CAS-002 Latest Exam (Mar 2018)

[Free] 2018(Mar) EnsurePass Testinsides CompTIA CAS-002 Dumps with VCE and PDF 131-140

April 14, 2018 : Ensure you pass the IT Exams
2018 Mar CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 131 – (Topic 2)

Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows:

Delivered-To: Received: by

Mon, 1 Nov 2010 11:15:24 -0700 (PDT)

Received: by

Mon, 01 Nov 2010 11:15:23 -0700 (PDT)

Return-Path: lt;IT@company.comgt;

Received: from for lt;customer@example.comgt;; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from lt;IT@company.comgt;)

Received: by (SMTP READY) with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500

Received: from by; Mon, 1 Nov 2010 13:15:14 -0500

From: Company lt;IT@Company.comgt;

To: quot;customer@example.comquot; lt;customer@example.comgt; Date: Mon, 1 Nov 2010 13:15:11 -0500

Subject: New Insurance Application Thread-Topic: New Insurance Application

Please download and install software from the site below to maintain full access to your account.

Ensurepass 2018 PDF and VCE

Additional information: The authorized mail servers IPs are and The network’s subnet is

Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).

  1. Identify the origination point for malicious activity on the unauthorized mail server.

  2. Block port 25 on the firewall for all unauthorized mail servers.

  3. Disable open relay functionality.

  4. Shut down the SMTP service on the unauthorized mail server.

  5. Enable STARTTLS on the spam filter.

Answer: B,D

Question No: 132 – (Topic 2)

Which of the following represents important technical controls for securing a SAN storage infrastructure? (Select TWO).

  1. Synchronous copy of data

  2. RAID configuration

  3. Data de-duplication

  4. Storage pool space allocation

  5. Port scanning

  6. LUN masking/mapping

  7. Port mapping

Answer: F,G

Question No: 133 – (Topic 2)

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled:

Caller 1, IP, NETMASK

Caller 2, IP, NETMASK

Caller 3, IP, NETMASK

All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router interface’s MAC is 00-01-42-32-ab-1a

A packet capture shows the following:

09:05:15.934840 arp reply is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:06:16.124850 arp reply is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:07:25.439811 arp reply is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:08:10.937590 IP gt; ICMP echo request, id 2305, seq 1,

length 65534

09:08:10.937591 IP gt; ICMP echo request, id 2306, seq 2,

length 65534

09:08:10.937592 IP gt; ICMP echo request, id 2307, seq 3,

length 65534

Which of the following is occurring on the network?

  1. A man-in-the-middle attack is underway on the network.

  2. An ARP flood attack is targeting at the router.

  3. The default gateway is being spoofed on the network.

  4. A denial of service attack is targeting at the router.

Answer: D

Question No: 134 – (Topic 2)

VPN users cannot access the active FTP server through the router but can access any server in the data center.

Additional network information:

DMZ network – (FTP server is VPN network –

Datacenter – User network – HR network –\

Traffic shaper configuration: VLAN Bandwidth Limit (Mbps) VPN50

User175 HR250

Finance250 Guest0

Router ACL: ActionSourceDestination Permit192.168.1.0/24192.168.2.0/24 Permit192.168.1.0/24192.168.3.0/24 Permit192.168.1.0/24192.168.5.0/24 Permit192.168.2.0/24192.168.1.0/24 Permit192.168.3.0/24192.168.1.0/24

Permit192.168.5.1/32192.168.1.0/24 Deny192.168.4.0/24192.168.1.0/24 Deny192.168.1.0/24192.168.4.0/24


Which of the following solutions would allow the users to access the active FTP server?

  1. Add a permit statement to allow traffic from to the VPN network

  2. Add a permit statement to allow traffic to from the VPN network

  3. IPS is blocking traffic and needs to be reconfigured

  4. Configure the traffic shaper to limit DMZ traffic

  5. Increase bandwidth limit on the VPN network

Answer: A

Question No: 135 – (Topic 2)

A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect? (Select TWO).

  1. Perform penetration testing over the HR solution to identify technical vulnerabilities

  2. Perform a security risk assessment with recommended solutions to close off high-rated risks

  3. Secure code review of the HR solution to identify security gaps that could be exploited

  4. Perform access control testing to ensure that privileges have been configured correctly

  5. Determine if the information security standards have been complied with by the project

Answer: B,E

Question No: 136 – (Topic 2)

A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two- factor authentication for customer access to the administrative website. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data

from customer A was found on a hidden directory within the VM of company B. Company B is not in the same industry as company A and the two are not competitors. Which of the following has MOST likely occurred?

  1. Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.

  2. A stolen two factor token was used to move data from one virtual guest to another host on the same network segment.

  3. A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access.

  4. An employee with administrative access to the virtual guests was able to dump the guest memory onto a mapped disk.

Answer: A

Question No: 137 – (Topic 2)

Customers have recently reported incomplete purchase history and other anomalies while accessing their account history on the web server farm. Upon investigation, it has been determined that there are version mismatches of key e-commerce applications on the production web servers. The development team has direct access to the production servers and is most likely the cause of the different release versions. Which of the following process level solutions would address this problem?

  1. Implement change control practices at the organization level.

  2. Adjust the firewall ACL to prohibit development from directly accessing the production server farm.

  3. Update the vulnerability management plan to address data discrepancy issues.

  4. Change development methodology from strict waterfall to agile.

Answer: A

Question No: 138 – (Topic 2)

A new IT company has hired a security consultant to implement a remote access system, which will enable employees to telecommute from home using both company issued as well as personal computing devices, including mobile devices. The company wants a flexible system to provide confidentiality and integrity for data in transit to the company’s internally developed application GUI. Company policy prohibits employees from having administrative rights to company issued devices. Which of the following remote access

solutions has the lowest technical complexity?

  1. RDP server

  2. Client-based VPN

  3. IPSec

  4. Jump box

  5. SSL VPN

Answer: A

Question No: 139 – (Topic 2)

A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following figures is the system’s SLE?

A. $2,000 B. $8,000 C. $12,000 D. $32,000

Answer: B

Question No: 140 – (Topic 2)

Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a result, password replication and shared accounts are not acceptable. Which of the following implementations addresses the distributed login with centralized authentication and has wide compatibility among SaaS vendors?

  1. Establish a cloud-based authentication service that supports SAML.

  2. Implement a new Diameter authentication server with read-only attestation.

  3. Install a read-only Active Directory server in the corporate DMZ for federation.

  4. Allow external connections to the existing corporate RADIUS server.

Answer: A

100% Ensurepass Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Ensurepass Free Guaranteed!
CAS-002 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No