CAS-002 | CompTIA CAS-002 Exam Questions and Answers 2019

Your success in is our sole target and we develop all our in a way that facilitates the attainment of this target. Not only is our material the best you can find, it is also the most detailed and the most updated. for CompTIA CAS-002 are written to the highest standards of technical accuracy.

Check CAS-002 free dumps before getting the full version:

A company has a single subnet in a small office. The administrator wants to limit non-web related traffic to the corporate intranet server as well as prevent abnormal HTTP requests and HTTP protocol anomalies from causing problems with the web server. Which of the following is the MOST likely solution?

  • A. Application firewall and NIPS
  • B. Edge firewall and HIDS
  • C. ACLs and anti-virus
  • D. Host firewall and WAF

Answer: D

Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption. Which of the following solutions minimizes the performance impact on the router?

  • A. Deploy inline network encryption devices
  • B. Install an SSL acceleration appliance
  • C. Require all core business applications to use encryption
  • D. Add an encryption module to the router and configure IPSec

Answer: A

During a software development project review, the cryptographic engineer advises the project manager that security can be greatly improved by significantly slowing down the runtime of a hashing algorithm and increasing the entropy by passing the input and salt back during each iteration. Which of the following BEST describes what the engineer is trying to achieve?

  • A. Monoalphabetic cipher
  • B. Confusion
  • C. Root of trust
  • D. Key stretching
  • E. Diffusion

Answer: D

An internal development team has migrated away from Waterfall development to use Agile development. Overall, this has been viewed as a successful initiative by the stakeholders as it has improved time-to-market. However, some staff within the security team have
contended that Agile development is not secure. Which of the following is the MOST accurate statement?

  • A. Agile and Waterfall approaches have the same effective level of security postur
  • B. They both need similar amounts of security effort at the same phases of development.
  • C. Agile development is fundamentally less secure than Waterfall due to the lack of formal up-front design and inability to perform security reviews.
  • D. Agile development is more secure than Waterfall as it is a more modern methodology which has the advantage of having been able to incorporate security best practices of recent years.
  • E. Agile development has different phases and timings compared to Waterfal
  • F. Security activities need to be adapted and performed within relevant Agile phases.

Answer: D

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers?

  • A. SSL certificate revocation
  • B. SSL certificate pinning
  • C. Mobile device root-kit detection
  • D. Extended Validation certificates

Answer: B

Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a result, password replication and shared accounts are not acceptable. Which of the following implementations addresses the distributed login with centralized authentication and has wide compatibility among SaaS vendors?

  • A. Establish a cloud-based authentication service that supports SAML.
  • B. Implement a new Diameter authentication server with read-only attestation.
  • C. Install a read-only Active Directory server in the corporate DMZ for federation.
  • D. Allow external connections to the existing corporate RADIUS server.

Answer: A

The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the router’s external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the company’s external router’s IP which is
11:16:22.110343 IP > UDP, length 1400
11:16:22.110351 IP > UDP, length 1400
11:16:22.110358 IP > UDP, length 1400
11:16:22.110402 IP > UDP, length 1400
11:16:22.110406 IP > UDP, length 1400
Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration?

  • A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the company’s ISP should be contacted and instructed to block the malicious packets.
  • B. After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.
  • C. After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks.
  • D. After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company’s external router to block incoming UDP port 19 traffic.

Answer: A

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete?

  • A. They should logon to the system using the username concatenated with the 6-digit code and their original password.
  • B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code.
  • C. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed.
  • D. They should use the username format:, together with a password and their 6-digit code.

Answer: D

A security engineer at a bank has detected a Zeus variant, which relies on covert communication channels to receive new instructions and updates from the malware developers. As a result, NIPS and AV systems did not detect the configuration files received by staff in emails that appeared as normal files. Which of the following BEST describes the technique used by the malware developers?

  • A. Perfect forward secrecy
  • B. Stenography
  • C. Diffusion
  • D. Confusion
  • E. Transport encryption

Answer: B

A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame for whose fault it was that the incident occurred. In which part of the incident response phase would this be addressed in a controlled and productive manner?

