Exam Details

  • Exam Code
    :CAS-002
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :733 Q&As
  • Last Updated
    :Jan 22, 2024

CompTIA CompTIA Certifications CAS-002 Questions & Answers

  • Question 651:

    The Chief Information Officer (CIO) is reviewing the IT centric BIA and RA documentation. The documentation shows that a single 24 hours downtime in a critical business function will cost the business $2.3 million. Additionally, the business unit which depends on the critical business function has determined that there is a high probability that a threat will materialize based on historical data. The CIO's budget does not allow for full system hardware replacement in case of a catastrophic failure, nor does it allow for the purchase of additional compensating controls. Which of the following should the CIO recommend to the finance director to minimize financial loss?

    A. The company should mitigate the risk.

    B. The company should transfer the risk.

    C. The company should avoid the risk.

    D. The company should accept the risk.

  • Question 652:

    A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this policy. One system will be upgraded in six months, and two

    are not expected to be upgraded or removed from the network.

    Which of the following processes should be followed?

    A. Establish a risk matrix

    B. Inherit the risk for six months

    C. Provide a business justification to avoid the risk

    D. Provide a business justification for a risk exception

  • Question 653:

    An audit at a popular on-line shopping site reveals that a flaw in the website allows customers to purchase goods at a discounted rate. To improve security the Chief Information Security Officer (CISO) has requested that the web based shopping cart application undergo testing to validate user input in both free form text fields and drop down boxes.

    Which of the following is the BEST combination of tools and / or methods to use?

    A. Blackbox testing and fingerprinting

    B. Code review and packet analyzer

    C. Fuzzer and HTTP interceptor

    D. Enumerator and vulnerability assessment

  • Question 654:

    A large international business has completed the acquisition of a small business and it is now in the process of integrating the small business' IT department. Both parties have agreed that the large business will retain 95% of the smaller business' IT staff. Additionally, the larger business has a strong interest in specific processes that the smaller business has in place to handle its regional interests. Which of the following IT security related objectives should the small business' IT staff consider reviewing during the integration process? (Select TWO).

    A. How the large business operational procedures are implemented.

    B. The memorandum of understanding between the two businesses.

    C. New regulatory compliance requirements.

    D. Service level agreements between the small and the large business.

    E. The initial request for proposal drafted during the merger.

    F. The business continuity plan in place at the small business.

  • Question 655:

    A sensitive database needs its cryptographic integrity upheld. Which of the following controls meets this goal? (Select TWO).

    A. Data signing

    B. Encryption

    C. Perfect forward secrecy

    D. Steganography

    E. Data vaulting

    F. RBAC

    G. Lock and key

  • Question 656:

    A general insurance company wants to set up a new online business. The requirements are that the solution needs to be:

    Extendable for new products to be developed and added Externally facing for customers and business partners to login Usable and manageable Be able to integrate seamlessly with third parties for non core functions such as document printing Secure to protect customer's personal information and credit card information during transport and at rest

    The conceptual solution architecture has specified that the application will consist of a traditional three tiered architecture for the front end components, an ESB to provide services, data transformation capability and legacy system integration and a web services gateway.

    Which of the following security components will BEST meet the above requirements and fit into the solution architecture? (Select TWO).

    A. Implement WS-Security for services authentication and XACML for service authorization.

    B. Use end-to-end application level encryption to encrypt all fields and store them encrypted in the database.

    C. Implement a certificate based solution on a smart card in combination with a PIN to provide authentication and authorization of users.

    D. Implement WS-Security as a federated single sign-on solution for authentication authorization of users.

    E. Implement SSL encryption for all sensitive data flows and encryption of passwords of the data at rest.

    F. Use application level encryption to encrypt sensitive fields, SSL encryption on sensitive flows, and database encryption for sensitive data storage.

  • Question 657:

    The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the router's external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the company's external router's IP which is 128.20.176.19: 11:16:22.110343 IP 90.237.31.27.19 > 128.20.176.19.19: UDP, length 1400

    11:16:22.110351 IP 23.27.112.200.19 > 128.20.176.19.19: UDP, length 1400 11:16:22.110358 IP 192.200.132.213.19 > 128.20.176.19.19: UDP, length 1400

    11:16:22.110402 IP 70.192.2.55.19 > 128.20.176.19.19: UDP, length 1400

    11:16:22.110406 IP 112.201.7.39.19 > 128.20.176.19.19: UDP, length 1400

    Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration?

    A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the company's ISP should be contacted and instructed to block the malicious packets.

    B. After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.

    C. After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks.

    D. After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company's external router to block incoming UDP port 19 traffic.

  • Question 658:

    The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients.

    Which of the following is MOST likely the cause of this problem?

    A. TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped.

    B. TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall.

    C. Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped.

    D. The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.

  • Question 659:

    A company's security policy states that its own internally developed proprietary Internet facing software must be resistant to web application attacks. Which of the following methods provides the MOST protection against unauthorized access to stored database information?

    A. Require all development to follow secure coding practices.

    B. Require client-side input filtering on all modifiable fields.

    C. Escape character sequences at the application tier.

    D. Deploy a WAF with application specific signatures.

  • Question 660:

    A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE).

    A. Security of data storage

    B. The cost of the solution

    C. System availability

    D. User authentication strategy

    E. PBX integration of the service

    F. Operating system compatibility

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.