ITCertKing's training product for CompTIA certification CAS-002 Questions and answers includes simulation test and the current examination. On Internet you can also see a few websites to provide you the relevant training, but after compare them with us, you will find that ITCertKing's training about CompTIA certification CAS-002 Questions and answers not only have more pertinence for the exam and higher quality, but also more comprehensive content.
You can free download part of ITCertKing's exercises and answers about CompTIA certification CAS-002 Questions and answers as a try, then you will be more confident to choose our ITCertKing's products to prepare your CompTIA certification CAS-002 Questions and answers. Please add ITCertKing's products in you cart quickly.
Those who want to prepare for the IT certification exam are helpless. But they have to do it. So they have restless state of mind. However, With ITCertKing CompTIA CAS-002 Questions and answers, the kind of mentality will disappear. With ITCertKing's CompTIA CAS-002 Questions and answers, you can be brimming with confidence, and do not need to worry the exam. Of course, you can also face the exam with ease. This is not only psychological help, but more importantly, it allows you to pass the exam and to help you get a better tomorrow.
Exam Name: CompTIA Advanced Security Practitioner (CASP)
One year free update, No help, Full refund!
CAS-002 Questions and answers Real Questions Total Q&A: 465 Questions and Answers
Last Update: 2016-10-31
CAS-002 Questions and answers Test Questions Detail: CAS-002 Questions and answers Real Questions
CAS-002 Questions and answers Free Demo Download: http://www.itcertking.com/CAS-002_exam.html
NO.1 A security engineer wants to implement forward secrecy but still wants to ensure the number
of requests handled by the web server is not drastically reduced due to the larger computational
overheads. Browser compatibility is not a concern; however system performance is. Which of the
following, when implemented, would BEST meet the engineer's requirements?
A. DH
B. DHE
C. ECDHE
D. AES128-SHA
Answer: C
NO.2 A security architect has been engaged during the implementation stage of the SDLC to review a
new HR software installation for security gaps. With the project under a tight schedule to meet
market commitments on project delivery, which of the following security activities should be
prioritized by the security architect? (Select TWO).
A. Secure code review of the HR solution to identify security gaps that could be exploited
B. Perform access control testing to ensure that privileges have been configured correctly
C. Perform penetration testing over the HR solution to identify technical vulnerabilities
D. Perform a security risk assessment with recommended solutions to close off high-rated risks
E. Determine if the information security standards have been complied with by the project
Answer: D,E
CAS-002 Questions and answers exam CAS-002 Questions and answers original questions
Explanation:
In this question, we are pushed for time to get the project completed. Therefore, we have to
prioritize our security testing as we do not have time to fully test everything.
One of the priorities from a security perspective should be to perform a security risk assessment with
recommended solutions to close off high-rated risks. This is to test for the most potentially damaging
risks and to remediate them.
The other priority is to determine if the information security standards have been complied with by
the project. Security of information/data is the most important aspect of security. Loss of data can be
very damaging for a company in terms of liability and litigation.
NO.3 The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day
exploits. The CISO is concerned that an unrecognized threat could compromise corporate data and
result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with split
staff/guest wireless functionality. Which of the following equipment MUST be deployed to guard
against unknown threats?
A. Implementation of an offsite data center hosting all company data, as well as deployment of VDI
for all client computing needs.
B. Cloud-based antivirus solution, running as local admin, with push technology for definition updates
.
C. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.
D. Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter
firewall ACLs.
Answer: C
CAS-002 Questions and answers Exam Prep
Explanation:
Good preventive security practices are a must. These include installing and keeping firewall policies
carefully matched to business and application needs, keeping antivirus software updated, blocking
potentially harmful file attachments and keeping all systems patched against known vulnerabilities.
Vulnerability scans are a good means of measuring the effectiveness of preventive procedures. Real-
time protection: Deploy inline intrusion-prevention systems (IPS) that offer comprehensive
protection. When considering an IPS, seek the following capabilities: network-level protection,
application integrity checking, application protocol Request for Comment (RFC) validation, content
validation and forensics capability. In this case it would be behavior-based IPS with a communication
link to a cloud-based vulnerability and threat feed.
NO.4 The risk committee has endorsed the adoption of a security system development life cycle
(SSDLC) designed to ensure compliance with PCI-DSS, HIPAA, and meet the organization's mission.
Which of the following BEST describes the correct order of implementing a five phase SSDLC?
A. Acquisition, initiation/development, implementation/assessment, operations/maintenance and
disposal.
B. Assessment, initiation/development, implementation/assessment, operations/maintenance and
disposal.
C. Initiation, assessment/acquisition, development/implementation, operations/maintenance and
sunset.
D. Initiation, acquisition/development, implementation/assessment, operations/maintenance and
sunset.