  • A. During the Identification Phase
  • B. During the Lessons Learned phase
  • C. During the Containment Phase
  • D. During the Preparation Phase

Answer: B

A university Chief Information Security Officer is analyzing various solutions for a new project involving the upgrade of the network infrastructure within the campus. The campus has several dorms (two-four person rooms) and administrative buildings. The network is currently setup to provide only two network ports in each dorm room and ten network ports per classroom. Only administrative buildings provide 2.4 GHz wireless coverage.
The following three goals must be met after the new implementation:
1. Provide all users (including students in their dorms) connections to the Internet.
2. Provide IT department with the ability to make changes to the network environment to improve performance.
3. Provide high speed connections wherever possible all throughout campus including sporting event areas.
Which of the following risk responses would MOST likely be used to reduce the risk of network outages and financial expenditures while still meeting each of the goals stated above?

  • A. Avoid any risk of network outages by providing additional wired connections to each
  • B. user and increasing the number of data ports throughout the campus.
  • C. Transfer the risk of network outages by hiring a third party to survey, implement and manage a 5.0 GHz wireless network.
  • D. Accept the risk of possible network outages and implement a WLAN solution to provide complete 5.0 GHz coverage in each building that can be managed centrally on campus.
  • E. Mitigate the risk of network outages by implementing SOHO WiFi coverage throughout the dorms and upgrading only the administrative buildings to 5.0 GHz coverage using a one for one AP replacement.

Answer: C

The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required.
Which of the following BEST describes the risk assurance officer’s concerns?

  • A. Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.
  • B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.
  • C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.
  • D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in
  • E. data throughput performance issues.

Answer: C

In an effort to minimize costs, the management of a small candy company wishes to explore a cloud service option for the development of its online applications. The company does not wish to invest heavily in IT infrastructure. Which of the following solutions should be recommended?

  • A. A public IaaS
  • B. A public PaaS
  • C. A public SaaS
  • D. A private SaaS
  • E. A private IaaS
  • F. A private PaaS

Answer: B

A business wants to start using social media to promote the corporation and to ensure that customers have a good experience with their products. Which of the following security items should the company have in place before implementation? (Select TWO).

  • A. The company must dedicate specific staff to act as social media representatives of the company.
  • B. All staff needs to be instructed in the proper use of social media in the work environment.
  • C. Senior staff blogs should be ghost written by marketing professionals.
  • D. The finance department must provide a cost benefit analysis for social media.
  • E. The security policy needs to be reviewed to ensure that social media policy is properly implemented.
  • F. The company should ensure that the company has sufficient bandwidth to allow for social media traffic.

Answer: AE

The IT director has charged the company helpdesk with sanitizing fixed and removable media. The helpdesk manager has written a new procedure to be followed by the helpdesk staff. This procedure includes the current standard to be used for data sanitization, as well as the location of physical degaussing tools. In which of the following cases should the helpdesk staff use the new procedure? (Select THREE).

  • A. During asset disposal
  • B. While reviewing the risk assessment
  • C. While deploying new assets
  • D. Before asset repurposing
  • E. After the media has been disposed of
  • F. During the data classification process
  • G. When installing new printers
  • H. When media fails or is unusable

Answer: ADH

The IDS has detected abnormal behavior on this network. Click on the network devices to view device information. Based on this information, the following tasks should be completed:
1. Select the server that is a victim of a cross-site scripting (XSS) attack. 2 Select the source of the brute force password attack.
3. Modify the access control list (ACL) on the router(s) to ONLY block the XSS attack.
Instructions: Simulations can be reset at anytime to the initial state: however, all selections will be deleted
CAS-002 dumps exhibit
CAS-002 dumps exhibit
CAS-002 dumps exhibit


    100% Valid and Newest Version CAS-002 Questions & Answers shared by Surepassexam, Get Full Dumps HERE: (New 450 Q&As)