All About CAS-002 pdf exam Jul 2018

Proper study guides for Updated CompTIA CompTIA Advanced Security Practitioner (CASP) certified begins with CompTIA CAS-002 preparation products which designed to deliver the Practical CAS-002 questions by making you pass the CAS-002 test at your first time. Try the free CAS-002 demo right now.

P.S. Practical CAS-002 dump are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 8 - Question 17)

Q8. Which of the following does SAML uses to prevent government auditors or law enforcement from identifying specific entities as having already connected to a service provider through an SSO operation?

A. Transient identifiers

B. Directory services

C. Restful interfaces

D. Security bindings

Answer: : A

Q9. An internal committee comprised of the facilities manager, the physical security manager, the network administrator, and a member of the executive team has been formed to address a recent breach at a companyu2019s data center. It was discovered that during the breach, an HVAC specialist had gained entry to an area that contained server farms holding sensitive financial data. Although the HVAC specialist was there to fix a legitimate issue, the investigation concluded security be provided for the two entry and exit points for the server farm. Which of the following should be implemented to accomplish the recommendations of the investigation?

A. Implement a policy that all non-employees should be escorted in the data center.

B. Place a mantrap at the points with biometric security.

C. Hire an HVAC person for the company, eliminating the need for external HVAC people.

D. Implement CCTV cameras at both points.

Answer: B

Q10. A security administrator is investigating the compromise of a SCADA network that is not physically connected to any other network. Which of the following is the MOST likely cause of the compromise?

A. Outdated antivirus definitions

B. Insecure wireless

C. Infected USB device

D. SQL injection

Answer: C

Q11. A security engineer has inherited an authentication project which integrates 1024-bit PKI certificates into the company infrastructure and now has a new requirement to integrate 2048-bit PKI certificates so that the entire company will be interoperable with its vendors when the project is completed. The project is now 25% complete, with 15% of the company staff being issued 1024-bit certificates. The provisioning of network based accounts has not occurred yet due to other project delays. The project is now expected to be over budget and behind its original schedule. Termination of the existing project and beginning a new project is a consideration because of the change in scope. Which of the following is the security engineeru2019s MOST serious concern with implementing this solution?

A. Succession planning

B. Performance

C. Maintainability

A. D. Availability

Answer: C

Q12. A system administrator has a responsibility to maintain the security of the video teleconferencing system. During a self-audit of the video teleconferencing room, the administrator notices that speakers and microphones are hard-wired and wireless enabled. Which of the following security concerns should the system administrator have about the existing technology in the room?

A. Wired transmissions could be intercepted by remote users.

B. Bluetooth speakers could cause RF emanation concerns.

C. Bluetooth is an unsecure communication channel.

D. Wireless transmission causes interference with the video signal.

Answer: C

Q13. Which of the following are components defined within an Enterprise Security Architecture Framework? (Select THREE).

A. Implementation run-sheets

B. Solution designs

C. Business capabilities

D. Solution architectures

E. Business requirements documents

F. Reference models

G. Business cases

H. Business vision and drivers

Answer: C,F,H

Q14. Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted?

A. The company should develop an in-house solution and keep the algorithm a secret.

B. The company should use the CEOu2019s encryption scheme.

C. The company should use a mixture of both systems to meet minimum standards.

D. The company should use the method recommended by other respected information security organizations.

Answer: D

Q15. Which of the following BEST explains SAML?

A. A security attestation model built on XML and SOAP-based services, which allows for the exchange of A&A data between systems and supports Federated Identity Management.

B. An XML and SOAP-based protocol, which enables the use of PKI for code signing and SSO by using SSL and SSH to establish a trust model.

C. A security model built on the transfer of assertions over XML and SOAP-based protocols, which allows for seamless SSO and the open exchange of data.

D. A security verification model built on SSO and SSL-based services, which allows for the exchange of PKI data between users and supports XACML.

Answer: A

Q16. A security manager has received the following email from the Chief Financial Officer (CFO):

u201cWhile I am concerned about the security of the proprietary financial data in our ERP application, we have had a lot of turnover in the accounting group and I am having a difficult time meeting our monthly performance targets. As things currently stand, we do not allow employees to work from home but this is something I am willing to allow so we can get back on track. What should we do first to securely enable this capability for my group?u201d

Based on the information provided, which of the following would be the MOST appropriate response to the CFO?

A. Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed.

B. Allow VNC access to corporate desktops from personal computers for the users working from home.

C. Allow terminal services access from personal computers after the CFO provides a list of the users working from home.

D. Work with the executive management team to revise policies before allowing any remote access.

Answer: : D

Q17. A security administrator is shown the following log excerpt from a Unix system:

2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from port

37914 ssh2

2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from port

37915 ssh2

2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from port

37916 ssh2

2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from port

37918 ssh2

2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from port

37920 ssh2

2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from port

37924 ssh2

Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).

A. An authorized administrator has logged into the root account remotely.

B. The administrator should disable remote root logins.

C. Isolate the system immediately and begin forensic analysis on the host.

D. A remote attacker has compromised the root account using a buffer overflow in sshd.

E. A remote attacker has guessed the root password using a dictionary attack.

F. Use iptables to immediately DROP connections from the IP

G. A remote attacker has compromised the private key of the root account.

H. Change the root password immediately to a password not found in a dictionary.

Answer: C,E

P.S. Easily pass CAS-002 Exam with Dumpscollection Practical Dumps & pdf vce, Try Free: (532 New Questions)