Top CompTIA CAS-002 questions pool Choices

CAS-002 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!

Download CAS-002 Dumps Free

Product Description:
Exam Number/Code: CAS-002
Exam name: CompTIA Advanced Security Practitioner (CASP)
n questions with full explanations
Certification: CompTIA Certification

HOW TO GET CAS-002 Exam PDF Collection Free?

Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Certleader CAS-002 test. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.

P.S. Certified CAS-002 preparation are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 8 - Question 17)

Question No: 8

During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance to regulations. The audit discovers that 40% of the desktops do not meet requirements. Which of the following is the cause of the noncompliance?

A. The devices are being modified and settings are being overridden in production.

B. The patch management system is causing the devices to be noncompliant after issuing the latest patches.

C. The desktop applications were configured with the default username and password.

D. 40% of the devices have been compromised.

Answer: A

Question No: 9

A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO).

A. Demonstration of IPS system

B. Review vendor selection process

C. Calculate the ALE for the event

D. Discussion of event timeline

E. Assigning of follow up items

Answer: D,E

Question No: 10

The manager of the firewall team is getting complaints from various IT teams that firewall changes are causing issues. Which of the following should the manager recommend to BEST address these issues?

A. Set up a weekly review for relevant teams to discuss upcoming changes likely to have a broad impact.

B. Update the change request form so that requesting teams can provide additional details about the requested changes.

C. Require every new firewall rule go through a secondary firewall administrator for review before pushing the firewall policy.

D. Require the firewall team to verify the change with the requesting team before pushing the updated firewall policy.

Answer: A

Question No: 11

The Chief Risk Officer (CRO) has requested that the MTD, RTO and RPO for key business applications be identified and documented. Which of the following business documents would MOST likely contain the required values?






Answer: E

Question No: 12

A security administrator notices a recent increase in workstations becoming compromised by malware. Often, the malware is delivered via drive-by downloads, from malware hosting websites, and is not being detected by the corporate antivirus. Which of the following solutions would provide the BEST protection for the company?

A. Increase the frequency of antivirus downloads and install updates to all workstations.

B. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections.

C. Deploy a NIPS to inspect and block all web traffic which may contain malware and exploits.

D. Deploy a web based gateway antivirus server to intercept viruses before they enter the network.

Answer: B

Question No: 13

A large enterprise introduced a next generation firewall appliance into the Internet facing DMZ. All Internet traffic passes through this appliance. Four hours after implementation the network engineering team discovered that traffic through the DMZ now has un-acceptable

latency, and is recommending that the new firewall be taken offline. At what point in the implementation process should this problem have been discovered?

A. During the product selection phase

B. When testing the appliance

C. When writing the RFP for the purchase process

D. During the network traffic analysis phase

Answer: B

Question No: 14

select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson

Which of the following types of attacks is the user attempting?

A. XML injection

B. Command injection

C. Cross-site scripting

D. SQL injection

Answer: D

Question No: 15

The security administrator is reviewing the business continuity plan which consists of virtual infrastructures at corporate headquarters and at the backup site. The administrator is concerned that the VLAN used to perform live migrations of virtual machines to the backup site is across the network provideru2019s MPLS network. This is a concern due to which of the following?

A. The hypervisor virtual switches only support Q-in-Q VLANS, not MPLS. This may cause live migrations to the backup site to fail.

B. VLANs are not compatible with MPLS, which may cause intermittent failures while performing live migrations virtual machines during a disaster.

C. Passwords are stored unencrypted in memory, which are then transported across the MPLS network.

D. Transport encryption is being used during the live migration of virtual machines which will impact the performance of the MPLS network.

Answer: C

Question No: 16

A company has decided to move to an agile software development methodology. The company gives all of its developers security training. After a year of agile, a management review finds that the number of items on a vulnerability scan has actually increased since the methodology change. Which of the following best practices has MOST likely been overlooked in the agile implementation?

A. Penetration tests should be performed after each sprint.

B. A security engineer should be paired with a developer during each cycle.

C. The security requirements should be introduced during the implementation phase.

D. The security requirements definition phase should be added to each sprint.

Answer: D

Question No: 17

A network administrator with a companyu2019s NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the companyu2019s physical security, which of the following can the network administrator use to scan and detect the presence of a malicious actor physically accessing the companyu2019s network or information systems from within? (Select TWO).


B. Vulnerability scanner

C. HTTP intercept


E. Port scanner

F. Protocol analyzer

Answer: D,E

Recommend!! Get the Certified CAS-002 dumps in VCE and PDF From Allfreedumps, Welcome to download: (New 450 Q&As Version)

[TRY FREE] BUY CAS-002 Full version( pdf+software ):