CAS-002 Exam
How Does Examcollection CompTIA CAS-002 brain dumps Work?
we provide Breathing CompTIA CAS-002 test questions which are the best for clearing CAS-002 test, and to get certified by CompTIA CompTIA Advanced Security Practitioner (CASP). The CAS-002 Questions & Answers covers all the knowledge points of the real CAS-002 exam. Crack your CompTIA CAS-002 Exam with latest dumps, guaranteed!
P.S. Breathing CAS-002 interactive bootcamp are available on Google Drive, GET MORE: https://drive.google.com/open?id=1LW12huDLg6jOYg9lhN_DwABm-ur1zaYh
New CompTIA CAS-002 Exam Dumps Collection (Question 8 - Question 17)
New Questions 8
Which of the following is an example of single sign-on?
A. An administrator manages multiple platforms with the same username and hardware token. The same username and token is used across all the platforms.
B. Multiple applications have been integrated with a centralized LDAP directory for authentication and authorization. A user has to authenticate each time the user accesses an application.
C. A password is synchronized between multiple platforms and the user is required to authenticate with the same password across each platform.
D. A web access control infrastructure performs authentication and passes attributes in a HTTP header to multiple applications.
Answer: D
New Questions 9
Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string:
user@hostname:~$ sudo nmap u2013O 192.168.1.54
Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:
TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778
Based on this information, which of the following operating systems is MOST likely running on the unknown node?
A. Linux
A. B. Windows
C. Solaris
D. OSX
Answer: C
New Questions 10
A security architect is locked into a given cryptographic design based on the allowable software at the company. The key length for applications is already fixed as is the cipher and algorithm in use. The security architect advocates for the use of well-randomized keys as a mitigation to brute force and rainbow attacks. Which of the following is the security architect trying to increase in the design?
A. Key stretching
B. Availability
C. Entropy
D. Root of trust
E. Integrity
Answer: C
New Questions 11
A security consultant is investigating acts of corporate espionage within an organization. Each time the organization releases confidential information to high-ranking engineers, the information is soon leaked to competing companies. Which of the following techniques should the consultant use to discover the source of the information leaks?
A. Digital watermarking
B. Steganography
C. Enforce non-disclosure agreements
D. Digital rights management
Answer: A
New Questions 12
An administratoru2021s company has recently had to reduce the number of Tier 3 help desk technicians available to support enterprise service requests. As a result, configuration standards have declined as administrators develop scripts to troubleshoot and fix customer issues. The administrator has observed that several default configurations have not been
fixed through applied group policy or configured in the baseline. Which of the following are controls the administrator should recommend to the organizationu2021s security manager to prevent an authorized user from conducting internal reconnaissance on the organizationu2021s network? (Select THREE).
A. Network file system
B. Disable command execution
C. Port security
D. TLS
E. Search engine reconnaissance
F. NIDS
G. BIOS security
H. HIDS
I. IdM
Answer: B,G,I
New Questions 13
An IT administrator has been tasked by the Chief Executive Officer with implementing security using a single device based on the following requirements:
1. Selective sandboxing of suspicious code to determine malicious intent.
2. VoIP handling for SIP and H.323 connections.
3. Block potentially unwanted applications.
1. Which of the following devices would BEST meet all of these requirements?
A. UTM
B. HIDS
C. NIDS
D. WAF
E. HSM
Answer: A
New Questions 14
A company uses a custom Line of Business (LOB) application to facilitate all back-end manufacturing control. Upon investigation, it has been determined that the database used by the LOB application uses a proprietary data format. The risk management group has flagged this as a potential weakness in the companyu2021s operational robustness. Which of the following would be the GREATEST concern when analyzing the manufacturing control application?
A. Difficulty backing up the custom database
B. Difficulty migrating to new hardware
C. Difficulty training new admin personnel
D. Difficulty extracting data from the database
Answer: D
New Questions 15
A security code reviewer has been engaged to manually review a legacy application. A number of systemic issues have been uncovered relating to buffer overflows and format string vulnerabilities.
The reviewer has advised that future software projects utilize managed code platforms if at all possible.
Which of the following languages would suit this recommendation? (Select TWO).
A. C
B. C#
C. C++
D. Perl
E. Java
Answer: B,E
New Questions 16
An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following controls should be implemented to mitigate the attack in the future?
A. Use PAP for secondary authentication on each RADIUS server
B. Disable unused EAP methods on each RADIUS server
C. Enforce TLS connections between RADIUS servers
D. Use a shared secret for each pair of RADIUS servers
Answer: C
New Questions 17
News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit network mapping and fingerprinting occurs in preparation for further exploitation. Which of the following is the MOST effective solution to protect against unrecognized malware infections, reduce detection time, and minimize any damage that might be done?
A. Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology.
B. Implement an application whitelist at all levels of the organization.
C. Deploy a network based heuristic IDS, configure all layer 3 switches to feed data to the IDS for more effective monitoring.
D. Update router configuration to pass all network traffic through a new proxy server with advanced malware detection.
Answer: B
100% Up to the immediate present CompTIA CAS-002 Questions & Answers shared by Thedumpscentre, Get HERE: http://www.thedumpscentre.com/CAS-002-dumps/ (New 532 Q&As)