It is more faster and easier to pass the CompTIA CAS-002 exam by using Precise CompTIA CompTIA Advanced Security Practitioner (CASP) questuins and answers. Immediate access to the Leading CAS-002 Exam and find the same core area CAS-002 questions with professionally verified answers, then PASS your exam with a high score now.

P.S. Precise CAS-002 software are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 2 - Question 11)

Q1. The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the companyu2019s contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO).

A. Block traffic from the ISPu2019s networks destined for blacklisted IPs.

B. Prevent the ISPu2019s customers from querying DNS servers other than those hosted by the ISP.

C. Scan the ISPu2019s customer networks using an up-to-date vulnerability scanner.

D. Notify customers when services they run are involved in an attack.

E. Block traffic with an IP source not allocated to customers from exiting the ISP's network.

Answer: D,E

Q2. Which of the following describes a risk and mitigation associated with cloud data storage?

A. Risk: Shared hardware caused data leakageMitigation: Strong encryption at rest

B. Risk: Offsite replicationMitigation: Multi-site backups

C. Risk: Data loss from de-duplicationMitigation: Dynamic host bus addressing

D. Risk: Combined data archivingMitigation: Two-factor administrator authentication

Answer: A

Q3. A Chief Financial Officer (CFO) has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently funded a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation?

A. The CFO is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.

B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.

C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the CFO.

D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.

Answer: D

Q4. Company XYZ provides cable television service to several regional areas. They are currently installing fiber-to-the-home in many areas with hopes of also providing telephone and Internet services. The telephone and Internet services portions of the company will each be separate subsidiaries of the parent company. The board of directors wishes to keep the subsidiaries separate from the parent company. However all three companies must share customer data for the purposes of accounting, billing, and customer authentication. The solution must use open standards, and be simple and seamless for customers, while only sharing minimal data between the companies. Which of the following solutions is BEST suited for this scenario?

A. The companies should federate, with the parent becoming the SP, and the subsidiaries becoming an IdP.

B. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SSP.

C. The companies should federate, with the parent becoming the IdP, and the subsidiaries

A. becoming an SP.

D. The companies should federate, with the parent becoming the ASP, and the subsidiaries becoming an IdP.

Answer: C

Q5. A network administrator with a companyu2019s NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the companyu2019s physical security, which of the following can the network administrator use to detect the presence of a malicious actor physically accessing the companyu2019s network or information systems from within? (Select TWO).


B. Vulnerability scanner

C. HTTP intercept


E. Port scanner

F. Protocol analyzer

Answer: D,F

Q6. An administrator believes that the web servers are being flooded with excessive traffic from time to time. The administrator suspects that these traffic floods correspond to when a competitor makes major announcements. Which of the following should the administrator do to prove this theory?

A. Implement data analytics to try and correlate the occurrence times.

B. Implement a honey pot to capture traffic during the next attack.

C. Configure the servers for high availability to handle the additional bandwidth.

D. Log all traffic coming from the competitor's public IP addresses.

Answer: A

Q7. A port in a fibre channel switch failed, causing a costly downtime on the companyu2019s primary website. Which of the following is the MOST likely cause of the downtime?

A. The web server iSCSI initiator was down.

B. The web server was not multipathed.

C. The SAN snapshots were not up-to-date.

D. The SAN replication to the backup site failed.

Answer: B

Q8. A security administrator is tasked with increasing the availability of the storage networks while enhancing the performance of existing applications. Which of the following technologies should the administrator implement to meet these goals? (Select TWO).

A. LUN masking

B. Snapshots


D. Dynamic disk pools

E. Multipath

F. Deduplication

Answer: D,E

Q9. An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?

A. Ensure the SaaS provider supports dual factor authentication.

B. Ensure the SaaS provider supports encrypted password transmission and storage.

C. Ensure the SaaS provider supports secure hash file exchange.

D. Ensure the SaaS provider supports role-based access control.

E. Ensure the SaaS provider supports directory services federation.

Answer: E

Q10. The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officeru2019s (CSO) request to harden the corporate networku2019s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?

A. The corporate network is the only network that is audited by regulators and customers.

B. The aggregation of employees on a corporate network makes it a more valuable target for attackers.

C. Home networks are unknown to attackers and less likely to be targeted directly.

D. Employees are more likely to be using personal computers for general web browsing when they are at home.

Answer: B

Recommend!! Get the Precise CAS-002 dumps in VCE and PDF From Thedumpscentre, Welcome to download: (New 532 Q&As Version)