CompTIA Advanced Security Practitioner
Exam Code:CAS-002
Number of Questions:80 (Maximum)
Type of questions:Multiple choice and performance-based
Length of Test:165 minutes
Passing score:Pass/Fail only. No scaled score.
Recommended experience:10 years experience in IT administration, including at least 5 years of hands-on technical security experience
Languages:English

Retirement:The old exam CAS-001 will retire on June 20, 2015

 

 

 

NO.1 Company A needs to export sensitive data from its financial system to company B's database,
using company B's API in an automated manner. Company A's policy prohibits the use of any
intermediary external systems to transfer or store its sensitive data, therefore the transfer must
occur directly between company A's financial system and company B's destination server using the
supplied API. Additionally, company A's legacy financial software does not support encryption, while
company B's API supports encryption. Which of the following will provide end-to-end encryption for
the data transfer while adhering to these requirements?
A. Company A must install an SSL tunneling service on the financial system.
B. Company A's security administrator should use an HTTPS capable browser to transfer the data.
C. Company A should use a dedicated MPLS circuit to transfer the sensitive data to company B.
D. Company A and B must create a site-to-site IPSec VPN on their respective firewalls.
Answer: A

CompTIA test answers   CAS-002   CAS-002 Test Answers   CAS-002

NO.2 Company GHI consolidated their network distribution so twelve network VLANs would be
available over dual fiber links to a modular L2 switch in each of the company's six IDFs. The IDF
modular switches have redundant switch fabrics and power supplies. Which of the following threats
will have the GREATEST impact on the network and what is the appropriate remediation step?
A. Threat: 802.1q trunking attack Remediation: Enable only necessary VLANs for each port
B. Threat: Bridge loop Remediation: Enable spanning tree
C. Threat: VLAN hopping Remediation: Enable only necessary VLANs for each port
D. Threat: VLAN hopping Remediation: Enable ACLs on the IDF switch
Answer: B

CompTIA answers real questions   CAS-002 Study Guide   CAS-002 Dumps PDF   CAS-002 exam

NO.3 A WAF without customization will protect the infrastructure from which of the following
attack combinations?
A. DDoS, DNS poisoning, Boink, Teardrop
B. Reflective XSS, HTTP exhaustion, Teardrop
C. SQL Injection, DOM based XSS, HTTP exhaustion
D. SQL Injection, CSRF, Clickjacking
Answer: C

CompTIA study guide   CAS-002 Dumps PDF   CAS-002 exam simulations   CAS-002 Latest Dumps

NO.4 An employee of a company files a complaint with a security administrator. While sniffing
network traffic, the employee discovers that financially confidential emails were passing
between two warehouse users. The two users deny sending confidential emails to each other. Which
of the following security practices would allow for non-repudiation and prevent network sniffers
from reading the confidential mail? (Select TWO).
A. Transport encryption
B. Authentication hashing
C. Digital signature
D. Legal mail hold
E. TSIG code signing
Answer: A,C

CompTIA Test Answers   CAS-002 Test Questions   CAS-002 Free download

NO.5 Mark works as a Network Security Administrator for uCertify Inc. The organization is using an
intranet to distribute information to its employees. A database residing on the network contains
employees' information, such as employee name, designation, department, phone extension, date of
birth, date of joining, etc. He is concerned about the security because the database has all
information about employees, which can help an unauthorized person to recognize an individual.
Which Personally Identifiable Information should be removed from the database so that the
unauthorized person cannot identify an individual?
A. Date of birth
B. Employee name
C. Employee code
D. Date of joining
Answer: A

CompTIA pdf   CAS-002 Exam Cram   CAS-002 study guide
Explanation:
According to the scenario, date of birth is uniquely identified information that can help the
unauthorized person to recognize an individual. Therefore, Mark should remove date of birth of all
employees from the database.

