1. Home
  2. CompTIA
  3. CAS-002

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Certifications CAS-002 Questions & Answers

  • Question 111:

    Which of the following attacks does Unicast Reverse Path Forwarding prevent?

    A. Man in the Middle

    B. ARP poisoning

    C. Broadcast storm

    D. IP Spoofing

  • Question 112:

    When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones. Which of the following would impact the security of conference's resources?

    A. Wireless network security may need to be increased to decrease access of mobile devices.

    B. Physical security may need to be increased to deter or prevent theft of mobile devices.

    C. Network security may need to be increased by reducing the number of available physical network jacks.

    D. Wireless network security may need to be decreased to allow for increased access of mobile devices.

  • Question 113:

    The risk committee has endorsed the adoption of a security system development life cycle (SSDLC) designed to ensure compliance with PCI-DSS, HIPAA, and meet the organization's mission. Which of the following BEST describes the correct order of implementing a five phase SSDLC?

    A. Initiation, assessment/acquisition, development/implementation, operations/maintenance and sunset.

    B. Initiation, acquisition/development, implementation/assessment, operations/maintenance and sunset.

    C. Assessment, initiation/development, implementation/assessment, operations/maintenance and disposal.

    D. Acquisition, initiation/development, implementation/assessment, operations/maintenance and disposal.

  • Question 114:

    An administrator has a system hardening policy to only allow network access to certain services, to always use similar hardware, and to protect from unauthorized application configuration changes.

    Which of the following technologies would help meet this policy requirement? (Select TWO).

    A. Spam filter

    B. Solid state drives

    C. Management interface

    D. Virtualization

    E. Host firewall

  • Question 115:

    A security administrator is redesigning, and implementing a service-oriented architecture to replace an old, in-house software processing system, tied to a corporate sales website. After performing the business process analysis, the administrator decides the services need to operate in a dynamic fashion. The company has also been the victim of data injection attacks in the past and needs to build in mitigation features. Based on these requirements and past vulnerabilities, which of the following needs to be incorporated into the SOA?

    A. Point to point VPNs for all corporate intranet users.

    B. Cryptographic hashes of all data transferred between services.

    C. Service to service authentication for all workflows.

    D. Two-factor authentication and signed code

  • Question 116:

    A company receives an e-discovery request for the Chief Information Officer's (CIO's) email data. The storage administrator reports that the data retention policy relevant to their industry only requires one year of email data. However the storage administrator also reports that there are three years of email data on the server and five years of email data on backup tapes. How many years of data MUST the company legally provide?

    A. 1

    B. 2

    C. 3

    D. 5

  • Question 117:

    Customer Need:

    "We need the system to produce a series of numbers with no discernible mathematical progression for use by our Java based, PKI-enabled, customer facing website."

    Which of the following BEST restates the customer need?

    A. The system shall use a pseudo-random number generator seeded the same every time.

    B. The system shall generate a pseudo-random number upon invocation by the existing Java program.

    C. The system shall generate a truly random number based upon user PKI certificates.

    D. The system shall implement a pseudo-random number generator for use by corporate customers.

  • Question 118:

    Which of the following should be used to identify overflow vulnerabilities?

    A. Fuzzing

    B. Input validation

    C. Privilege escalation

    D. Secure coding standards

  • Question 119:

    A newly-appointed risk management director for the IT department at Company XYZ, a major pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and well- written report from the independent contractor who performed a security assessment of the system. The report details what seem to be a manageable volume of infrequently exploited security vulnerabilities. The director decides to implement continuous monitoring and other security controls to mitigate the impact of the vulnerabilities. Which of the following should the director require from the developers before agreeing to deploy the system?

    A. An incident response plan which guarantees response by tier two support within 15 minutes of an incident.

    B. A definitive plan of action and milestones which lays out resolutions to all vulnerabilities within six months.

    C. Business insurance to transfer all risk from the company shareholders to the insurance company.

    D. A prudent plan of action which details how to decommission the system within 90 days of becoming operational.

  • Question 120:

    The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to

    co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required.

    Which of the following BEST describes the risk assurance officer's concerns?

    A. Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.

    B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.

    C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.

    D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.