We provide real CAS-002 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass CompTIA CAS-002 Exam quickly & easily. The CAS-002 PDF type is available for reading and printing. You can print more and practice many times. With the help of our CompTIA CAS-002 dumps pdf and vce product and material, you can easily pass the CAS-002 exam.

P.S. Realistic CAS-002 questions pool are available on Google Drive, GET MORE: https://drive.google.com/open?id=1i-DSDDbU7Ij9pDq-9iid94VozRUrxe72


New CompTIA CAS-002 Exam Dumps Collection (Question 13 - Question 22)

New Questions 13

Continuous monitoring is a popular risk reduction technique in many large organizations with formal certification processes for IT projects. In order to implement continuous monitoring in an effective manner which of the following is correct?

A. Only security related alerts should be forwarded to the network team for resolution.

B. All logs must be centrally managed and access to the logs restricted only to data storage staff.

C. Logging must be set appropriately and alerts delivered to security staff in a timely manner.

D. Critical logs must be monitored hourly and adequate staff must be assigned to the network team.

Answer: C


New Questions 14

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the companyu2019s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE).

A. Business or technical justification for not implementing the requirements.

B. Risks associated with the inability to implement the requirements.

C. Industry best practices with respect to the technical implementation of the current controls.

D. All section of the policy that may justify non-implementation of the requirements.

A. E. A revised DRP and COOP plan to the exception form.

F. Internal procedures that may justify a budget submission to implement the new requirement.

G. Current and planned controls to mitigate the risks.

Answer: A,B,G


New Questions 15

In a situation where data is to be recovered from an attackeru2019s location, which of the following are the FIRST things to capture? (Select TWO).

A. Removable media

B. Passwords written on scrap paper

C. Snapshots of data on the monitor

D. Documents on the printer

E. Volatile system memory

F. System hard drive

Answer: C,E


New Questions 16

Which of the following BEST describes the implications of placing an IDS device inside or outside of the corporate firewall?

A. Placing the IDS device inside the firewall will allow it to monitor potential internal attacks but may increase the load on the system.

B. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks while still allowing the firewall to block the attack.

C. Placing the IDS device inside the firewall will allow it to monitor potential remote attacks but may increase the load on the system.

D. Placing the IDS device outside the firewall will allow it to monitor potential remote attacks but the firewall will not be able to block the attacks.

Answer: B


New Questions 17

An organization has had six security incidents over the past year against their main web application. Each time the organization was able to determine the cause of the incident and restore operations within a few hours to a few days. Which of the following provides the MOST comprehensive method for reducing the time to recover?

A. Create security metrics that provide information on response times and requirements to determine the best place to focus time and money.

B. Conduct a loss analysis to determine which systems to focus time and money towards increasing security.

C. Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation.

D. Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics.

Answer: D


New Questions 18

A security consultant is called into a small advertising business to recommend which security policies and procedures would be most helpful to the business. The business is comprised of 20 employees, operating off of two shared servers. One server houses employee data and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not access either of the servers remotely. Assuming no security policies or procedures are in place right now, which of the following would be the MOST applicable for implementation? (Select TWO).

A. Password Policy

B. Data Classification Policy

C. Wireless Access Procedure

D. VPN Policy

E. Database Administrative Procedure

Answer: A,B


New Questions 19

A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important?

A. Insecure direct object references, CSRF, Smurf

B. Privilege escalation, Application DoS, Buffer overflow

C. SQL injection, Resource exhaustion, Privilege escalation

D. CSRF, Fault injection, Memory leaks

Answer: A


New Questions 20

A business wants to start using social media to promote the corporation and to ensure that customers have a good experience with their products. Which of the following security items should the company have in place before implementation? (Select TWO).

A. The company must dedicate specific staff to act as social media representatives of the company.

B. All staff needs to be instructed in the proper use of social media in the work environment.

C. Senior staff blogs should be ghost written by marketing professionals.

D. The finance department must provide a cost benefit analysis for social media.

E. The security policy needs to be reviewed to ensure that social media policy is properly implemented.

F. The company should ensure that the company has sufficient bandwidth to allow for social media traffic.

Answer: A,E


New Questions 21

The Chief Information Officer (CIO) is reviewing the IT centric BIA and RA documentation. The documentation shows that a single 24 hours downtime in a critical business function

will cost the business $2.3 million. Additionally, the business unit which depends on the critical business function has determined that there is a high probability that a threat will materialize based on historical data. The CIOu2019s budget does not allow for full system hardware replacement in case of a catastrophic failure, nor does it allow for the purchase of additional compensating controls. Which of the following should the CIO recommend to the finance director to minimize financial loss?

A. The company should mitigate the risk.

B. The company should transfer the risk.

C. The company should avoid the risk.

D. The company should accept the risk.

Answer: B


New Questions 22

A security administrator at Company XYZ is trying to develop a body of knowledge to enable heuristic and behavior based security event monitoring of activities on a geographically distributed network. Instrumentation is chosen to allow for monitoring and measuring the network. Which of the following is the BEST methodology to use in establishing this baseline?

A. Model the network in a series of VMs; instrument the systems to record comprehensive metrics; run a large volume of simulated data through the model; record and analyze results; document expected future behavior.

B. Completely duplicate the network on virtual machines; replay eight hours of captured corporate network traffic through the duplicate network; instrument the network; analyze the results; document the baseline.

C. Instrument the operational network; simulate extra traffic on the network; analyze net flow information from all network devices; document the baseline volume of traffic.

D. Schedule testing on operational systems when users are not present; instrument the systems to log all network traffic; monitor the network for at least eight hours; analyze the results; document the established baseline.

Answer: A


100% Latest CompTIA CAS-002 Questions & Answers shared by Dumpscollection, Get HERE: http://www.dumpscollection.net/dumps/CAS-002/ (New 532 Q&As)