Top CompTIA CAS-002 testing engine Choices

It is impossible to pass CompTIA CAS-002 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed CompTIA CAS-002 practice questions. You will get a surprising result by our Latest CompTIA Advanced Security Practitioner (CASP) practice guides.

P.S. Best Quality CAS-002 testing bible are available on Google Drive, GET MORE:

New CompTIA CAS-002 Exam Dumps Collection (Question 8 - Question 17)

Question No: 8

ABC Corporation has introduced token-based authentication to system administrators due to the risk of password compromise. The tokens have a set of HMAC counter-based codes and are valid until they are used. Which of the following types of authentication mechanisms does this statement describe?





Answer: D

Question No: 9

An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?

A. File system information, swap files, network processes, system processes and raw disk blocks.

A. B. Raw disk blocks, network processes, system processes, swap files and file system information.

C. System processes, network processes, file system information, swap files and raw disk blocks.

D. Raw disk blocks, swap files, network processes, system processes, and file system information.

Answer: C

Question No: 10

During an incident involving the company main database, a team of forensics experts is hired to respond to the breach. The team is in charge of collecting forensics evidence from the companyu2019s database server. Which of the following is the correct order in which the forensics team should engage?

A. Notify senior management, secure the scene, capture volatile storage, capture non- volatile storage, implement chain of custody, and analyze original media.

B. Take inventory, secure the scene, capture RAM, capture had drive, implement chain of custody, document, and analyze the data.

C. Implement chain of custody, take inventory, secure the scene, capture volatile and non- volatile storage, and document the findings.

D. Secure the scene, take inventory, capture volatile storage, capture non-volatile storage, document, and implement chain of custody.

Answer: D

Question No: 11

A company is deploying a new iSCSI-based SAN. The requirements are as follows: Which of the following design specifications meet all the requirements? (Select TWO).

A. Targets use CHAP authentication

B. IPSec using AH with PKI certificates for authentication

C. Fiber channel should be used with AES

D. Initiators and targets use CHAP authentication

E. Fiber channel over Ethernet should be used

F. IPSec using AH with PSK authentication and 3DES

G. Targets have SCSI IDs for authentication

Answer: B,D

Question No: 12

A company has issued a new mobile device policy permitting BYOD and company-issued devices. The company-issued device has a managed middleware client that restricts the applications allowed on company devices and provides those that are approved. The middleware client provides configuration standardization for both company owned and BYOD to secure data and communication to the device according to industry best practices. The policy states that, u201cBYOD clients must meet the companyu2019s infrastructure requirements to permit a connection.u201d The company also issues a memorandum separate from the policy, which provides instructions for the purchase, installation, and use of the middleware client on BYOD. Which of the following is being described?

A. Asset management

B. IT governance

C. Change management

D. Transference of risk

Answer: B

Question No: 13

Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victimu2019s privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?

A. Integer overflow

B. Click-jacking

C. Race condition

D. SQL injection

E. Use after free

F. Input validation

Answer: E

Question No: 14

A security administrator is shown the following log excerpt from a Unix system:

2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from port

37914 ssh2

2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from port

37915 ssh2

2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from port

37916 ssh2

2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from port

37918 ssh2

2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from port

37920 ssh2

2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from port

37924 ssh2

Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).

A. An authorized administrator has logged into the root account remotely.

B. The administrator should disable remote root logins.

C. Isolate the system immediately and begin forensic analysis on the host.

D. A remote attacker has compromised the root account using a buffer overflow in sshd.

E. A remote attacker has guessed the root password using a dictionary attack.

F. Use iptables to immediately DROP connections from the IP

G. A remote attacker has compromised the private key of the root account.

H. Change the root password immediately to a password not found in a dictionary.

Answer: C,E

Question No: 15

Which of the following describes a risk and mitigation associated with cloud data storage?

A. Risk: Shared hardware caused data leakageMitigation: Strong encryption at rest

B. Risk: Offsite replicationMitigation: Multi-site backups

C. Risk: Data loss from de-duplicationMitigation: Dynamic host bus addressing

D. Risk: Combined data archivingMitigation: Two-factor administrator authentication

Answer: A

Question No: 16

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?

A. Isolate the system on a secure network to limit its contact with other systems

B. Implement an application layer firewall to protect the payroll system interface

C. Monitor the systemu2019s security log for unauthorized access to the payroll application

D. Perform reconciliation of all payroll transactions on a daily basis

Answer: A

Question No: 17

An attacker attempts to create a DoS event against the VoIP system of a company. The attacker uses a tool to flood the network with a large number of SIP INVITE traffic. Which of the following would be LEAST likely to thwart such an attack?

A. Install IDS/IPS systems on the network

A. B. Force all SIP communication to be encrypted

C. Create separate VLANs for voice and data traffic

D. Implement QoS parameters on the switches

Answer: D

P.S. Easily pass CAS-002 Exam with 2passeasy Best Quality Dumps & pdf vce, Try Free: (532 New Questions)