Want to Pass CAS-002 Exam In Next HOURS? Get it now →
February 15, 2019

Top CompTIA CAS-002 study guides Choices

Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Examcollection CAS-002 exam cram. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.

P.S. Precise CAS-002 item pool are available on Google Drive, GET MORE: https://drive.google.com/open?id=1o83EG0ADisGFtGQxvx-BzUZbRUif5wko


New CompTIA CAS-002 Exam Dumps Collection (Question 2 - Question 11)

Q1. The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out

to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

A. Review the flow data against each serveru2019s baseline communications profile.

B. Configure the server logs to collect unusual activity including failed logins and restarted services.

C. Correlate data loss prevention logs for anomalous communications from the server.

D. Setup a packet capture on the firewall to collect all of the server communications.

Answer: A



Q2. The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements?

A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator.

B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud.

C. A SaaS based firewall which logs to the companyu2019s local storage via SSL, and is managed by the change control team.

D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware.

Answer: A



Q3. A newly-appointed risk management director for the IT department at Company XYZ, a major pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and well-written report from the independent contractor who performed a security assessment of the system. The report details what seem to be a manageable volume of infrequently exploited security vulnerabilities. The director decides to implement continuous monitoring and other security controls to mitigate the impact of the vulnerabilities. Which of the following should the director require from the developers before agreeing to deploy the system?

A. An incident response plan which guarantees response by tier two support within 15 minutes of an incident.

B. A definitive plan of action and milestones which lays out resolutions to all vulnerabilities within six months.

C. Business insurance to transfer all risk from the company shareholders to the insurance company.

D. A prudent plan of action which details how to decommission the system within 90 days of becoming operational.

Answer: B



Q4. A small customer focused bank with implemented least privilege principles, is concerned about the possibility of branch staff unintentionally aiding fraud in their day to day interactions with customers. Bank staff has been encouraged to build friendships with customers to make the banking experience feel more personal. The security and risk team have decided that a policy needs to be implemented across all branches to address the

risk. Which of the following BEST addresses the security and risk teamu2019s concerns?

A. Information disclosure policy

B. Awareness training

C. Job rotation

D. Separation of duties

Answer: B



Q5. A data processing server uses a Linux based file system to remotely mount physical disks on a shared SAN. The server administrator reports problems related to processing of files where the file appears to be incompletely written to the disk. The network administration team has conducted a thorough review of all network infrastructure and devices and found everything running at optimal performance. Other SAN customers are unaffected. The data being processed consists of millions of small files being written to disk from a network source one file at a time. These files are then accessed by a local Java program for processing before being transferred over the network to a SE Linux host for processing. Which of the following is the MOST likely cause of the processing problem?

A. The administrator has a PERL script running which disrupts the NIC by restarting the CRON process every 65 seconds.

B. The Java developers accounted for network latency only for the read portion of the processing and not the write process.

C. The virtual file system on the SAN is experiencing a race condition between the reads and writes of network files.

D. The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors.

Answer: D



Q6. Three companies want to allow their employees to seamlessly connect to each otheru2019s wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure

that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companiesu2019 wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement?

A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation.

B. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID.

C. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates.

D. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller.

Answer: A



Q7. The security administrator of a large enterprise is tasked with installing and configuring a solution that will allow the company to inspect HTTPS traffic for signs of hidden malware and to detect data exfiltration over encrypted channels. After installing a transparent proxy server, the administrator is ready to configure the HTTPS traffic inspection engine and related network equipment. Which of the following should the security administrator implement as part of the network and proxy design to ensure the browser will not display any certificate errors when browsing HTTPS sites? (Select THREE).

A. Install a self-signed Root CA certificate on the proxy server.

B. The proxy configuration of all usersu2019 browsers must point to the proxy IP.

A. C. TCP port 443 requests must be redirected to TCP port 80 on the web server.

D. All usersu2019 personal certificatesu2019 public key must be installed on the proxy.

E. Implement policy-based routing on a router between the hosts and the Internet.

F. The proxy certificate must be installed on all usersu2019 browsers.

Answer: A,E,F



Q8. The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required.

Which of the following BEST describes the risk assurance officeru2019s concerns?

A. Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.

B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.

C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.

D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in

A. data throughput performance issues.

Answer: C



Q9. A bank now has a major initiative to virtualize as many servers as possible, due to power and rack space capacity at both data centers. The bank has prioritized by virtualizing older servers first as the hardware is nearing end-of-life.

The two initial migrations include:

Which of the following should the security consultant recommend based on best practices?

A. One data center should host virtualized web servers and the second data center should host the virtualized domain controllers.

B. One virtual environment should be present at each data center, each housing a combination of the converted Windows 2000 and RHEL3 virtual machines.

C. Each data center should contain one virtual environment for the web servers and another virtual environment for the domain controllers.

D. Each data center should contain one virtual environment housing converted Windows 2000 virtual machines and converted RHEL3 virtual machines.

Answer: C



Q10. A morphed worm carrying a 0-day payload has infiltrated the company network and is now spreading across the organization. The security administrator was able to isolate the worm communication and payload distribution channel to TCP port 445. Which of the following can the administrator do in the short term to minimize the attack?

A. Deploy the following ACL to the HIPS: DENY - TCP - ANY - ANY u2013 445.

B. Run a TCP 445 port scan across the organization and patch hosts with open ports.

C. Add the following ACL to the corporate firewall: DENY - TCP - ANY - ANY - 445.

D. Force a signature update and full system scan from the enterprise anti-virus solution.

Answer: A




see more http://www.ubraindumps.com/CAS-002-dumps/

100% Up to the minute CompTIA CAS-002 Questions & Answers shared by Certleader, Get HERE: https://www.certleader.com/CAS-002-dumps.html (New 450 Q&As)