All About High value CAS-002 exam dumps

CAS-002 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

Product Description:
Exam Number/Code: CAS-002
Exam name: CompTIA Advanced Security Practitioner (CASP)
n questions with full explanations
Certification: CompTIA Certification
Last updated on Global synchronizing

Free Certification Real IT CAS-002 Exam pdf Collection

It is impossible to pass CompTIA CAS-002 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed CompTIA CAS-002 practice questions. You will get a surprising result by our Up to date CompTIA Advanced Security Practitioner (CASP) practice guides.

P.S. Validated CAS-002 questions are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 13 - Question 22)

Question No: 13

A new piece of ransomware got installed on a companyu2019s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern?

A. Determining how to install HIPS across all server platforms to prevent future incidents

B. Preventing the ransomware from re-infecting the server upon restore

C. Validating the integrity of the deduplicated data

D. Restoring the data will be difficult without the application configuration

Answer: D

Question No: 14

Which of the following represents important technical controls for securing a SAN storage infrastructure? (Select TWO).

A. Synchronous copy of data

B. RAID configuration

C. Data de-duplication

D. Storage pool space allocation

E. Port scanning

F. LUN masking/mapping

G. Port mapping

Answer: F,G

Question No: 15

A security administrator is performing VDI traffic data collection on a virtual server which migrates from one host to another. While reviewing the data collected by the protocol analyzer, the security administrator notices that sensitive data is present in the packet capture. Which of the following should the security administrator recommend to ensure the confidentiality of sensitive information during live VM migration, while minimizing latency issues?

A. A separate physical interface placed on a private VLAN should be configured for live host operations.

B. Database record encryption should be used when storing sensitive information on virtual servers.

C. Full disk encryption should be enabled across the enterprise to ensure the confidentiality of sensitive data.

D. Sensitive data should be stored on a backend SAN which uses an isolated fiber channel network.

Answer: A

Question No: 16

A security administrator notices the following line in a server's security log:

<input name='credentials' type='TEXT' value='" + request.getParameter('><script>document.location=''document.cooki e</script>') + "'

The administrator is concerned that it will take the developer a lot of time to fix the application that is running on the server. Which of the following should the security administrator implement to prevent this particular attack?


B. Input validation


D. Sandboxing


Answer: A

Question No: 17

CORRECT TEXTCompany A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: for the corporate site and for the remote site. The Telco router interface uses the IP range.

Instructions: Click on the simulation button to refer to the Network Diagram for Company A. Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.

Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.

Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.

Answer: Please check the explanation part for the solution.

Question No: 18

An administrator has enabled salting for users' passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain passwords on the system? (Select TWO).

A. /etc/passwd

B. /etc/shadow

C. /etc/security

D. /etc/password

E. /sbin/logon

F. /bin/bash

Answer: A,B

Question No: 19

An IT Manager is concerned about errors made during the deployment process for a new model of tablet. Which of the following would suggest best practices and configuration parameters that technicians could follow during the deployment process?

A. Automated workflow

B. Procedure

C. Corporate standard

D. Guideline

E. Policy

Answer: D

Question No: 20

It has come to the IT administratoru2019s attention that the u201cpost your commentu201d field on the company blog page has been exploited, resulting in cross-site scripting attacks against customers reading the blog. Which of the following would be the MOST effective at preventing the u201cpost your commentu201d field from being exploited?

A. Update the blog page to HTTPS

B. Filter metacharacters

C. Install HIDS on the server

D. Patch the web application

E. Perform client side input validation

Answer: B

Question No: 21

A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected?

A. The malware fileu2019s modify, access, change time properties.

B. The timeline analysis of the file system.

C. The time stamp of the malware in the swap file.

D. The date/time stamp of the malware detection in the antivirus logs.

Answer: B

Question No: 22

A security engineer is a new member to a configuration board at the request of management. The company has two new major IT projects starting this year and wants to plan security into the application deployment. The board is primarily concerned with the applicationsu2019 compliance with federal assessment and authorization standards. The security engineer asks for a timeline to determine when a security assessment of both applications should occur and does not attend subsequent configuration board meetings. If the security engineer is only going to perform a security assessment, which of the following steps in system authorization has the security engineer omitted?

A. Establish the security control baseline

B. Build the application according to software development security standards

C. Review the results of user acceptance testing

D. Consult with the stakeholders to determine which standards can be omitted

Answer: A

100% Up to date CompTIA CAS-002 Questions & Answers shared by Dumpscollection, Get HERE: (New 450 Q&As)