Improved CAS-002: Pass4sure real free samples from 151 to 160

Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Exambible CAS-002 practice exam. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.

Q151. - (Topic 1) 

A developer has implemented a piece of client-side JavaScript code to sanitize a user’s provided input to a web page login screen. The code ensures that only the upper case and lower case letters are entered in the username field, and that only a 6-digit PIN is entered in the password field. A security administrator is concerned with the following web server log: – - [02/Mar/2014:06:13:04] “GET /site/script.php?user=admin&pass=pass%20or%201=1 HTTP/1.1” 200 5724 

Given this log, which of the following is the security administrator concerned with and which fix should be implemented by the developer? 

A. The security administrator is concerned with nonprintable characters being used to gain administrative access, and the developer should strip all nonprintable characters. 

B. The security administrator is concerned with XSS, and the developer should normalize Unicode characters on the browser side. 

C. The security administrator is concerned with SQL injection, and the developer should implement server side input validation. 

D. The security administrator is concerned that someone may log on as the administrator, and the developer should ensure strong passwords are enforced. 


Q152. - (Topic 4) 

A company has implemented data retention policies and storage quotas in response to their legal department's requests and the SAN administrator's recommendation. The retention policy states all email data older than 90 days should be eliminated. As there are no technical controls in place, users have been instructed to stick to a storage quota of 500Mb of network storage and 200Mb of email storage. After being presented with an e-discovery request from an opposing legal council, the security administrator discovers that the user in the suit has 1Tb of files and 300Mb of email spanning over two years. Which of the following should the security administrator provide to opposing council? 

A. Delete files and email exceeding policy thresholds and turn over the remaining files and email. 

B. Delete email over the policy threshold and hand over the remaining emails and all of the files. 

C. Provide the 1Tb of files on the network and the 300Mb of email files regardless of age. 

D. Provide the first 200Mb of e-mail and the first 500Mb of files as per policy. 


Q153. - (Topic 4) 

Company XYZ has just purchased Company ABC through a new acquisition. A business decision has been made to integrate the two company’s networks, application, and several basic services. 

The initial integration of the two companies has specified the following requirements: 

Which of the following network security solutions will BEST meet the above requirements? 

A. Place a Company ABC managed firewall in Company XYZ’s hub site; then place Company ABC’s file, print, authentication, and secure FTP servers in a zone off the firewall. Ensure that Company ABC’s business partner firewalls are opened up for web intranet access and other required services. 

B. Require Company XYZ to manage the router ACLs, controlling access to Company ABC resources, but with Company ABC approving the change control to the ACLs. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, print, secure FTP server, authentication servers and web intranet access. 

C. Place no restrictions on internal network connectivity between Company XYZ and Company ABC. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, print, secure FTP server, authentication servers and web intranet access. 

D. Place file, print, secure FTP server and authentication domain servers at Company XYZ’s hub site. Open up Company ABC’s business partner firewall to permit access to ABC’s web intranet access and other required services. 


Q154. - (Topic 5) 

The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company’s contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO). 

A. Block traffic from the ISP’s networks destined for blacklisted IPs. 

B. Prevent the ISP’s customers from querying DNS servers other than those hosted by the ISP. 

C. Block traffic with a source IP not allocated to the ISP from exiting the ISP’s network. 

D. Scan the ISP’s customer networks using an up-to-date vulnerability scanner. 

E. Notify customers when services they run are involved in an attack. 

Answer: C,E 

Q155. - (Topic 3) 

A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplify the underlying complexity. Which of the following is the MOST suitable integration platform to provide event-driven and standards-based secure software architecture? 

A. Service oriented architecture (SOA) 

B. Federated identities 

C. Object request broker (ORB) 

D. Enterprise service bus (ESB) 


Q156. - (Topic 2) 

A bank has decided to outsource some existing IT functions and systems to a third party service provider. The third party service provider will manage the outsourced systems on their own premises and will continue to directly interface with the bank’s other systems through dedicated encrypted links. Which of the following is critical to ensure the successful management of system security concerns between the two organizations? 







Q157. - (Topic 4) 

A security engineer is troubleshooting a possible virus infection, which may have spread to multiple desktop computers within the organization. The company implements enterprise antivirus software on all desktops, but the enterprise antivirus server’s logs show no sign of a virus infection. The border firewall logs show suspicious activity from multiple internal hosts trying to connect to the same external IP address. The security administrator decides to post the firewall logs to a security mailing list and receives confirmation from other security administrators that the firewall logs indicate internal hosts are compromised with a new variant of the Trojan.Ransomcrypt.G malware not yet detected by most antivirus software. Which of the following would have detected the malware infection sooner? 

A. The security administrator should consider deploying a signature-based intrusion detection system. 

B. The security administrator should consider deploying enterprise forensic analysis tools. 

C. The security administrator should consider installing a cloud augmented security service. 

D. The security administrator should consider establishing an incident response team. 


Q158. - (Topic 3) 

A hosting company provides inexpensive guest virtual machines to low-margin customers. Customers manage their own guest virtual machines. Some customers want basic guarantees of logical separation from other customers and it has been indicated that some customers would like to have configuration control of this separation; whereas others want this provided as a value-added service by the hosting company. Which of the following BEST meets these requirements? 

A. The hosting company should install a hypervisor-based firewall and allow customers to manage this on an as-needed basis. 

B. The hosting company should manage the hypervisor-based firewall; while allowing customers to configure their own host-based firewall. 

C. Customers should purchase physical firewalls to protect their guest hosts and have the hosting company manage these if requested. 

D. The hosting company should install a host-based firewall on customer guest hosts and offer to administer host firewalls for customers if requested. 


Q159. - (Topic 1) 

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted? 

A. The company should develop an in-house solution and keep the algorithm a secret. 

B. The company should use the CEO’s encryption scheme. 

C. The company should use a mixture of both systems to meet minimum standards. 

D. The company should use the method recommended by other respected information security organizations. 


Q160. - (Topic 2) 

An information security assessor for an organization finished an assessment that identified critical issues with the human resource new employee management software application. The assessor submitted the report to senior management but nothing has happened. Which of the following would be a logical next step? 

A. Meet the two key VPs and request a signature on the original assessment. 

B. Include specific case studies from other organizations in an updated report. 

C. Schedule a meeting with key human resource application stakeholders. 

D. Craft an RFP to begin finding a new human resource application.