Act now and download your CompTIA CAS-002 test today! Do not waste time for the worthless CompTIA CAS-002 tutorials. Download Refresh CompTIA CompTIA Advanced Security Practitioner (CASP) exam with real questions and answers and begin to learn CompTIA CAS-002 with a classic professional.

P.S. Virtual CAS-002 testing material are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 3 - Question 12)

New Questions 3

An IT administrator wants to restrict DNS zone transfers between two geographically dispersed, external company DNS name servers, and has decided to use TSIG. Which of the following are critical when using TSIG? (Select TWO).

A. Periodic key changes once the initial keys are established between the DNS name servers.

B. Secure exchange of the key values between the two DNS name servers.

C. A secure NTP source used by both DNS name servers to avoid message rejection.

D. DNS configuration files on both DNS name servers must be identically encrypted.

E. AES encryption with a SHA1 hash must be used to encrypt the configuration files on both DNS name servers.

Answer: B,C

New Questions 4

Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZu2019s hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal. Which of the following BEST describes the core concerns of the security architect?

A. Most of company XYZu2019s customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.

B. The availability requirements in SLAs with each hosted customer would have to be re- written to account for the transfer of virtual machines between physical platforms for regular maintenance.

C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.

D. Not all of company XYZu2019s customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.

Answer: C

New Questions 5

CORRECT TEXTThe IDS has detected abnormal behavior on this network. Click on the network devices to view device information. Based on this information, the following tasks should be completed:

1. Select the server that is a victim of a cross-site scripting (XSS) attack. 2 Select the source of the brute force password attack.

3. Modify the access control list (ACL) on the router(s) to ONLY block the XSS attack.

Instructions: Simulations can be reset at anytime to the initial state: however, all selections will be deleted

Answer: Please review following steps:

New Questions 6

The Chief Information Security Officer (CISO) at a software development company is concerned about the lack of introspection during a testing cycle of the companyu2019s flagship product. Testing was conducted by a small offshore consulting firm and the report by the consulting firm clearly indicates that limited test cases were used and many of the code paths remained untested.

The CISO raised concerns about the testing results at the monthly risk committee meeting, highlighting the need to get to the bottom of the product behaving unexpectedly in only some large enterprise deployments.

The Security Assurance and Development teams highlighted their availability to redo the testing if required.

Which of the following will provide the MOST thorough testing?

A. Have the small consulting firm redo the Black box testing.

B. Use the internal teams to perform Grey box testing.

C. Use the internal team to perform Black box testing.

D. Use the internal teams to perform White box testing.

E. Use a larger consulting firm to perform Black box testing.

Answer: D

New Questions 7

At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company. At 10:45 a.m. the security administrator received multiple alerts from the companyu2019s statistical anomaly- based IDS about a company database administrator performing unusual transactions. At 10:55 a.m. the security administrator resets the database administratoru2019s password.

At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user. Which of the following is MOST likely the cause of the alerts?

A. The IDS logs are compromised.

B. The new password was compromised.

C. An input validation error has occurred.

D. A race condition has occurred.

Answer: D

New Questions 8

When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.

Which of the following would impact the security of conferenceu2019s resources?

A. Wireless network security may need to be increased to decrease access of mobile devices.

B. Physical security may need to be increased to deter or prevent theft of mobile devices.

C. Network security may need to be increased by reducing the number of available

A. physical network jacks.

D. Wireless network security may need to be decreased to allow for increased access of mobile devices.

Answer: C

New Questions 9

A developer is coding the crypto routine of an application that will be installed on a standard headless and diskless server connected to a NAS housed in the datacenter. The developer has written the following six lines of code to add entropy to the routine:

1 - If VIDEO input exists, use video data for entropy 2 - If AUDIO input exists, use audio data for entropy

3 - If MOUSE input exists, use mouse data for entropy

4 - IF KEYBOARD input exists, use keyboard data for entropy 5 - IF IDE input exists, use IDE data for entropy

6 - IF NETWORK input exists, use network data for entropy

Which of the following lines of code will result in the STRONGEST seed when combined?

A. 2 and 1

B. 3 and 5

C. 5 and 2

D. 6 and 4

Answer: D

New Questions 10

A business owner has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently implemented a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation?

A. The business owner is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.

B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.

C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the business owner.

D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.

Answer: D

New Questions 11

The risk committee has endorsed the adoption of a security system development life cycle (SSDLC) designed to ensure compliance with PCI-DSS, HIPAA, and meet the organizationu2019s mission. Which of the following BEST describes the correct order of implementing a five phase SSDLC?

A. Initiation, assessment/acquisition, development/implementation, operations/maintenance and sunset.

B. Initiation, acquisition/development, implementation/assessment, operations/maintenance and sunset.

C. Assessment, initiation/development, implementation/assessment, operations/maintenance and disposal.

D. Acquisition, initiation/development, implementation/assessment, operations/maintenance and disposal.

Answer: B

New Questions 12

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability?

A. Source code vulnerability scanning

B. Time-based access control lists

C. ISP to ISP network jitter

D. File-size validation

E. End to end network encryption

Answer: B

Recommend!! Get the Virtual CAS-002 dumps in VCE and PDF From Allfreedumps, Welcome to download: (New 532 Q&As Version)