have been previously approved. The solution must support dual factor mutual authentication with strong identity assurance. In order to reduce costs and administrative overhead, the security architect wants to outsource identity proofing and second factor digital delivery to the third party. Which of the following solutions will address the enterprise requirements?

A. Implementing federated network access with the third party.

B. Using a HSM at the network perimeter to handle network device access.

C. Using a VPN concentrator which supports dual factor via hardware tokens.

D. Implementing 802.1x with EAP-TTLS across the infrastructure.

Answer: D


Q17. Company XYZ has had repeated vulnerability exploits of a critical nature released to the companyu2019s flagship product. The product is used by a number of large customers. At the Chief Information Security Officeru2019s (CISOu2019s) request, the product manager now has to budget for a team of security consultants to introduce major product security improvements.

Here is a list of improvements in order of priority:

1. A noticeable improvement in security posture immediately.

2. Fundamental changes to resolve systemic issues as an ongoing process

3. Improvements should be strategic as opposed to tactical

4. Customer impact should be minimized

Which of the following recommendations is BEST for the CISO to put forward to the product manager?

A. Patch the known issues and provide the patch to customers. Make a company announcement to customers on the main website to reduce the perceived exposure of the application to alleviate customer concerns. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that any defects have been resolved.

B. Patch the known issues and provide the patch to customers. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that the defects have been resolved. Introduce periodic code review and penetration testing of the product in question and consider including all relevant future projects going forward.

A. C. Patch the known issues and provide the patch to customers. Implement an SSDLC / SDL overlay on top of the SDLC. Train architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. Use the product as the primary focal point to close out issues and consider using the SSDLC / SDL overlay for all relevant future projects.

D. Stop active support of the product. Bring forward end-of-life dates for the product so that it can be decommissioned. Start a new project to develop a replacement product and ensure that an SSDLC / SDL overlay on top of the SDLC is formed. Train BAs, architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases.

Answer: C


Q18. In a situation where data is to be recovered from an attackeru2019s location, which of the following are the FIRST things to capture? (Select TWO).

A. Removable media

B. Passwords written on scrap paper

C. Snapshots of data on the monitor

D. Documents on the printer

E. Volatile system memory

F. System hard drive

Answer: C,E


Q19. An organization has had six security incidents over the past year against their main web application. Each time the organization was able to determine the cause of the incident and restore operations within a few hours to a few days. Which of the following provides the MOST comprehensive method for reducing the time to recover?

A. Create security metrics that provide information on response times and requirements to determine the best place to focus time and money.

B. Conduct a loss analysis to determine which systems to focus time and money towards increasing security.

C. Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation.

D. Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics.

Answer: D


Q20. When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.

Which of the following would impact the security of conferenceu2019s resources?

A. Wireless network security may need to be increased to decrease access of mobile devices.

B. Physical security may need to be increased to deter or prevent theft of mobile devices.

C. Network security may need to be increased by reducing the number of available

A. physical network jacks.

D. Wireless network security may need to be decreased to allow for increased access of mobile devices.

Answer: C


Q21. Company XYZ is in negotiations to acquire Company ABC for $1.2millon. Due diligence activities have uncovered systemic security issues in the flagship product of Company ABC. It has been established that a complete product rewrite would be needed with average estimates indicating a cost of $1.6millon. Which of the following approaches should the risk manager of Company XYZ recommend?

A. Transfer the risk

B. Accept the risk

C. Mitigate the risk

D. Avoid the risk

Answer: D


Q22. A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the BEST description of why this is true?

A. Commercially available software packages are typically well known and widely available. Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid lawsuits.

B. Commercially available software packages are often widely available. Information concerning vulnerabilities is often kept internal to the company that developed the software.

C. Commercially available software packages are not widespread and are only available in limited areas. Information concerning vulnerabilities is often ignored by business managers.

D. Commercially available software packages are well known and widely available. Information concerning vulnerabilities and viable attack patterns are always shared within the IT community.

Answer: B


Q23. A security engineer is troubleshooting a possible virus infection, which may have spread to multiple desktop computers within the organization. The company implements enterprise antivirus software on all desktops, but the enterprise antivirus serveru2019s logs show no sign of a virus infection. The border firewall logs show suspicious activity from multiple internal hosts trying to connect to the same external IP address. The security administrator decides to post the firewall logs to a security mailing list and receives confirmation from other security administrators that the firewall logs indicate internal hosts are compromised with a new variant of the Trojan.Ransomcrypt.G malware not yet detected by most antivirus software. Which of the following would have detected the malware infection sooner?

A. The security administrator should consider deploying a signature-based intrusion detection system.

B. The security administrator should consider deploying enterprise forensic analysis tools.

C. The security administrator should consider installing a cloud augmented security service.

D. The security administrator should consider establishing an incident response team.

Answer: C


Q24. A company is preparing to upgrade its NIPS at five locations around the world. The three platforms the team plans to test, claims to have the most advanced features and lucrative pricing.

Assuming all platforms meet the functionality requirements, which of the following methods should be used to select the BEST platform?

A. Establish return on investment as the main criteria for selection.

A. B. Run a cost/benefit analysis based on the data received from the RFP.

C. Evaluate each platform based on the total cost of ownership.

D. Develop a service level agreement to ensure the selected NIPS meets all performance requirements.

Answer: C



see more http://www.ubraindumps.com/CAS-002-dumps/

P.S. Easily pass CAS-002 Exam with Examcollection High quality Dumps & pdf vce, Try Free: http://www.examcollectionuk.com/CAS-002-vce-download.html (532 New Questions)