Avant-garde CompTIA CAS-002 dumps

CAS-002 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!


Product Description:
Exam Number/Code: CAS-002
Exam name: CompTIA Advanced Security Practitioner (CASP)
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Free Certification Real IT CAS-002 Exam pdf Collection

Refined of CAS-002 exam topics materials and free samples for CompTIA certification for candidates, Real Success Guaranteed with Updated CAS-002 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP) exam Today!

P.S. Refined CAS-002 free samples are available on Google Drive, GET MORE: https://drive.google.com/open?id=1o83EG0ADisGFtGQxvx-BzUZbRUif5wko

New CompTIA CAS-002 Exam Dumps Collection (Question 7 - Question 16)

Question No: 7

Company ABC will test connecting networks with Company XYZ as part of their upcoming merger and are both concerned with minimizing security exposures to each others network throughout the test. Which of the following is the FIRST thing both sides should do prior to connecting the networks?

A. Create a DMZ to isolate the two companies and provide a security inspection point for all inter-company network traffic.

B. Determine the necessary data flows between the two companies.

C. Implement a firewall that restricts everything except the IPSec VPN traffic connecting the two companies.

D. Implement inline NIPS on the connection points between the two companies.

Answer: B

Question No: 8

The threat abatement program manager tasked the software engineer with identifying the fastest implementation of a hash function to protect passwords with the least number of collisions. Which of the following should the software engineer implement to best meet the requirements?

A. hash = sha512(password + salt);for (k = 0; k < 4000; k++) {hash = sha512 (hash);}

B. hash = md5(password + salt);for (k = 0; k < 5000; k++) {hash = md5 (hash);}

C. hash = sha512(password + salt);for (k = 0; k < 3000; k++) {hash = sha512 (hash + password + salt);}

D. hash1 = sha1(password + salt);hash = sha1 (hash1);

Answer: C

Question No: 9

During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance to regulations. The audit discovers that 40% of the desktops do not meet requirements. Which of the following is the cause of the noncompliance?

A. The devices are being modified and settings are being overridden in production.

B. The patch management system is causing the devices to be noncompliant after issuing the latest patches.

C. The desktop applications were configured with the default username and password.

D. 40% of the devices have been compromised.

Answer: A

Question No: 10

The security administrator has just installed an active\\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients.

Which of the following is MOST likely the cause of this problem?

A. TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped.

B. TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall.

C. Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped.

D. The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.

Answer: A

Question No: 11

An external auditor has found that IT security policies in the organization are not maintained and in some cases are nonexistent. As a result of the audit findings, the CISO has been tasked with the objective of establishing a mechanism to manage the lifecycle of IT security policies. Which of the following can be used to BEST achieve the CISOu2019s objectives?



C. ISO 27002


Answer: D

Question No: 12

The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important?

A. What are the protections against MITM?

B. What accountability is built into the remote support application?

C. What encryption standards are used in tracking database?

D. What snapshot or u201cundou201d features are present in the application?

E. What encryption standards are used in remote desktop and file transfer functionality?

Answer: B

Question No: 13

The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take?

A. Address the security concerns through the network design and security controls.

B. Implement mitigations to the security risks and address the poor communications on the team with the project manager.

C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.

D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.

Answer: C

Question No: 14

An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third-party? (Select TWO).





E. Kerberos

Answer: B,E

Question No: 15

The sales team is considering the deployment of a new CRM solution within the enterprise. The IT and Security teams are members of the project; however, neither team has expertise or experience with the proposed system. Which of the following activities should be performed FIRST?

A. Visit a company who already has the technology, sign an NDA, and read their latest risk assessment.

B. Contact the top vendor, assign IT and Security to work together to implement a demo and pen test the system.

C. Work with Finance to do a second ROI calculation before continuing further with the project.

D. Research the market, select the top vendors and solicit RFPs from those vendors.

Answer: D

Question No: 16

An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?

A. Ensure the SaaS provider supports dual factor authentication.

B. Ensure the SaaS provider supports encrypted password transmission and storage.

C. Ensure the SaaS provider supports secure hash file exchange.

D. Ensure the SaaS provider supports role-based access control.

E. Ensure the SaaS provider supports directory services federation.

Answer: E

P.S. Easily pass CAS-002 Exam with Certifytools Refined Dumps & pdf vce, Try Free: https://www.certifytools.com/CAS-002-exam.html (450 New Questions)