Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner Exam
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Advanced Security Practitioner CAS-002 Questions & Answers

  • Question 1:

    Using SSL, an administrator wishes to secure public facing server farms in three subdomains:

    dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the following is the number of wildcard SSL certificates that should be purchased?

    A. 0

    B. 1

    C. 3

    D. 6

  • Question 2:

    Customers have recently reported incomplete purchase history and other anomalies while accessing their account history on the web server farm. Upon investigation, it has been determined that there are version mismatches of key e-commerce applications on the production web servers. The development team has direct access to the production servers and is most likely the cause of the different release versions. Which of the following process level solutions would address this problem?

    A. Implement change control practices at the organization level.

    B. Adjust the firewall ACL to prohibit development from directly accessing the production server farm.

    C. Update the vulnerability management plan to address data discrepancy issues.

    D. Change development methodology from strict waterfall to agile.

  • Question 3:

    A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following figures is the system's SLE?

    A. $2,000

    B. $8,000

    C. $12,000

    D. $32,000

  • Question 4:

    A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the following would BEST help the executives meet this goal?

    A. Install GSM tracking on each product for end-to-end delivery visibility.

    B. Implement geo-fencing to track products.

    C. Require drivers to geo-tag documentation at each delivery location.

    D. Equip each truck with an RFID tag for location services.

  • Question 5:

    An employee is performing a review of the organization's security functions and noticed that there is some cross over responsibility between the IT security team and the financial fraud team. Which of the following security documents should be used to clarify the roles and responsibilities between the teams?

    A. BPA

    B. BIA

    C. MOU

    D. OLA

  • Question 6:

    During an incident involving the company main database, a team of forensics experts is hired to respond to the breach. The team is in charge of collecting forensics evidence from the company's database server. Which of the following is the correct order in which the forensics team should engage?

    A. Notify senior management, secure the scene, capture volatile storage, capture non- volatile storage, implement chain of custody, and analyze original media.

    B. Take inventory, secure the scene, capture RAM, capture had drive, implement chain of custody, document, and analyze the data.

    C. Implement chain of custody, take inventory, secure the scene, capture volatile and non- volatile storage, and document the findings.

    D. Secure the scene, take inventory, capture volatile storage, capture non-volatile storage, document, and implement chain of custody.

  • Question 7:

    The telecommunications manager wants to improve the process for assigning company- owned mobile devices and ensuring data is properly removed when no longer needed. Additionally, the manager wants to onboard and offboard personally owned mobile devices that will be used in the BYOD initiative. Which of the following should be implemented to ensure these processes can be automated? (Select THREE).

    A. SIM's PIN

    B. Remote wiping

    C. Chargeback system

    D. MDM software

    E. Presence software

    F. Email profiles

    G. Identity attestation

    H. GPS tracking

  • Question 8:

    The IT Security Analyst for a small organization is working on a customer's system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion?

    A. Contact the local authorities so an investigation can be started as quickly as possible.

    B. Shut down the production network interfaces on the server and change all of the DBMS account passwords.

    C. Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed.

    D. Refer the issue to management for handling according to the incident response process.

  • Question 9:

    Driven mainly by cost, many companies outsource computing jobs which require a large amount of processor cycles over a short duration to cloud providers. This allows the company to avoid a large investment in computing resources which will only be used for a short time.

    Assuming the provisioned resources are dedicated to a single company, which of the following is the MAIN vulnerability associated with on-demand provisioning?

    A. Traces of proprietary data which can remain on the virtual machine and be exploited

    B. Remnants of network data from prior customers on the physical servers during a compute job

    C. Exposure of proprietary data when in-transit to the cloud provider through IPSec tunnels

    D. Failure of the de-provisioning mechanism resulting in excessive charges for the resources

  • Question 10:

    A network engineer at Company ABC observes the following raw HTTP request:

    GET /disp_reports.php?SectionEntered=57andGroupEntered=-1andreport_type=alertsandto_date=01- 01- 0101andRun= RunandUserEntered=dsmithandSessionID=5f04189bcandfrom_date=31-10-2010andTypesEntered=1

    HTTP/1.1 Host: test.example.net Accept: */* Accept-Language: en Connection: close Cookie: java14=1; java15=1; java16=1; js=1292192278001;

    Which of the following should be the engineer's GREATEST concern?

    A. The HTTPS is not being enforced so the system is vulnerable.

    B. The numerical encoding on the session ID is limited to hexadecimal characters, making it susceptible to a brute force attack.

    C. Sensitive data is transmitted in the URL.

    D. The dates entered are outside a normal range, which may leave the system vulnerable to a denial of service attack.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.