Top Tips Of CAS-002 forum

Want to know Actualtests CAS-002 Exam practice test features? Want to lear more about CompTIA CompTIA Advanced Security Practitioner (CASP) certification experience? Study Download CompTIA CAS-002 answers to Abreast of the times CAS-002 questions at Actualtests. Gat a success with an absolute guarantee to pass CompTIA CAS-002 (CompTIA Advanced Security Practitioner (CASP)) test on your first attempt.

Q141. - (Topic 2) 

After reviewing a company’s NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS export. The security administrator decides to remove the no_root_squash directive from the export and add the nosuid directive. Which of the following is true about the security controls implemented by the security administrator? 

A. The newly implemented security controls are in place to ensure that NFS encryption can only be controlled by the root user. 

B. Removing the no_root_squash directive grants the root user remote NFS read/write access to important files owned by root on the NAS. 

C. Users with root access on remote NFS client computers can always use the SU command to modify other user’s files on the NAS. 

D. Adding the nosuid directive disables regular users from accessing files owned by the root user over NFS even after using the SU command. 


Q142. - (Topic 4) 

A retail bank has had a number of issues in regards to the integrity of sensitive information across all of its customer databases. This has resulted in the bank’s share price decreasing in value by 50% and regulatory intervention and monitoring. 

The new Chief Information Security Officer (CISO) as a result has initiated a program of work to solve the issues. 

The business has specified that the solution needs to be enterprise grade and meet the following requirements: 

In order to solve this problem, which of the following security solutions will BEST meet the above requirements? (Select THREE). 

A. Implement a security operations center to provide real time monitoring and incident response with self service reporting capability. 

B. Implement an aggregation based SIEM solution to be deployed on the log servers of the major platforms, applications, and infrastructure. 

C. Implement a security operations center to provide real time monitoring and incident response and an event correlation dashboard with self service reporting capability. 

D. Ensure that the network operations center has the tools to provide real time monitoring and incident response and an event correlation dashboard with self service reporting capabilities. 

E. Implement an agent only based SIEM solution to be deployed on all major platforms, applications, and infrastructures. 

F. Ensure appropriate auditing is enabled to capture the required information. 

G. Manually pull the logs from the major platforms, applications, and infrastructures to a central secure server. 

Answer: B,C,F 

Q143. - (Topic 3) 

A large financial company has a team of security-focused architects and designers that contribute into broader IT architecture and design solutions. Concerns have been raised due to the security contributions having varying levels of quality and consistency. It has been agreed that a more formalized methodology is needed that can take business drivers, capabilities, baselines, and re-usable patterns into account. Which of the following would BEST help to achieve these objectives? 

A. Construct a library of re-usable security patterns 

B. Construct a security control library 

C. Introduce an ESA framework 

D. Include SRTM in the SDLC 


Q144. - (Topic 1) 

The administrator is troubleshooting availability issues on an FCoE-based storage array that uses deduplication. The single controller in the storage array has failed, so the administrator wants to move the drives to a storage array from a different manufacturer in order to access the data. Which of the following issues may potentially occur? 

A. The data may not be in a usable format. 

B. The new storage array is not FCoE based. 

C. The data may need a file system check. 

D. The new storage array also only has a single controller. 


Q145. - (Topic 5) 

The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. The helpdesk staff is currently unable to perform effective troubleshooting and relies on callers to describe their technology problems. Given that the helpdesk staff is located within the company headquarters and 90% of the callers are telecommuters, which of the following tools should the helpdesk manager use to make the staff more effective at troubleshooting while at the same time reducing company costs? (Select TWO). 

A. Web cameras 

B. Email 

C. Instant messaging 


E. Desktop sharing 

F. Presence 

Answer: C,E 

Q146. - (Topic 4) 

The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented? 

A. Geographical regulation issues, loss of intellectual property and interoperability agreement issues 

B. Improper handling of client data, interoperability agreement issues and regulatory issues 

C. Cultural differences, increased cost of doing business and divestiture issues 

D. Improper handling of customer data, loss of intellectual property and reputation damage 


Q147. - (Topic 2) 

A security administrator has been asked to select a cryptographic algorithm to meet the criteria of a new application. The application utilizes streaming video that can be viewed both on computers and mobile devices. The application designers have asked that the algorithm support the transport encryption with the lowest possible performance overhead. Which of the following recommendations would BEST meet the needs of the application designers? (Select TWO). 

A. Use AES in Electronic Codebook mode 

B. Use RC4 in Cipher Block Chaining mode 

C. Use RC4 with Fixed IV generation 

D. Use AES with cipher text padding 

E. Use RC4 with a nonce generated IV 

F. Use AES in Counter mode 

Answer: E,F 

Q148. - (Topic 5) 

A security manager has received the following email from the Chief Financial Officer (CFO): 

“While I am concerned about the security of the proprietary financial data in our ERP application, we have had a lot of turnover in the accounting group and I am having a difficult time meeting our monthly performance targets. As things currently stand, we do not allow employees to work from home but this is something I am willing to allow so we can get back on track. What should we do first to securely enable this capability for my group?” 

Based on the information provided, which of the following would be the MOST appropriate response to the CFO? 

A. Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed. 

B. Allow VNC access to corporate desktops from personal computers for the users working from home. 

C. Allow terminal services access from personal computers after the CFO provides a list of the users working from home. 

D. Work with the executive management team to revise policies before allowing any remote access. 


Q149. - (Topic 4) 

At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO). 

A. Add guests with more memory to increase capacity of the infrastructure. 

B. A backup is running on the thin clients at 9am every morning. 

C. Install more memory in the thin clients to handle the increased load while booting. 

D. Booting all the lab desktops at the same time is creating excessive I/O. 

E. Install 10-Gb uplinks between the hosts and the lab to increase network capacity. 

F. Install faster SSD drives in the storage system used in the infrastructure. 

G. The lab desktops are saturating the network while booting. 

H. The lab desktops are using more memory than is available to the host systems. 

Answer: D,F 

Q150. - (Topic 2) 

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy. Which of the following are true statements? (Select TWO). 

A. The X509 V3 certificate was issued by a non trusted public CA. 

B. The client-server handshake could not negotiate strong ciphers. 

C. The client-server handshake is configured with a wrong priority. 

D. The client-server handshake is based on TLS authentication. 

E. The X509 V3 certificate is expired. 

F. The client-server implements client-server mutual authentication with different certificates. 

Answer: B,C