CAS-002 Latest Exam (Mar 2018)

[Free] 2018(Mar) EnsurePass Testinsides CompTIA CAS-002 Dumps with VCE and PDF 241-250

April 14, 2018 : Ensure you pass the IT Exams
2018 Mar CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 241 – (Topic 3)

A security administrator wants to verify and improve the security of a business process which is tied to proven company workflow. The security administrator was able to improve security by applying controls that were defined by the newly released company security standard. Such controls included code improvement, transport encryption, and interface restrictions. Which of the following can the security administrator do to further increase security after having exhausted all the technical controls dictated by the company’s security standard?

  1. Modify the company standard to account for higher security and meet with upper management for approval to implement the new standard.

  2. Conduct a gap analysis and recommend appropriate non-technical mitigating controls, and incorporate the new controls into the standard.

  3. Conduct a risk analysis on all current controls, and recommend appropriate mechanisms to increase overall security.

  4. Modify the company policy to account for higher security, adapt the standard accordingly, and implement new technical controls.

Answer: B

Question No: 242 – (Topic 3)

A data breach has occurred at Company A and as a result, the Chief Information Officer (CIO) has resigned. The CIO#39;s laptop, cell phone and PC were all wiped of data per company policy. A month later, prosecutors in litigation with Company A suspect the CIO knew about the data breach long before it was discovered and have issued a subpoena requesting all the CIO#39;s email from the last 12 months. The corporate retention policy recommends keeping data for no longer than 90 days. Which of the following should occur?

  1. Restore the CIO#39;s email from an email server backup and provide the last 90 days from the date of the subpoena request.

  2. Inform the litigators that the CIOs information has been deleted as per corporate policy.

  3. Restore the CIO#39;s email from an email server backup and provide the last 90 days from the date of the CIO resignation.

  4. Restore the CIO#39;s email from an email server backup and provide whatever is available up to the last 12 months from the subpoena date.

Answer: D

Question No: 243 – (Topic 3)

A security administrator at a Lab Company is required to implement a solution which will provide the highest level of confidentiality possible to all data on the lab network.

The current infrastructure design includes:

The network is protected with a firewall implementing ACLs, a NIPS device, and secured wireless access points.

Which of the following cryptographic improvements should be made to the current architecture to achieve the stated goals?

  1. PKI based authorization

  2. Transport encryption

  3. Data at rest encryption

  4. Code signing

Answer: B

Question No: 244 – (Topic 3)

A helpdesk manager at a financial company has received multiple reports from employees and customers that their phone calls sound metallic on the voice system. The helpdesk has been using VoIP lines encrypted from the handset to the PBX for several years. Which of the following should be done to address this issue for the future?

  1. SIP session tagging and QoS

  2. A dedicated VLAN

  3. Lower encryption setting

  4. Traffic shaping

Answer: B

Question No: 245 – (Topic 3)

The lt;nameIDgt; element in SAML can be provided in which of the following predefined formats? (Select TWO).

  1. X.509 subject name

  2. PTR DNS record

  3. EV certificate OID extension

  4. Kerberos principal name

  5. WWN record name

Answer: A,D

Question No: 246 – (Topic 3)

A WAF without customization will protect the infrastructure from which of the following attack combinations?

  1. DDoS, DNS poisoning, Boink, Teardrop

  2. Reflective XSS, HTTP exhaustion, Teardrop

  3. SQL Injection, DOM based XSS, HTTP exhaustion

  4. SQL Injection, CSRF, Clickjacking

Answer: C

Question No: 247 – (Topic 3)

An administrator receives reports that the network is running slow for users connected to a certain switch. Viewing the network traffic, the administrator reviews the following:

18:51:59.042108 IP linuxwksta.55467 gt; 39462 PTR? (42)

18:51:59.055732 IP gt; linuxwksta.55467: 39462 NXDomain 0/0/0 (42)

18:51:59.055842 IP linuxwksta.48287 gt; 46767 PTR? (42)

18:51:59.069816 IP gt; linuxwksta.48287: 46767 NXDomain 0/0/0 (42)

18:51:59.159060 IP linuxwksta.42491 gt; Flags [P.], seq 1989625106:1989625154, ack 2067334822, win 1525, options [nop,nop,TS val 16021424

ecr 215646227], length 48

18:51:59.159145 IP linuxwksta.48854 gt; 3834 PTR? (41)

18:51:59.159314 IP gt; linuxwksta.42491: Flags [P.], seq 1:49, ack 48, win 124, options [nop,nop,TS val 215647479 ecr 16021424], length 48

18:51:59.159330 IP linuxwksta.42491 gt; Flags [.], ack 49, win 1525, options [nop,nop,TS val 16021424 ecr 215647479], length 0

18:51:59.165342 IP gt; linuxwksta.48854: 3834 NXDomain 0/0/0 (41)

18:51:59.397461 ARP, Request who-has tell, length 46

18:51:59.397597 IP linuxwksta.37684 gt; 15022 PTR? (41)

Given the traffic report, which of the following is MOST likely causing the slow traffic?

  1. DNS poisoning

  2. Improper network zoning

  3. ARP poisoning

  4. Improper LUN masking

Answer: B

Question No: 248 – (Topic 3)

After connecting to a secure payment server at, an auditor notices that the SSL certificate was issued to * The auditor also notices that many of the internal development servers use the same certificate. After installing the certificate on, one of the developers reports misplacing the USB thumb-drive where the SSL certificate was stored. Which of the following should the auditor recommend FIRST?

  1. Generate a new public key on both servers.

  2. Replace the SSL certificate on

  3. Generate a new private key password for both servers.

  4. Replace the SSL certificate on

Answer: D

Question No: 249 – (Topic 3)

A developer is coding the crypto routine of an application that will be installed on a standard headless and diskless server connected to a NAS housed in the datacenter. The developer has written the following six lines of code to add entropy to the routine:

1 – If VIDEO input exists, use video data for entropy 2 – If AUDIO input exists, use audio data for entropy

  1. – If MOUSE input exists, use mouse data for entropy

  2. – IF KEYBOARD input exists, use keyboard data for entropy 5 – IF IDE input exists, use IDE data for entropy

6 – IF NETWORK input exists, use network data for entropy

Which of the following lines of code will result in the STRONGEST seed when combined?

  1. 2 and 1

  2. 3 and 5

  3. 5 and 2

  4. 6 and 4

Answer: D

Question No: 250 – (Topic 3)

Which of the following should be used to identify overflow vulnerabilities?

  1. Fuzzing

  2. Input validation

  3. Privilege escalation

  4. Secure coding standards

Answer: A

100% Ensurepass Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Ensurepass Free Guaranteed!
CAS-002 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No