All About CAS-002 test Sep 2017

Our pass rate is high to 98.9% and the similarity percentage between our CAS-002 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA CAS-002 exam in just one try? I am currently studying for the CompTIA CAS-002 exam. Latest CompTIA CAS-002 Test exam practice questions and answers, Try CompTIA CAS-002 Brain Dumps First.

Q1. - (Topic 3) 

A newly-appointed risk management director for the IT department at Company XYZ, a major pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and well-written report from the independent contractor who performed a security assessment of the system. The report details what seem to be a manageable volume of infrequently exploited security vulnerabilities. The director decides to implement continuous monitoring and other security controls to mitigate the impact of the vulnerabilities. Which of the following should the director require from the developers before agreeing to deploy the system? 

A. An incident response plan which guarantees response by tier two support within 15 minutes of an incident. 

B. A definitive plan of action and milestones which lays out resolutions to all vulnerabilities within six months. 

C. Business insurance to transfer all risk from the company shareholders to the insurance company. 

D. A prudent plan of action which details how to decommission the system within 90 days of becoming operational. 

Answer:


Q2. - (Topic 5) 

Which of the following is the information owner responsible for? 

A. Developing policies, standards, and baselines. 

B. Determining the proper classification levels for data within the system. 

C. Integrating security considerations into application and system purchasing decisions. 

D. Implementing and evaluating security controls by validating the integrity of the data. 

Answer:


Q3. - (Topic 1) 

Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test? 

A. Test password complexity of all login fields and input validation of form fields 

B. Reverse engineering any thick client software that has been provided for the test 

C. Undertaking network-based denial of service attacks in production environment 

D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks 

E. Running a vulnerability scanning tool to assess network and host weaknesses 

Answer:


Q4. - (Topic 1) 

Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim’s privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue? 

A. Integer overflow 

B. Click-jacking 

C. Race condition 

D. SQL injection 

E. Use after free 

F. Input validation 

Answer:


Q5. - (Topic 5) 

A security administrator is investigating the compromise of a SCADA network that is not physically connected to any other network. Which of the following is the MOST likely cause of the compromise? 

A. Outdated antivirus definitions 

B. Insecure wireless 

C. Infected USB device 

D. SQL injection 

Answer:


Q6. - (Topic 3) 

An administrator receives reports that the network is running slow for users connected to a certain switch. Viewing the network traffic, the administrator reviews the following: 

18:51:59.042108 IP linuxwksta.55467 > dns.company.com.domain: 39462+ PTR? 222.17.4.10.in-addr.arpa. (42) 

18:51:59.055732 IP dns.company.com.domain > linuxwksta.55467: 39462 NXDomain 0/0/0 (42) 

18:51:59.055842 IP linuxwksta.48287 > dns.company.com.domain: 46767+ PTR? 255.19.4.10.in-addr.arpa. (42) 

18:51:59.069816 IP dns.company.com.domain > linuxwksta.48287: 46767 NXDomain 0/0/0 (42) 

18:51:59.159060 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [P.], seq 1989625106:1989625154, ack 2067334822, win 1525, options [nop,nop,TS val 16021424 ecr 215646227], length 48 

18:51:59.159145 IP linuxwksta.48854 > dns.company.com.domain: 3834+ PTR? 72.17.4.10.in-addr.arpa. (41) 

18:51:59.159314 IP 10.4.17.72.iscsi-target > linuxwksta.42491: Flags [P.], seq 1:49, ack 48, win 124, options [nop,nop,TS val 215647479 ecr 16021424], length 48 

18:51:59.159330 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [.], ack 49, win 1525, options [nop,nop,TS val 16021424 ecr 215647479], length 0 

18:51:59.165342 IP dns.company.com.domain > linuxwksta.48854: 3834 NXDomain 0/0/0 

(41) 

18:51:59.397461 ARP, Request who-has 10.4.16.58 tell 10.4.16.1, length 46 

18:51:59.397597 IP linuxwksta.37684 > dns.company.com.domain: 15022+ PTR? 58.16.4.10.in-addr.arpa. (41) 

Given the traffic report, which of the following is MOST likely causing the slow traffic? 

A. DNS poisoning 

B. Improper network zoning 

C. ARP poisoning 

D. Improper LUN masking 

Answer:


Q7. - (Topic 4) 

Which of the following are components defined within an Enterprise Security Architecture Framework? (Select THREE). 

A. Implementation run-sheets 

B. Solution designs 

C. Business capabilities 

D. Solution architectures 

E. Business requirements documents 

F. Reference models 

G. Business cases 

H. Business vision and drivers 

Answer: C,F,H 


Q8. - (Topic 4) 

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO). 

A. Erase all files on drive 

B. Install of standard image 

C. Remove and hold all drives 

D. Physical destruction 

E. Drive wipe 

Answer: D,E 


Q9. - (Topic 5) 

A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO). 

A. Demonstration of IPS system 

B. Review vendor selection process 

C. Calculate the ALE for the event 

D. Discussion of event timeline 

E. Assigning of follow up items 

Answer: D,E 


Q10. - (Topic 1) 

A developer has implemented a piece of client-side JavaScript code to sanitize a user’s provided input to a web page login screen. The code ensures that only the upper case and lower case letters are entered in the username field, and that only a 6-digit PIN is entered in the password field. A security administrator is concerned with the following web server log: 

10.235.62.11 – - [02/Mar/2014:06:13:04] “GET /site/script.php?user=admin&pass=pass%20or%201=1 HTTP/1.1” 200 5724 

Given this log, which of the following is the security administrator concerned with and which fix should be implemented by the developer? 

A. The security administrator is concerned with nonprintable characters being used to gain administrative access, and the developer should strip all nonprintable characters. 

B. The security administrator is concerned with XSS, and the developer should normalize Unicode characters on the browser side. 

C. The security administrator is concerned with SQL injection, and the developer should implement server side input validation. 

D. The security administrator is concerned that someone may log on as the administrator, and the developer should ensure strong passwords are enforced. 

Answer: