Regenerate CompTIA CAS-002 braindumps

Tested of CAS-002 testing engine materials and ebook for CompTIA certification for examinee, Real Success Guaranteed with Updated CAS-002 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP) exam Today!


2024 CompTIA Official New Released CAS-002 ♥♥
https://www.certleader.com/CAS-002-dumps.html


P.S. Tested CAS-002 ebook are available on Google Drive, GET MORE: https://drive.google.com/open?id=1ddthACQd1JGf0imm89GpLL8acwMLf-_e


New CompTIA CAS-002 Exam Dumps Collection (Question 12 - Question 21)

Q12. A bank now has a major initiative to virtualize as many servers as possible, due to power and rack space capacity at both data centers. The bank has prioritized by virtualizing older servers first as the hardware is nearing end-of-life.

The two initial migrations include:

Which of the following should the security consultant recommend based on best practices?

A. One data center should host virtualized web servers and the second data center should host the virtualized domain controllers.

B. One virtual environment should be present at each data center, each housing a combination of the converted Windows 2000 and RHEL3 virtual machines.

C. Each data center should contain one virtual environment for the web servers and another virtual environment for the domain controllers.

D. Each data center should contain one virtual environment housing converted Windows 2000 virtual machines and converted RHEL3 virtual machines.

Answer: C


Q13. A security researcher is about to evaluate a new secure VoIP routing appliance. The appliance manufacturer claims the new device is hardened against all known attacks and several un-disclosed zero day exploits. The code base used for the device is a combination of compiled C and TC/TKL scripts. Which of the following methods should the security research use to enumerate the ports and protocols in use by the appliance?

A. Device fingerprinting

B. Switchport analyzer

C. Grey box testing

D. Penetration testing

Answer: A


Q14. Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components of the proprietary web application before launch. Which of the following is the penetration tester MOST likely to use while performing black box testing of the security of the companyu2021s purchased application? (Select TWO).

A. Code review

B. Sandbox

C. Local proxy

D. Fuzzer

E. Web vulnerability scanner

Answer: C,D


Q15. An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate?

A. Intermediate Root Certificate

B. Wildcard Certificate

C. EV x509 Certificate

D. Subject Alternative Names Certificate

Answer: D


Q16. An intrusion detection system logged an attack attempt from a remote IP address. One week later, the attacker successfully compromised the network. Which of the following MOST likely occurred?

A. The IDS generated too many false negatives.

B. The attack occurred after hours.

C. The IDS generated too many false positives.

D. No one was reviewing the IDS event logs.

Answer: D


Q17. Company XYZ has had repeated vulnerability exploits of a critical nature released to the companyu2021s flagship product. The product is used by a number of large customers. At the Chief Information Security Officeru2021s (CISOu2021s) request, the product manager now has to budget for a team of security consultants to introduce major product security improvements.

Here is a list of improvements in order of priority:

1. A noticeable improvement in security posture immediately.

2. Fundamental changes to resolve systemic issues as an ongoing process

3. Improvements should be strategic as opposed to tactical

4. Customer impact should be minimized

Which of the following recommendations is BEST for the CISO to put forward to the product manager?

A. Patch the known issues and provide the patch to customers. Make a company announcement to customers on the main website to reduce the perceived exposure of the application to alleviate customer concerns. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that any defects have been resolved.

B. Patch the known issues and provide the patch to customers. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that the defects have been resolved. Introduce periodic code review and penetration testing of the product in question and consider including all relevant future projects going forward.

A. C. Patch the known issues and provide the patch to customers. Implement an SSDLC / SDL overlay on top of the SDLC. Train architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. Use the product as the primary focal point to close out issues and consider using the SSDLC / SDL overlay for all relevant future projects.

D. Stop active support of the product. Bring forward end-of-life dates for the product so that it can be decommissioned. Start a new project to develop a replacement product and ensure that an SSDLC / SDL overlay on top of the SDLC is formed. Train BAs, architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases.

Answer: C


Q18. Continuous monitoring is a popular risk reduction technique in many large organizations with formal certification processes for IT projects. In order to implement continuous monitoring in an effective manner which of the following is correct?

A. Only security related alerts should be forwarded to the network team for resolution.

B. All logs must be centrally managed and access to the logs restricted only to data storage staff.

C. Logging must be set appropriately and alerts delivered to security staff in a timely manner.

D. Critical logs must be monitored hourly and adequate staff must be assigned to the network team.

Answer: C


Q19. A WAF without customization will protect the infrastructure from which of the following attack combinations?

A. DDoS, DNS poisoning, Boink, Teardrop

B. Reflective XSS, HTTP exhaustion, Teardrop

C. SQL Injection, DOM based XSS, HTTP exhaustion

D. SQL Injection, CSRF, Clickjacking

Answer: C


Q20. A systems administrator establishes a CIFS share on a Unix device to share data to windows systems. The security authentication on the windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the Unix share. Which of the following settings on the Unix server is the cause of this problem?

A. Refuse LM and only accept NTLMv2

B. Accept only LM

C. Refuse NTLMv2 and accept LM

D. Accept only NTLM

Answer: A


Q21. An administrator attempts to install the package "named.9.3.6-12-x86_64.rpm" on a server. Even though the package was downloaded from the official repository, the server states the package cannot be installed because no GPG key is found. Which of the following should the administrator perform to allow the program to be installed?

A. Download the file from the program publisher's website.

B. Generate RSA and DSA keys using GPG.

C. Import the repository's public key.

D. Run sha1sum and verify the hash.

Answer: C


Recommend!! Get the Tested CAS-002 dumps in VCE and PDF From Examcollectionplus, Welcome to download: https://www.examcollectionplus.net/vce-CAS-002/ (New 532 Q&As Version)