Latest Certified Success Dumps Download

CAS-002 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 1-10

September 15, 2017

2017 Sep CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 1 – (Topic 1)

Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test?

  1. Test password complexity of all login fields and input validation of form fields

  2. Reverse engineering any thick client software that has been provided for the test

  3. Undertaking network-based denial of service attacks in production environment

  4. Attempting to perform blind SQL injection and reflected cross-site scripting attacks

  5. Running a vulnerability scanning tool to assess network and host weaknesses

Answer: C

Question No: 2 – (Topic 1)

An insurance company is looking to purchase a smaller company in another country. Which of the following tasks would the security administrator perform as part of the security due diligence?

  1. Review switch and router configurations

  2. Review the security policies and standards

  3. Perform a network penetration test

  4. Review the firewall rule set and IPS logs

Answer: B

Question No: 3 – (Topic 1)

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker#39;s position?

  1. Least privilege

  2. Job rotation

  3. Mandatory vacation

  4. Separation of duties

Answer: B

Question No: 4 – (Topic 1)

A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO).

  1. Privacy could be compromised as patient records can be viewed in uncontrolled areas.

  2. Device encryption has not been enabled and will result in a greater likelihood of data loss.

  3. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data.

  4. Malware may be on BYOD devices which can extract data via key logging and screen scrapes.

  5. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable.

Answer: A,D

Question No: 5 – (Topic 1)

The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system?

  1. Virtualize the system and migrate it to a cloud provider.

  2. Segment the device on its own secure network.

  3. Install an antivirus and HIDS on the system.

  4. Hire developers to reduce vulnerabilities in the code.

Answer: B

Question No: 6 – (Topic 1)

The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter.

The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?

  1. The corporate network is the only network that is audited by regulators and customers.

  2. The aggregation of employees on a corporate network makes it a more valuable target for attackers.

  3. Home networks are unknown to attackers and less likely to be targeted directly.

  4. Employees are more likely to be using personal computers for general web browsing when they are at home.

Answer: B

Question No: 7 – (Topic 1)

The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following: – – [08/Mar/2014:10:54:04] “GET calendar.php?create table hidden HTTP/1.1” 200 5724 – – [08/Mar/2014:10:54:05] “GET ../../../root/.bash_history HTTP/1.1” 200

5724 – – [08/Mar/2014:10:54:04] “GET index.php?user=lt;scriptgt;Createlt;/scriptgt; HTTP/1.1” 200 5724

The security administrator also inspects the following file system locations on the database server using the command ‘ls -al /root’

drwxrwxrwx 11 root root 4096 Sep 28 22:45 .

drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..

-rws— 25 root root 4096 Mar 8 09:30 .bash_history

-rw—- 25 root root 4096 Mar 8 09:30 .bash_history

-rw—- 25 root root 4096 Mar 8 09:30 .profile

-rw—- 25 root root 4096 Mar 8 09:30 .ssh

Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).

  1. Privilege escalation

  2. Brute force attack

  3. SQL injection

  4. Cross-site scripting

  5. Using input validation, ensure the following characters are sanitized: lt;gt;

  6. Update crontab with: find / \( -perm -4000 \) -type f -print0 | xargs -0 ls -l |

  7. Implement the following PHP directive: $clean_user_input = addslashes($user_input)

  8. Set an account lockout policy

Answer: A,F

Question No: 8 – (Topic 1)

A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO).

  1. Demonstration of IPS system

  2. Review vendor selection process

  3. Calculate the ALE for the event

  4. Discussion of event timeline

  5. Assigning of follow up items

Answer: D,E

Question No: 9 – (Topic 1)

select id, firstname, lastname from authors User input= firstname= Hack;man


Which of the following types of attacks is the user attempting?

  1. XML injection

  2. Command injection

  3. Cross-site scripting

  4. SQL injection

Answer: D

Question No: 10 – (Topic 1)

The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented?

  1. Geographical regulation issues, loss of intellectual property and interoperability agreement issues

  2. Improper handling of client data, interoperability agreement issues and regulatory issues

  3. Cultural differences, increased cost of doing business and divestiture issues

  4. Improper handling of customer data, loss of intellectual property and reputation damage

Answer: D

100% Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass CAS-002 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE