Certleader 2018 New CAS-002 Exam Dumps (PDF & VCE) Download: https://www.certleader.com/CAS-002-dumps.html

It is impossible to pass CompTIA CAS-002 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed CompTIA CAS-002 practice questions. You will get a surprising result by our Up to date CompTIA Advanced Security Practitioner (CASP) practice guides.

P.S. High value CAS-002 item pool are available on Google Drive, GET MORE: https://drive.google.com/open?id=1ddthACQd1JGf0imm89GpLL8acwMLf-_e


New CompTIA CAS-002 Exam Dumps Collection (Question 10 - Question 19)

New Questions 10

For companies seeking to move to cloud services, variances in regulation between jurisdictions can be addressed in which of the following ways?

A. Ensuring the cloud service provides high availability spanning multiple regions.

B. Using an international private cloud model as opposed to public IaaS.

C. Encrypting all data moved to or processed in a cloud-based service.

D. Tagging VMs to ensure they are only run in certain geographic regions.

Answer: D


New Questions 11

A developer has implemented a piece of client-side JavaScript code to sanitize a useru2019s

provided input to a web page login screen. The code ensures that only the upper case and lower case letters are entered in the username field, and that only a 6-digit PIN is entered in the password field. A security administrator is concerned with the following web server log:

10.235.62.11 u2013 - [02/Mar/2014:06:13:04] u201cGET

/site/script.php?user=admin&pass=pass%20or%201=1 HTTP/1.1u201d 200 5724

Given this log, which of the following is the security administrator concerned with and which fix should be implemented by the developer?

A. The security administrator is concerned with nonprintable characters being used to gain administrative access, and the developer should strip all nonprintable characters.

B. The security administrator is concerned with XSS, and the developer should normalize Unicode characters on the browser side.

C. The security administrator is concerned with SQL injection, and the developer should implement server side input validation.

D. The security administrator is concerned that someone may log on as the administrator, and the developer should ensure strong passwords are enforced.

Answer: C


New Questions 12

A high-tech company dealing with sensitive data seized the mobile device of an employee suspected of leaking company secrets to a competitive organization. Which of the following is the BEST order for mobile phone evidence extraction?

A. Device isolation, evidence intake, device identification, data processing, verification of data accuracy, documentation, reporting, presentation and archival.

B. Evidence intake, device identification, preparation to identify the necessary tools, device isolation, data processing, verification of data accuracy, documentation, reporting, presentation and archival.

C. Evidence log, device isolation ,device identification, preparation to identify the necessary tools, data processing, verification of data accuracy, presentation and archival.

D. Device identification, evidence log, preparation to identify the necessary tools, data processing, verification of data accuracy, device isolation, documentation, reporting, presentation and archival.

Answer: B


New Questions 13

A security engineer is a new member to a configuration board at the request of management. The company has two new major IT projects starting this year and wants to plan security into the application deployment. The board is primarily concerned with the applicationsu2019 compliance with federal assessment and authorization standards. The security engineer asks for a timeline to determine when a security assessment of both applications should occur and does not attend subsequent configuration board meetings. If the security engineer is only going to perform a security assessment, which of the following steps in system authorization has the security engineer omitted? (Select TWO).

A. Establish the security control baseline to be assessed

B. Build the application according to software development security standards

C. Write the systems functionality requirements into the security requirements traceability matrix

D. Review the results of user acceptance testing

E. Categorize the applications according to use

F. Consult with the stakeholders to determine which standards can be omitted

Answer: A,E


New Questions 14

A large bank deployed a DLP solution to detect and block customer and credit card data from leaving the organization via email. A disgruntled employee was able to successfully exfiltrate data through the corporate email gateway by embedding a word processing document containing sensitive data as an object in a CAD file. Which of the following BEST explains why it was not detected and blocked by the DLP solution? (Select TWO).

A. The product does not understand how to decode embedded objects.

B. The embedding of objects in other documents enables document encryption by default.

C. The process of embedding an object obfuscates the data.

D. The mail client used to send the email is not compatible with the DLP product.

E. The DLP product cannot scan multiple email attachments at the same time.

Answer: A,C


New Questions 15

A security administrator needs to deploy a remote access solution for both staff and contractors. Management favors remote desktop due to ease of use. The current risk assessment suggests protecting Windows as much as possible from direct ingress traffic exposure. Which of the following solutions should be selected?

A. Deploy a remote desktop server on your internal LAN, and require an active directory integrated SSL connection for access.

B. Change remote desktop to a non-standard port, and implement password complexity for the entire active directory domain.

C. Distribute new IPSec VPN client software to applicable parties. Virtualize remote desktop services functionality.

A. D. Place the remote desktop server(s) on a screened subnet, and implement two-factor authentication.

Answer: D


New Questions 16

A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card details. Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input?

A. Client side input validation

B. Stored procedure

C. Encrypting credit card details

D. Regular expression matching

Answer: D


New Questions 17

The sales team is considering the deployment of a new CRM solution within the enterprise. The IT and Security teams are members of the project; however, neither team has expertise or experience with the proposed system. Which of the following activities should be performed FIRST?

A. Visit a company who already has the technology, sign an NDA, and read their latest risk assessment.

B. Contact the top vendor, assign IT and Security to work together to implement a demo and pen test the system.

C. Work with Finance to do a second ROI calculation before continuing further with the project.

D. Research the market, select the top vendors and solicit RFPs from those vendors.

Answer: D


New Questions 18

A system administrator is troubleshooting a possible denial of service on a sensitive system. The system seems to run properly for a few hours after it is restarted, but then it suddenly stops processing transactions. The system administrator suspects an internal DoS caused by a disgruntled developer who is currently seeking a new job while still working for the company. After looking into various system logs, the system administrator looks at the following output from the main system service responsible for processing incoming transactions.

DATE/TIMEPIDCOMMAND%CPUMEM 031020141030002055com.proc10.2920K

031020141100002055com.proc12.35.2M

031020141230002055com.proc22.022M

031020141300002055com.proc33.01.6G

031020141330002055com.proc30.28.0G

Which of the following is the MOST likely cause for the DoS?

A. The system does not implement proper garbage collection.

B. The system is susceptible to integer overflow.

C. The system does not implement input validation.

D. The system does not protect against buffer overflows properly.

Answer: A


New Questions 19

A security administrator is shown the following log excerpt from a Unix system:

2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port

37914 ssh2

2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port

37915 ssh2

2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port

37916 ssh2

2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port

37918 ssh2

2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port

37920 ssh2

2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port

37924 ssh2

Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).

A. An authorized administrator has logged into the root account remotely.

B. The administrator should disable remote root logins.

C. Isolate the system immediately and begin forensic analysis on the host.

D. A remote attacker has compromised the root account using a buffer overflow in sshd.

E. A remote attacker has guessed the root password using a dictionary attack.

F. Use iptables to immediately DROP connections from the IP 198.51.100.23.

G. A remote attacker has compromised the private key of the root account.

H. Change the root password immediately to a password not found in a dictionary.

Answer: C,E



To know more about the CAS-002 dumps download, click here.

Recommend!! Get the High value CAS-002 dumps in VCE and PDF From Certleader, Welcome to download: https://www.certleader.com/CAS-002-dumps.html (New 450 Q&As Version)