Your success in CompTIA CAS-002 is our sole target and we develop all our CAS-002 braindumps in a way that facilitates the attainment of this target. Not only is our CAS-002 study material the best you can find, it is also the most detailed and the most updated. CAS-002 Practice Exams for CompTIA CASP CAS-002 are written to the highest standards of technical accuracy.

♥♥ 2018 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:

P.S. Highest Quality CAS-002 torrent are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 13 - Question 22)

Question No: 13

Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software from running on mobile devices?

A. Single sign-on

B. Identity propagation

C. Remote attestation

D. Secure code review

Answer: C

Question No: 14

An administrator believes that the web servers are being flooded with excessive traffic from time to time. The administrator suspects that these traffic floods correspond to when a competitor makes major announcements. Which of the following should the administrator do to prove this theory?

A. Implement data analytics to try and correlate the occurrence times.

B. Implement a honey pot to capture traffic during the next attack.

C. Configure the servers for high availability to handle the additional bandwidth.

D. Log all traffic coming from the competitor's public IP addresses.

Answer: A

Question No: 15

A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various security devices compiled from a report through the companyu2019s security information and event management server.

Logs: Log 1:

Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 3 packets

Log 2: HTTP://


Log 3:

Security Error Alert

Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client

Log 4:

Encoder oe = new OracleEncoder ();

String query = u201cSelect user_id FROM user_data WHERE user_name = u2018 u201d

+ oe.encode ( req.getParameter(u201cuserIDu201d) ) + u201c u2018 and user_password = u2018 u201c

+ oe.encode ( req.getParameter(u201cpwdu201d) ) +u201d u2018 u201c;

Vulnerabilities Buffer overflow SQL injection ACL


Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select TWO).

A. Log 1

B. Log 2

C. Log 3

D. Log 4

E. Buffer overflow



H. SQL injection

Answer: B,E

Question No: 16

CORRECT TEXTCompany A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: for the corporate site and for the remote site. The Telco router interface uses the IP range.

Instructions: Click on the simulation button to refer to the Network Diagram for Company A. Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.

Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.

Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.

Answer: Please check the explanation part for the solution.

Question No: 17

A system administrator has just installed a new Linux distribution. The distribution is configured to be u201csecure out of the boxu201d. The system administrator cannot make updates to certain system files and services. Each time changes are attempted, they are denied and a system error is generated. Which of the following troubleshooting steps should the security administrator suggest?

A. Review settings in the SELinux configuration files

B. Reset root permissions on systemd files

C. Perform all administrative actions while logged in as root

D. Disable any firewall software before making changes

Answer: A

Question No: 18

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete?

A. They should logon to the system using the username concatenated with the 6-digit code and their original password.

B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code.

C. They should use the username format: LAN\\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed.

D. They should use the username format:, together with a password and their 6-digit code.

Answer: D

Question No: 19

An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third-party? (Select TWO).





E. Kerberos

Answer: B,E

Question No: 20

A security engineer is working on a large software development project. As part of the design of the project, various stakeholder requirements were gathered and decomposed to an implementable and testable level. Various security requirements were also documented. Organize the following security requirements into the correct hierarchy required for an SRTM.

Requirement 1: The system shall provide confidentiality for data in transit and data at rest. Requirement 2: The system shall use SSL, SSH, or SCP for all data transport. Requirement 3: The system shall implement a file-level encryption scheme.

Requirement 4: The system shall provide integrity for all data at rest. Requirement 5: The system shall perform CRC checks on all files.

A. Level 1: Requirements 1 and 4; Level 2: Requirements 2, 3, and 5

B. Level 1: Requirements 1 and 4; Level 2: Requirements 2 and 3 under 1, Requirement 5

under 4

C. Level 1: Requirements 1 and 4; Level 2: Requirement 2 under 1, Requirement 5 under

4; Level 3: Requirement 3 under 2

D. Level 1: Requirements 1, 2, and 3; Level 2: Requirements 4 and 5

Answer: B

Question No: 21

A system administrator needs to meet the maximum amount of security goals for a new DNS infrastructure. The administrator deploys DNSSEC extensions to the domain names

and infrastructure. Which of the following security goals does this meet? (Select TWO).

A. Availability

B. Authentication

C. Integrity

D. Confidentiality

E. Encryption

Answer: B,C

Question No: 22

After reviewing a companyu2019s NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS export. The security administrator decides to remove the no_root_squash directive from the export and add the nosuid directive. Which of the following is true about the security controls implemented by the security administrator?

A. The newly implemented security controls are in place to ensure that NFS encryption can only be controlled by the root user.

B. Removing the no_root_squash directive grants the root user remote NFS read/write access to important files owned by root on the NAS.

C. Users with root access on remote NFS client computers can always use the SU command to modify other useru2019s files on the NAS.

D. Adding the nosuid directive disables regular users from accessing files owned by the root user over NFS even after using the SU command.

Answer: C

P.S. Easily pass CAS-002 Exam with Certleader Highest Quality Dumps & pdf vce, Try Free: (532 New Questions)