Answer: D
CAS-002 Questions and answers Exam Cram CAS-002 Questions and answers Free Demo
NO.5 Which of the following is an example of single sign-on?
A. An administrator manages multiple platforms with the same username and hardware token. The
same username and token is used across all the platforms.
B. A password is synchronized between multiple platforms and the user is required to authenticate
with the same password across each platform.
C. A web access control infrastructure performs authentication and passes attributes in a HTTP
header to multiple applications.
D. Multiple applications have been integrated with a centralized LDAP directory for authentication
and authorization. A user has to authenticate each time the user accesses an application.
Answer: C
CAS-002 Questions and answers Real Exams CAS-002 Questions and answers Practice Exam
NO.6 VPN users cannot access the active FTP server through the router but can access any server in
the data center.
Additional network information:
DMZ network - 192.168.5.0/24 (FTP server is 192.168.5.11)
VPN network - 192.168.1.0/24
Datacenter - 192.168.2.0/24
User network - 192.168.3.0/24
HR network - 192.168.4.0/24\
Traffic shaper configuration:
VLANBandwidth Limit (Mbps)
VPN50
User175
HR250
Finance250
Guest0
Router ACL:
ActionSourceDestination
Permit192.168.1.0/24192.168.2.0/24
Permit192.168.1.0/24192.168.3.0/24
Permit192.168.1.0/24192.168.5.0/24
Permit192.168.2.0/24192.168.1.0/24
Permit192.168.3.0/24192.168.1.0/24
Permit192.168.5.1/32192.168.1.0/24
Deny192.168.4.0/24192.168.1.0/24
Deny192.168.1.0/24192.168.4.0/24
Denyanyany
Which of the following solutions would allow the users to access the active FTP server?
A. Increase bandwidth limit on the VPN network
B. Add a permit statement to allow traffic to 192.168.5.1 from the VPN network
C. Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network
D. Configure the traffic shaper to limit DMZ traffic
E. IPS is blocking traffic and needs to be reconfigured
Answer: C
CAS-002 Questions and answers Practice Exam CAS-002 Questions and answers practice test
Explanation:
The FTP Server is in the DMZ network (192.168.5.0/24).
VPN users connect to the VPN network (192.168.1.0/24)
We have a firewall rule which allows traffic from the VPN network to the DMZ network as shown
below.
Permit192.168.1.0/24192.168.5.0/24
However, we do not have a rule allowing traffic going the other way. This means that FTP requests
will reach the FTP server but any response from the FTP server back to a VPN user's computer will be
blocked at the firewall.
The solution is to allow the return traffic by adding a permit statement to allow traffic from
192.168.5.0/24 (the DMZ network) to the VPN network. Such a rule would look like the rule shown
below:
Permit192.168.5.0/24192.168.1.0/24
NO.7 A security administrator was recently hired in a start-up company to represent the interest of
security and to assist the network team in improving security in the company. The programmers are
not on good terms with the security team and do not want to be distracted with security issues while
they are working on a major project. Which of the following is the BEST time to make them address
security issues in the project?
A. At the end of the project
B. At the inception of the project
C. In the middle of the project
D. At the time they request
Answer: B
CAS-002 Questions and answers
Explanation:
It would be easier for the programmers to accommodate and address security concerns if they are
made aware of the security issues at the start of the project. The security issues could affect the
design of the solution. It would be better to address the security issues at the beginning of the
project before the solution has been designed rather than change the design of the solution halfway
through the project.
NO.8 An organization determined that each of its remote sales representatives must use a
smartphone for email access.
The organization provides the same centrally manageable model to each person.
Which of the following mechanisms BEST protects the confidentiality of the resident data?
A. Require encrypted communications when connecting to the organization's email server.
B. Require each sales representative to establish a PIN to access the smartphone and limit email
storage to two weeks.
C. Require a PIN and automatic wiping of the smartphone if someone enters a specific number of
incorrect PINs.
D. Require dual factor authentication when connecting to the organization's email server.
Answer: C
CAS-002 Questions and answers Exam Tests
NO.9 An analyst connects to a company web conference hosted on
www.webconference.com/meetingID#01234 and observes that numerous guests have been allowed
to join, without providing identifying information. The topics covered during the web conference are
considered proprietary to the company. Which of the following security concerns does the analyst
present to management?
A. Authenticated users could sponsor guest access that was previously approved by management.
B. Guest users could present a risk to the integrity of the company's information.
C. Meeting owners could sponsor guest access if they have passed a background check.
D. Unauthenticated users could present a risk to the confidentiality of the company's information.
Answer: D
CAS-002 Questions and answers Latest Dumps CAS-002 Questions and answers exam simulations
Explanation:
The issue at stake in this question is confidentiality of information. Topics covered during the web
conference are considered proprietary and should remain confidential, which means it should not be
shared with unauthorized users.
NO.10 In order to reduce costs and improve employee satisfaction, a large corporation is creating a
BYOD policy. It will allow access to email and remote connections to the corporate enterprise from
personal devices; provided they are on an approved device list. Which of the following security
measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).
A. Enable time of day restrictions for personal devices.
B. Require smart card authentication for all devices.
C. Provide free email software for personal devices.
D. Implement NAC to limit insecure devices access.
E. Encrypt data in transit for remote access.
Answer: D,E
CAS-002 Questions and answers Study Materials CAS-002 Questions and answers exam simulations
Explanation:
In this question, we are allowing access to email and remote connections to the corporate enterprise
from personal devices. When providing remote access to corporate systems, you should always
ensure that data traveling between the corporate network and the remote device is encrypted.
We need to provide access to devices only if they are on an approved device list. Therefore, we need
a way to check the device before granting the device access to the network if it is an approved
device. For this we can use NAC (Network Access Control).
When a computer connects to a computer network, it is not permitted to access anything unless it
complies with a business defined policy; including anti-virus protection level, system update level and
configuration. While the computer is being checked by a pre-installed software agent, it can only
access resources that can remediate (resolve or update) any issues. Once the policy is met, the
computer is able to access network resources and the Internet, within the policies defined within the
NAC system.
NAC solutions allow network operators to define policies, such as the types of computers or roles of
users allowed to access areas of the network, and enforce them in switches, routers, and network
middleboxes.
NO.11 A security researcher is about to evaluate a new secure VoIP routing appliance. The appliance
manufacturer claims the new device is hardened against all known attacks and several undisclosed
zero day exploits. The code base used for the device is a combination of compiled C and TC/TKL
scripts. Which of the following methods should the security research use to enumerate the ports and
protocols in use by the appliance?
A. Penetration testing
B. Switchport analyzer
C. Grey box testing
D. Device fingerprinting
Answer: D
CAS-002 Questions and answers Study Guide CAS-002 Questions and answers Test Questions
NO.12 DRAG DROP
An organization is implementing a project to simplify the management of its firewall network flows
and implement security controls. The following requirements exist. Drag and drop the BEST security
solution to meet the given requirements. Options may be used once or not at all. All placeholders
must be filled.
Answer:
Explanation:
To permit users to work securely from home, we can use a VPN. A VPN is used to provide secure
access for remote users by encrypting data sent between the remote location and the local network.
To permit users to access their account only from certain countries, we need to implement risk
profiling of any connecting device. Risk profiling uses rules to determine 'risk'. Rules can include
source IP which would determine the country.
To detect credit card information leaving the organization, we can implement a DLP (Data Loss
Prevention) solution. Data loss prevention (DLP) is a strategy for making sure that end users do not
send sensitive or critical information outside the corporate network.
The infrastructure we should deploy to permit users to access the Internet should include a forward
proxy server. A forward proxy server retrieves data from external sources on behalf of users internal
to the organization. For example, a user's web browser will send a request for a web page to the
forward proxy, the proxy will then request the web page from an Internet web server and then the
proxy will return the web page to the web browser.
The infrastructure we should deploy to permit customers to access their account balance should
include a reverse proxy server. A reverse proxy server retrieves data from internal sources on behalf
of users (customers) external to the organization. The reverse proxy server receives the request from
an external user, retrieves the data from an internal server then returns the information to the
customer.
References:
http://www.jscape.com/blog/bid/87783/Forward-Proxy-vs-Reverse-Proxy
NO.13 A security architect is designing a new infrastructure using both type 1 and type 2 virtual
machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening,
HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic
keys used to sign code and code modules on the VMs. Which of the following will meet this goal
without requiring any hardware pass-through implementations?
A. INE
B. HSM
C. vTPM
D. TPM
Answer: C
CAS-002 Questions and answers Real Dumps CAS-002 Questions and answers pdf
Explanation:
A Trusted Platform Module (TPM) is a microchip designed to provide basic security-related functions,
primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer,
and it communicates with the remainder of the system by using a hardware bus.
A vTPM is a virtual Trusted Platform Module.
IBM extended the current TPM V1.2 command set with virtual TPM management commands that
allow us to create and delete instances of TPMs. Each created instance of a TPM holds an association
with a virtual machine (VM) throughout its lifetime on the platform.
NO.14 A business unit of a large enterprise has outsourced the hosting and development of a new
external website which will be accessed by premium customers, in order to speed up the time to
market timeline. Which of the following is the MOST appropriate?
