Exam Code: CAS-002 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Certification Provider: CompTIA
Free Today! Guaranteed Training- Pass CAS-002 Exam.

2021 Mar CAS-002 free question

Q241. - (Topic 4) 

When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard. Which of the following BEST describes why this is necessary? 

A. The user needs a non-repudiation data source in order for the application to generate the key pair. 

B. The user is providing entropy so the application can use random data to create the key pair. 

C. The user is providing a diffusion point to the application to aid in creating the key pair. 

D. The application is requesting perfect forward secrecy from the user in order to create the key pair. 

Answer:


Q242. - (Topic 2) 

An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the risks associated with malware and resulting data leakage. Given that the ARO is twice per year, the ALE resulting from a data leak is $25,000 and the ALE after implementing the web filter is $15,000. The web filtering solution will cost the organization $10,000 per year. Which of the following values is the single loss expectancy of a data leakage event after implementing the web filtering solution? 

A. $0 

B. $7,500 

C. $10,000 

D. $12,500 

E. $15,000 

Answer:


Q243. - (Topic 2) 

A security analyst, Ann, states that she believes Internet facing file transfer servers are being attacked. Which of the following is evidence that would aid Ann in making a case to management that action needs to be taken to safeguard these servers? 

A. Provide a report of all the IP addresses that are connecting to the systems and their locations 

B. Establish alerts at a certain threshold to notify the analyst of high activity 

C. Provide a report showing the file transfer logs of the servers 

D. Compare the current activity to the baseline of normal activity 

Answer:


Q244. - (Topic 1) 

A small company’s Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company’s security posture quickly with regard to targeted attacks. Which of the following should the CSO conduct FIRST? 

A. Survey threat feeds from services inside the same industry. 

B. Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic. 

C. Conduct an internal audit against industry best practices to perform a qualitative analysis. 

D. Deploy a UTM solution that receives frequent updates from a trusted industry vendor. 

Answer:


Q245. - (Topic 1) 

Three companies want to allow their employees to seamlessly connect to each other’s wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companies’ wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement? 

A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation. 

B. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID. 

C. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates. 

D. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller. 

Answer:


Leading CAS-002 vce:

Q246. DRAG DROP - (Topic 2) 

An organization is implementing a project to simplify the management of its firewall network flows and implement security controls. The following requirements exist. Drag and drop the BEST security solution to meet the given requirements. Options may be used once or not at all. All placeholders must be filled. 

Answer: 


Q247. - (Topic 1) 

Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test? 

A. Test password complexity of all login fields and input validation of form fields 

B. Reverse engineering any thick client software that has been provided for the test 

C. Undertaking network-based denial of service attacks in production environment 

D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks 

E. Running a vulnerability scanning tool to assess network and host weaknesses 

Answer:


Q248. - (Topic 5) 

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted? 

A. The company should develop an in-house solution and keep the algorithm a secret. 

B. The company should use the CEO’s encryption scheme. 

C. The company should use a mixture of both systems to meet minimum standards. 

D. The company should use the method recommended by other respected information security organizations. 

Answer:


Q249. - (Topic 1) 

A member of the software development team has requested advice from the security team to implement a new secure lab for testing malware. Which of the following is the NEXT step that the security team should take? 

A. Purchase new hardware to keep the malware isolated. 

B. Develop a policy to outline what will be required in the secure lab. 

C. Construct a series of VMs to host the malware environment. 

D. Create a proposal and present it to management for approval. 

Answer:


Q250. - (Topic 3) 

An intrusion detection system logged an attack attempt from a remote IP address. One week later, the attacker successfully compromised the network. Which of the following MOST likely occurred? 

A. The IDS generated too many false negatives. 

B. The attack occurred after hours. 

C. The IDS generated too many false positives. 

D. No one was reviewing the IDS event logs. 

Answer: