CAS-002 Royal Pack Testengine pdf
100% Actual & Verified — 100% PASS
Unlimited access to the world's largest Dumps library!Download CAS-002 Dumps Free
Exam Number/Code: CAS-002
Exam name: CompTIA Advanced Security Practitioner (CASP)
n questions with full explanations
Certification: CompTIA Certification
Certleader offers free demo for CAS-002 exam. "CompTIA Advanced Security Practitioner (CASP)", also known as CAS-002 exam, is a CompTIA Certification. This set of posts, Passing the CompTIA CAS-002 exam, will help you answer those questions. The CAS-002 Questions & Answers covers all the knowledge points of the real exam. 100% real CompTIA CAS-002 exams and revised by experts!
P.S. Breathing CAS-002 rapidshare are available on Google Drive, GET MORE: https://drive.google.com/open?id=1MWxVvRqKw5P-3mL6Zi7QlXk_26ObOJ_y
New CompTIA CAS-002 Exam Dumps Collection (Question 2 - Question 11)
Q2. Warehouse users are reporting performance issues at the end of each month when trying to access cloud applications to complete their end of the month financial reports. They have no problem accessing those applications at the beginning of the month.
DMZ network u2013 192.168.5.0/24 VPN network u2013 192.168.1.0/24 Datacenter u2013 192.168.2.0/24 User network - 192.168.3.0/24
HR network u2013 192.168.4.0/24 Warehouse network u2013 192.168.6.0/24 Finance network 192.168.7.0/24
Traffic shaper configuration:
VLAN Bandwidth limit (Mbps) VPN50
Finance230 Warehouse75 Guest50
External firewall allows all networks to access the Internet. Internal Firewall Rules:
ActionSourceDestination Permit192.168.1.0/24192.168.2.0/24 Permit192.168.1.0/24192.168.3.0/24 Permit192.168.1.0/24192.168.5.0/24 Permit192.168.2.0/24192.168.1.0/24 Permit192.168.3.0/24192.168.1.0/24 Permit192.168.5.0/24192.168.1.0/24 Permit192.168.4.0/24192.168.7.0/24 Permit192.168.7.0/24192.168.4.0/24
Permit192.168.7.0/24any Deny192.168.4.0/24any Deny192.168.1.0/24192.168.4.0/24
Which of the following restrictions is the MOST likely cause?
A. Bandwidth limit on the traffic shaper for the finance department
B. Proxy server preventing the warehouse from accessing cloud applications
C. Deny statements in the firewall for the warehouse network
D. Bandwidth limit on the traffic shaper for the warehouse department
Q3. In a situation where data is to be recovered from an attackeru2019s location, which of the following are the FIRST things to capture? (Select TWO).
A. Removable media
B. Passwords written on scrap paper
C. Snapshots of data on the monitor
D. Documents on the printer
E. Volatile system memory
F. System hard drive
Q4. The VoIP administrator starts receiving reports that users are having problems placing phone calls. The VoIP administrator cannot determine the issue, and asks the security administrator for help. The security administrator reviews the switch interfaces and does not see an excessive amount of network traffic on the voice network. Using a protocol analyzer, the security administrator does see an excessive number of SIP INVITE packets destined for the SIP proxy. Based on the information given, which of the following types of attacks is underway and how can it be remediated?
A. Man in the middle attack; install an IPS in front of SIP proxy.
B. Man in the middle attack; use 802.1x to secure voice VLAN.
C. Denial of Service; switch to more secure H.323 protocol.
D. Denial of Service; use rate limiting to limit traffic.
Q5. An organization has just released a new mobile application for its customers. The application has an inbuilt browser and native application to render content from existing websites and the organizationu2019s new web services gateway. All rendering of the content is performed on the mobile application.
The application requires SSO between the application, the web services gateway and legacy UI. Which of the following controls MUST be implemented to securely enable SSO?
A. A registration process is implemented to have a random number stored on the client.
B. The identity is passed between the applications as a HTTP header over REST.
C. Local storage of the authenticated token on the mobile application is secured.
D. Attestation of the XACML payload to ensure that the client is authorized.
Q6. A security consultant is hired by a company to determine if an internally developed web application is vulnerable to attacks. The consultant spent two weeks testing the application, and determines that no vulnerabilities are present. Based on the results of the tools and tests available, which of the following statements BEST reflects the security status of the application?
A. The companyu2019s software lifecycle management improved the security of the application.
B. There are no vulnerabilities in the application.
C. The company should deploy a web application firewall to ensure extra security.
D. There are no known vulnerabilities at this time.
Q7. An organization has several production critical SCADA supervisory systems that cannot follow the normal 30-day patching policy. Which of the following BEST maximizes the protection of these systems from malicious software?
A. Configure a firewall with deep packet inspection that restricts traffic to the systems
B. Configure a separate zone for the systems and restrict access to known ports
C. Configure the systems to ensure only necessary applications are able to run
D. Configure the host firewall to ensure only the necessary applications have listening ports
Q8. A University uses a card transaction system that allows students to purchase goods using their student ID. Students can put money on their ID at terminals throughout the campus. The security administrator was notified that computer science students have been using the network to illegally put money on their cards. The administrator would like to attempt to reproduce what the students are doing. Which of the following is the BEST course of action?
A. Notify the transaction system vendor of the security vulnerability that was discovered.
B. Use a protocol analyzer to reverse engineer the transaction systemu2019s protocol.
C. Contact the computer science students and threaten disciplinary action if they continue their actions.
D. Install a NIDS in front of all the transaction system terminals.
Q9. In single sign-on, the secondary domain needs to trust the primary domain to do which of the following? (Select TWO).
A. Correctly assert the identity and authorization credentials of the end user.
B. Correctly assert the authentication and authorization credentials of the end user.
C. Protect the authentication credentials used to verify the end user identity to the secondary domain for unauthorized use.
D. Protect the authentication credentials used to verify the end user identity to the secondary domain for authorized use.
A. E. Protect the accounting credentials used to verify the end user identity to the secondary domain for unauthorized use.
F. Correctly assert the identity and authentication credentials of the end user.
Topic 4, Volume D
Q10. A morphed worm carrying a 0-day payload has infiltrated the company network and is now spreading across the organization. The security administrator was able to isolate the worm communication and payload distribution channel to TCP port 445. Which of the following can the administrator do in the short term to minimize the attack?
A. Deploy the following ACL to the HIPS: DENY - TCP - ANY - ANY u2013 445.
B. Run a TCP 445 port scan across the organization and patch hosts with open ports.
C. Add the following ACL to the corporate firewall: DENY - TCP - ANY - ANY - 445.
D. Force a signature update and full system scan from the enterprise anti-virus solution.
Q11. A security consultant is called into a small advertising business to recommend which security policies and procedures would be most helpful to the business. The business is comprised of 20 employees, operating off of two shared servers. One server houses employee data and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not access either of the servers remotely. Assuming no security policies or procedures are in place right now, which of the following would be the MOST applicable for implementation? (Select TWO).
A. Password Policy
B. Data Classification Policy
C. Wireless Access Procedure
D. VPN Policy
E. Database Administrative Procedure
100% Rebirth CompTIA CAS-002 Questions & Answers shared by Examcollectionplus, Get HERE: https://www.examcollectionplus.net/vce-CAS-002/ (New 450 Q&As)
[TRY FREE] BUY CAS-002 Full version( pdf+software ):