NO.6 SAML entities can operate in a variety of different roles. Valid SAML roles include which of the
following?
A. Attribute authority and certificate authority
B. Certificate authority and attribute requestor
C. Identity provider and service provider
D. Service provider and administrator
Answer: C

CompTIA Latest Dumps   CAS-002   CAS-002 Bootcamp   CAS-002 exam simulations   CAS-002 practice test

NO.7 The database team has suggested deploying a SOA based system across the enterprise.
The Chief Information Officer (CIO) has decided to consult the security manager about the risk
implications for adopting this architecture. Which of the following are concerns that the security
manager should present to the CIO concerning the SOA system? (Select TWO).
A. Users and services are centralized and only available within the enterprise.
B. Users and services are distributed, often times over the Internet
C. SOA centrally manages legacy systems, and opens the internal network to vulnerabilities.
D. SOA abstracts legacy systems as a virtual device and is susceptible to VMEscape.
E. SOA abstracts legacy systems as web services, which are often exposed to outside threats.
Answer: B,E

CompTIA   CAS-002 Braindumps   CAS-002 braindump   CAS-002 Real Questions   CAS-002 Latest Dumps

NO.8 An organization has decided to reduce labor costs by outsourcing back office processing of
credit applications to a provider located in another country. Data sovereignty and privacy concerns
raised by the security team resulted in the third-party provider only accessing and processing the
data via remote desktop sessions. To facilitate communications and improve productivity, staff at the
third party has been provided with corporate email accounts that are only accessible via the remote
desktop sessions. Email forwarding is blocked and staff at the third party can only communicate with
staff within the organization. Which of the following additional controls should be implemented to
prevent data loss? (Select THREE).
A. Implement hashing of data in transit
B. Session recording and capture
C. Disable cross session cut and paste
D. Monitor approved credit accounts
E. User access audit reviews
F. Source IP whitelisting
Answer: C,E,F

CompTIA practice test   CAS-002 Exam Tests   CAS-002 practice test

Are you still worrying about how to safely pass CompTIA certification CAS-002 exams? Do you have thought to select a specific training? Choosing a good training can effectively help you quickly consolidate a lot of IT knowledge, so you can be well ready for CompTIA certification CAS-002 exam. ITbraindumps's expert team used their experience and knowledge unremitting efforts to do research of the previous years exam, and finally have developed the best pertinence training program about CompTIA certification CAS-002 exam. Our training program can effectively help you have a good preparation for CompTIA certification CAS-002 exam. ITbraindumps's training program will be your best choice.

When we started offering CompTIA CAS-002 exam questions and answers and exam simulator, we did not think that we will get such a big reputation. What we are doing now is incredible form of a guarantee. ITbraindumps guarantee passing rate of 100%, you use your CompTIA CAS-002 exam to try our CompTIA CAS-002 training products, this is correct, we can guarantee your success.

At present, CompTIA certification exam is the most popular test. Have you obtained CompTIA exam certificate? For example, have you taken CompTIA CAS-002 certification exam?If not, you should take action as soon as possible. The certificate is very important, so you must get CAS-002 certificate. Here I would like to tell you how to effectively prepare for CompTIA CAS-002 exam and pass the test first time to get the certificate.

ITbraindumps's CompTIA CAS-002 exam training materials are the necessities of each of candidates who participating in the IT certification. With this training material, you can do a full exam preparation. So that you will have the confidence to win the exam. ITbraindumps's CompTIA CAS-002 exam training materials are highly targeted. Not every training materials on the Internet have such high quality. Only ITbraindumps could be so perfect.

ITbraindumps offer the latest 642-242 exam material and high-quality MSC-431 pdf questions & answers. Our M2010-720 VCE testing engine and P2090-086 study guide can help you pass the real exam. High-quality 600-512 dumps training materials can 100% guarantee you pass the exam faster and easier. Pass the exam to obtain certification is so simple.

Article Link: http://www.itbraindumps.com/CAS-002_exam.html