A. Outsourcing transfers all the risk to the third party. An SLA should be in place for the resolution of
newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.
B. Outsourcing transfers the risk to the third party, thereby minimizing the cost and any legal
obligations. An MOU should be in place for the resolution of newly identified vulnerabilities and
penetration / vulnerability testing should be conducted regularly.
C. The external party providing the hosting and website development should be obligated under
contract to provide a secure service which is regularly tested (vulnerability and penetration). SLAs
should be in place for the resolution of newly identified vulnerabilities and a guaranteed uptime.
D. The use of external organizations to provide hosting and web development services is not
recommended as the costs are typically higher than what can be achieved internally. In addition,
compliance with privacy regulations becomes more complex and guaranteed uptimes are difficult to
track and measure.
Answer: C
CAS-002 Questions and answers Latest Dumps
Explanation:
A service level agreement (SLA) guarantees the level of service the partner is agreeing to provide. It
specifies the uptime, response time, and maximum outage time that the partner is agreeing to.
NO.15 A security administrator is tasked with implementing two-factor authentication for the
company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS
server. New company policies require a second factor of authentication, and the Information Security
Officer has selected PKI as the second factor. Which of the following should the security
administrator configure and implement on the VPN concentrator to implement the second factor and
ensure that no error messages are displayed to the user during the VPN connection? (Select TWO).
A. The user certificate private key must be signed by the CA.
B. The VPN concentrator's certificate private key must be installed on the VPN concentrator.
C. The CA's certificate public key must be installed on the VPN concentrator.
D. The VPN concentrator's certificate private key must be signed by the CA and installed on the VPN
concentrator.
E. The user's certificate private key must be installed on the VPN concentrator.
F. The CA's certificate private key must be installed on the VPN concentrator.
Answer: B,C
CAS-002 Questions and answers test answers
Explanation:
A public key infrastructure (PKI) supports the distribution and identification of public encryption keys,
enabling users and computers to both securely exchange data over networks such as the Internet and
verify the identity of the other party.
A typical PKI includes the following key elements:
A CA issues digital certificates to entities and individuals after verifying their identity. It signs these
certificates using its private key; its public key is made available to all interested parties in a self-
signed CA certificate.
In this question, we have implemented a PKI. The Certificate Authority is the trusted root and
supplies certificates to all devices that require one.
Every device that trusts the CA will have the CA's public installed... This includes the VPN
concentrator. With the VPN concentrator trusting the CA, the VPN concentrator will trust users with
certificates supplied by the CA.
For the users and their devices to trust the VPN concentrator (to ensure that no error messages are
displayed to the user during the VPN connection), the VPN concentrator must have a certificate that
includes a private key installed.
NO.16 The Universal Research Association has just been acquired by the Association of Medical
Business Researchers. The new conglomerate has funds to upgrade or replace hardware as part of
the acquisition, but cannot fund labor for major software projects. Which of the following will MOST
likely result in some IT resources not being integrated?
A. Corporate websites may be optimized for different web browsers.
B. Industry security standards and regulations may be in conflict.
C. One of the companies may use an outdated VDI.
D. Data loss prevention standards in one company may be less stringent.
Answer: B
CAS-002 Questions and answers test questions CAS-002 Questions and answers Dumps PDF
NO.17 -- Exhibit -
-- Exhibit -
Company management has indicated that instant messengers (IM) add to employee productivity.
Management would like to implement an IM solution, but does not have a budget for the project.
The security engineer creates a feature matrix to help decide the most secure product. Click on the
Exhibit button.
Which of the following would the security engineer MOST likely recommend based on the table?
A. Product B
B. Product A
C. Product C
D. Product D
Answer: C
CAS-002 Questions and answers certification
NO.18 A trust relationship has been established between two organizations with web based services.
One organization is acting as the Requesting Authority (RA) and the other acts as the Provisioning
Service Provider (PSP). Which of the following is correct about the trust relationship?
A. The trust relationship uses SAML in the SOAP header. The SOAP body transports the SPML requests
/ responses.
B. The trust relationship uses SPML in the SAML header. The SAML body transports the SPML
requests / responses.
C. The trust relationship uses SPML in the SOAP header. The SOAP body transports the SAML requests
/ responses.
D. The trust relationship uses XACML in the SAML header. The SAML body transports the SOAP
requests / responses.
Answer: A
ITCertKing offer the latest 300-080 exam material and high-quality 1Y0-301 pdf questions & answers. Our 300-207 VCE testing engine and 70-414 study guide can help you pass the real exam. High-quality 300-070 dumps training materials can 100% guarantee you pass the exam faster and easier. Pass the exam to obtain certification is so simple.
Article Link: http://www.itcertking.com/CAS-002_exam.html
没有评论:
发表评论