Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Ucertify CAS-002 braindumps. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.

P.S. Tested CAS-002 software are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 7 - Question 16)

Question No: 7

Company XYZ is building a new customer facing website which must access some corporate resources. The company already has an internal facing web server and a separate server supporting an extranet to which suppliers have access. The extranet web server is located in a network DMZ. The internal website is hosted on a laptop on the internal corporate network. The internal network does not restrict traffic between any internal hosts. Which of the following locations will BEST secure both the intranet and the customer facing website?

A. The existing internal network segment

B. Dedicated DMZ network segments

C. The existing extranet network segment

D. A third-party web hosting company

Answer: B

Question No: 8

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position?

A. Least privilege

B. Job rotation

C. Mandatory vacation

D. Separation of duties

Answer: B

Question No: 9

A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organizationu2019s configuration management process using?

A. Agile


C. Waterfall

D. Joint application development

Answer: A

Question No: 10

A large enterprise introduced a next generation firewall appliance into the Internet facing DMZ. All Internet traffic passes through this appliance. Four hours after implementation the network engineering team discovered that traffic through the DMZ now has un-acceptable

latency, and is recommending that the new firewall be taken offline. At what point in the implementation process should this problem have been discovered?

A. During the product selection phase

B. When testing the appliance

C. When writing the RFP for the purchase process

D. During the network traffic analysis phase

Answer: B

Question No: 11

A security code reviewer has been engaged to manually review a legacy application. A number of systemic issues have been uncovered relating to buffer overflows and format string vulnerabilities.

The reviewer has advised that future software projects utilize managed code platforms if at all possible.

Which of the following languages would suit this recommendation? (Select TWO).

A. C

B. C#

C. C++

D. Perl

E. Java

Answer: B,E

Question No: 12

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted?

A. The company should develop an in-house solution and keep the algorithm a secret.

B. The company should use the CEOu2019s encryption scheme.

C. The company should use a mixture of both systems to meet minimum standards.

D. The company should use the method recommended by other respected information security organizations.

Answer: D

Question No: 13

A Chief Information Security Officer (CISO) is approached by a business unit manager who heard a report on the radio this morning about an employee at a competing firm who shipped a VPN token overseas so a fake employee could log into the corporate VPN. The CISO asks what can be done to mitigate the risk of such an incident occurring within the organization. Which of the following is the MOST cost effective way to mitigate such a risk?

A. Require hardware tokens to be replaced on a yearly basis.

B. Implement a biometric factor into the token response process.

C. Force passwords to be changed every 90 days.

D. Use PKI certificates as part of the VPN authentication process.

Answer: B

Question No: 14

A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected?

A. The malware fileu2019s modify, access, change time properties.

B. The timeline analysis of the file system.

C. The time stamp of the malware in the swap file.

D. The date/time stamp of the malware detection in the antivirus logs.

Answer: B

Question No: 15

Company ABCu2019s SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new SAN?

A. Enable multipath to increase availability

B. Enable deduplication on the storage pools

C. Implement snapshots to reduce virtual disk size

D. Implement replication to offsite datacenter

Answer:: B

Question No: 16

The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take?

A. Address the security concerns through the network design and security controls.

B. Implement mitigations to the security risks and address the poor communications on the team with the project manager.

C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.

D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.

Answer: C

Recommend!! Get the Tested CAS-002 dumps in VCE and PDF From Examcollection, Welcome to download: (New 532 Q&As Version)