Your success in CompTIA CAS-002 is our sole target and we develop all our CAS-002 braindumps in a way that facilitates the attainment of this target. Not only is our CAS-002 study material the best you can find, it is also the most detailed and the most updated. CAS-002 Practice Exams for CompTIA CASP CAS-002 are written to the highest standards of technical accuracy.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/CAS-002-exam-dumps.html

P.S. Validated CAS-002 Q&A are available on Google Drive, GET MORE: https://drive.google.com/open?id=1o83EG0ADisGFtGQxvx-BzUZbRUif5wko


New CompTIA CAS-002 Exam Dumps Collection (Question 7 - Question 16)

Q7. A security administrator was doing a packet capture and noticed a system communicating with an address within the 2001::/32 prefix. The network administrator confirms there is no IPv6 routing into or out of the network. Which of the following is the BEST course of action?

A. Investigate the network traffic and block UDP port 3544 at the firewall

B. Remove the system from the network and disable IPv6 at the router

C. Locate and remove the unauthorized 6to4 relay from the network

D. Disable the switch port and block the 2001::/32 traffic at the firewall

Answer: A


Q8. Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets.

The information security team has been a part of the department meetings and come away with the following notes:

-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application.

-Sales is asking for easy order tracking to facilitate feedback to customers.

-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction.

-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy.

-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining.

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption.

Which of the following departmentsu2021 request is in contrast to the favored solution?

A. Manufacturing

B. Legal

C. Sales

D. Quality assurance

E. Human resources

Answer: E


Q9. An IT administrator has been tasked with implementing an appliance-based web proxy server to control external content accessed by internal staff. Concerned with the threat of corporate data leakage via web-based email, the IT administrator wants to decrypt all outbound HTTPS sessions and pass the decrypted content to an ICAP server for inspection by the corporate DLP software. Which of the following is BEST at protecting the internal certificates used in the decryption process?

A. NIPS

B. HSM

C. UTM

D. HIDS

E. WAF

F. SIEM

Answer: B


Q10. The risk manager has requested a security solution that is centrally managed, can easily

be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?

A. HIPS

B. UTM

C. Antivirus

D. NIPS

E. DLP

Answer: A


Q11. Which of the following does SAML uses to prevent government auditors or law enforcement from identifying specific entities as having already connected to a service provider through an SSO operation?

A. Transient identifiers

B. Directory services

C. Restful interfaces

D. Security bindings

Answer: : A


Q12. A company uses a custom Line of Business (LOB) application to facilitate all back-end manufacturing control. Upon investigation, it has been determined that the database used by the LOB application uses a proprietary data format. The risk management group has flagged this as a potential weakness in the companyu2021s operational robustness. Which of the following would be the GREATEST concern when analyzing the manufacturing control application?

A. Difficulty backing up the custom database

B. Difficulty migrating to new hardware

C. Difficulty training new admin personnel

D. Difficulty extracting data from the database

Answer: D


Q13. A system administrator needs to meet the maximum amount of security goals for a new DNS infrastructure. The administrator deploys DNSSEC extensions to the domain names and infrastructure. Which of the following security goals does this meet? (Select TWO).

A. Availability

B. Authentication

C. Integrity

D. Confidentiality

E. Encryption

Answer: B,C


Q14. A company has been purchased by another agency and the new security architect has identified new security goals for the organization. The current location has video surveillance throughout the building and entryways. The following requirements must be met:

1. Ability to log entry of all employees in and out of specific areas

2. Access control into and out of all sensitive areas

3. Two-factor authentication

Which of the following would MOST likely be implemented to meet the above requirements and provide a secure solution? (Select TWO).

A. Proximity readers

B. Visitor logs

C. Biometric readers

D. Motion detection sensors

E. Mantrap

Answer: A,C


Q15. An internal committee comprised of the facilities manager, the physical security manager, the network administrator, and a member of the executive team has been formed to address a recent breach at a companyu2021s data center. It was discovered that during the breach, an HVAC specialist had gained entry to an area that contained server farms holding sensitive financial data. Although the HVAC specialist was there to fix a legitimate issue, the investigation concluded security be provided for the two entry and exit points for the server farm. Which of the following should be implemented to accomplish the recommendations of the investigation?

A. Implement a policy that all non-employees should be escorted in the data center.

B. Place a mantrap at the points with biometric security.

C. Hire an HVAC person for the company, eliminating the need for external HVAC people.

D. Implement CCTV cameras at both points.

Answer: B


Q16. The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53?

A. PING

B. NESSUS

C. NSLOOKUP

D. NMAP

Answer: D


P.S. Easily pass CAS-002 Exam with Examcollection Validated Dumps & pdf vce, Try Free: http://www.examcollectionuk.com/CAS-002-vce-download.html (532 New Questions)