Its very hard to pick a suitable CompTIA CompTIA CAS-002 exam dump. Pass4sure is often a primary source to your CompTIA certification exam. All the CAS-002 review materials will probably be presented in 2 forms, Pdf and also test powerplant. You can download or perhaps print your CAS-002 Pdf files and learn them from any period. The CompTIA certification test engine creates an individual a genuine atmosphere in the CompTIA actual test. The answers on the CompTIA CompTIA exam questions are verified through our CompTIA CompTIA certification professionals. If you find any questions, please get in touch with us timely.
2021 Mar CAS-002 exam question
Q201. - (Topic 4)
A security auditor is conducting an audit of a corporation where 95% of the users travel or work from non-corporate locations a majority of the time. While the employees are away from the corporate offices, they retain full access to the corporate network and use of corporate laptops. The auditor knows that the corporation processes PII and other sensitive data with applications requiring local caches of any data being manipulated. Which of the following security controls should the auditor check for and recommend to be implemented if missing from the laptops?
A. Trusted operating systems
B. Full disk encryption
C. Host-based firewalls
D. Command shell restrictions
Answer: B
Q202. - (Topic 3)
In single sign-on, the secondary domain needs to trust the primary domain to do which of the following? (Select TWO).
A. Correctly assert the identity and authorization credentials of the end user.
B. Correctly assert the authentication and authorization credentials of the end user.
C. Protect the authentication credentials used to verify the end user identity to the secondary domain for unauthorized use.
D. Protect the authentication credentials used to verify the end user identity to the secondary domain for authorized use.
E. Protect the accounting credentials used to verify the end user identity to the secondary domain for unauthorized use.
F. Correctly assert the identity and authentication credentials of the end user.
Answer: D,F
Topic 4, Volume D
Q203. - (Topic 2)
A security manager is looking into the following vendor proposal for a cloud-based SIEM solution. The intention is that the cost of the SIEM solution will be justified by having reduced the number of incidents and therefore saving on the amount spent investigating incidents.
Proposal:
External cloud-based software as a service subscription costing $5,000 per month. Expected to reduce the number of current incidents per annum by 50%.
The company currently has ten security incidents per annum at an average cost of $10,000 per incident. Which of the following is the ROI for this proposal after three years?
A. -$30,000
B. $120,000
C. $150,000
D. $180,000
Answer: A
Q204. - (Topic 1)
A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected?
A. The malware file’s modify, access, change time properties.
B. The timeline analysis of the file system.
C. The time stamp of the malware in the swap file.
D. The date/time stamp of the malware detection in the antivirus logs.
Answer: B
Q205. - (Topic 1)
Which of the following BEST constitutes the basis for protecting VMs from attacks from other VMs hosted on the same physical platform?
A. Aggressive patch management on the host and guest OSs.
B. Host based IDS sensors on all guest OSs.
C. Different antivirus solutions between the host and guest OSs.
D. Unique Network Interface Card (NIC) assignment per guest OS.
Answer: A
Down to date CAS-002 exam topics:
Q206. - (Topic 3)
A large financial company has a team of security-focused architects and designers that contribute into broader IT architecture and design solutions. Concerns have been raised due to the security contributions having varying levels of quality and consistency. It has been agreed that a more formalized methodology is needed that can take business drivers, capabilities, baselines, and re-usable patterns into account. Which of the following would BEST help to achieve these objectives?
A. Construct a library of re-usable security patterns
B. Construct a security control library
C. Introduce an ESA framework
D. Include SRTM in the SDLC
Answer: C
Q207. - (Topic 4)
A Linux security administrator is attempting to resolve performance issues with new software installed on several baselined user systems. After investigating, the security administrator determines that the software is not initializing or executing correctly. For security reasons, the company has implemented trusted operating systems with the goal of preventing unauthorized changes to the configuration baseline. The MOST likely cause of this problem is that SE Linux is set to:
A. Enforcing mode with an incorrectly configured policy.
B. Enforcing mode with no policy configured.
C. Disabled with a correctly configured policy.
D. Permissive mode with an incorrectly configured policy.
Answer: A
Q208. - (Topic 4)
A corporation implements a mobile device policy on smartphones that utilizes a white list for allowed applications. Recently, the security administrator notices that a consumer cloud based storage application has been added to the mobile device white list. Which of the following security implications should the security administrator cite when recommending the application’s removal from the white list?
A. Consumer cloud storage systems retain local copies of each file on the smartphone, as well as in the cloud, causing a potential data breach if the phone is lost or stolen.
B. Smartphones can export sensitive data or import harmful data with this application causing the potential for DLP or malware issues.
C. Consumer cloud storage systems could allow users to download applications to the smartphone. Installing applications this way would circumvent the application white list.
D. Smartphones using consumer cloud storage are more likely to have sensitive data remnants on them when they are repurposed.
Answer: B
Q209. - (Topic 4)
Which of the following BEST explains SAML?
A. A security attestation model built on XML and SOAP-based services, which allows for the exchange of A&A data between systems and supports Federated Identity Management.
B. An XML and SOAP-based protocol, which enables the use of PKI for code signing and SSO by using SSL and SSH to establish a trust model.
C. A security model built on the transfer of assertions over XML and SOAP-based protocols, which allows for seamless SSO and the open exchange of data.
D. A security verification model built on SSO and SSL-based services, which allows for the exchange of PKI data between users and supports XACML.
Answer: A
Q210. - (Topic 3)
A Chief Information Security Officer (CISO) of a major consulting firm has significantly increased the company’s security posture; however, the company is still plagued by data breaches of misplaced assets. These data breaches as a result have led to the compromise of sensitive corporate and client data on at least 25 occasions. Each employee in the company is provided a laptop to perform company business. Which of the following actions can the CISO take to mitigate the breaches?
A. Reload all user laptops with full disk encryption software immediately.
B. Implement full disk encryption on all storage devices the firm owns.
C. Implement new continuous monitoring procedures.
D. Implement an open source system which allows data to be encrypted while processed.
Answer: B