Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
CAS-002 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 111-120

September 15, 2017

EnsurePass
2017 Sep CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/CAS-002.html

CompTIA Advanced Security Practitioner (CASP)

Question No: 111 – (Topic 1)

Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components of the proprietary web application before launch. Which of the following is the penetration tester MOST likely to use while performing black box testing of the security of the company’s purchased application? (Select TWO).

  1. Code review

  2. Sandbox

  3. Local proxy

  4. Fuzzer

  5. Port scanner

Answer: C,D

Question No: 112 – (Topic 1)

Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim’s privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?

  1. Integer overflow

  2. Click-jacking

  3. Race condition

  4. SQL injection

  5. Use after free

  6. Input validation

Answer: E

Question No: 113 – (Topic 1)

A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:

Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).

  1. Secure storage and transmission of API keys

  2. Secure protocols for transmission of log files and search results

  3. At least two years retention of log files in case of e-discovery requests

  4. Multi-tenancy with RBAC support

  5. Sanitizing filters to prevent upload of sensitive log file contents

  6. Encryption of logical volumes on which the customers#39; log files reside

Answer: A,B,D

Question No: 114 – (Topic 1)

A new piece of ransomware got installed on a company’s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern?

  1. Determining how to install HIPS across all server platforms to prevent future incidents

  2. Preventing the ransomware from re-infecting the server upon restore

  3. Validating the integrity of the deduplicated data

  4. Restoring the data will be difficult without the application configuration

Answer: D

Question No: 115 – (Topic 1)

Joe, the Chief Executive Officer (CEO), was an Information security professor and a

Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted?

  1. The company should develop an in-house solution and keep the algorithm a secret.

  2. The company should use the CEO’s encryption scheme.

  3. The company should use a mixture of both systems to meet minimum standards.

  4. The company should use the method recommended by other respected information security organizations.

Answer: D

Question No: 116 – (Topic 1)

A security engineer is a new member to a configuration board at the request of management. The company has two new major IT projects starting this year and wants to plan security into the application deployment. The board is primarily concerned with the applications’ compliance with federal assessment and authorization standards. The security engineer asks for a timeline to determine when a security assessment of both applications should occur and does not attend subsequent configuration board meetings. If the security engineer is only going to perform a security assessment, which of the following steps in system authorization has the security engineer omitted?

  1. Establish the security control baseline

  2. Build the application according to software development security standards

  3. Review the results of user acceptance testing

  4. Consult with the stakeholders to determine which standards can be omitted

Answer: A

Question No: 117 – (Topic 1)

In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).

  1. Provide free email software for personal devices.

  2. Encrypt data in transit for remote access.

  3. Require smart card authentication for all devices.

  4. Implement NAC to limit insecure devices access.

  5. Enable time of day restrictions for personal devices.

Answer: B,D

Topic 2, Volume B

Question No: 118 – (Topic 2)

An organization recently upgraded its wireless infrastructure to support 802.1x and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only pre-shared key compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the 802.1x requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?

  1. Create a separate SSID and require the use of dynamic encryption keys.

  2. Create a separate SSID with a pre-shared key to support the legacy clients and rotate the key at random intervals.

  3. Create a separate SSID and pre-shared WPA2 key on a new network segment and only allow required communication paths.

  4. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.

Answer: B

Question No: 119 – (Topic 2)

A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing confidential corporate information on a daily basis. Which of the following are the MOST effective security controls that can be implemented to stop the above problem? (Select TWO).

  1. Implement a URL filter to block the online forum

  2. Implement NIDS on the desktop and DMZ networks

  3. Security awareness compliance training for all employees

  4. Implement DLP on the desktop, email gateway, and web proxies

  5. Review of security policies and procedures

Answer: C,D

Question No: 120 – (Topic 2)

It has come to the IT administrator’s attention that the “post your comment” field on the company blog page has been exploited, resulting in cross-site scripting attacks against customers reading the blog. Which of the following would be the MOST effective at preventing the “post your comment” field from being exploited?

  1. Update the blog page to HTTPS

  2. Filter metacharacters

  3. Install HIDS on the server

  4. Patch the web application

  5. Perform client side input validation

Answer: B

100% Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass CAS-002 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE