New CompTIA CASP CAS-002 dumps real exam questions and answers free download from lead4pass. High quality CompTIA CASP CAS-002 dumps pdf files and vce youtube demo update free shared. “CompTIA Advanced Security Practitioner Exam” is the name of CompTIA CASP https://www.leads4pass.com/cas-002.html exam dumps which covers all the knowledge points of the real CompTIA exam. Useful latest CompTIA CASP CAS-002 dumps pdf training materials and study guides free update, pass CompTIA CAS-002 exam test easily at first try.

Best CompTIA CAS-002 dumps pdf questions and answers: https://drive.google.com/open?id=0B_7qiYkH83VRVE55cV9qOGhpbG8

Best CompTIA CLO-001 dumps pdf questions and answers: https://drive.google.com/open?id=0B_7qiYkH83VRM1FyZGJiOUpoeVE

QUESTION 1
A company has issued a new mobile device policy permitting BYOD and company-issued devices. The company-issued device has a managed middleware client that restricts the applications allowed on company devices and provides those that are approved. The middleware client provides configuration standardization for both company owned and BYOD to secure data and communication to the device according to industry best practices. The policy states that, andquot;BYOD clients must meet the company\’s infrastructure requirements to permit a connection.andquot; The company also issues a memorandum separate from the policy, which provides instructions for the purchase, installation, and use of the middleware client on BYOD. Which of the following is being described?
A. Asset management
B. IT governance
C. Change management
D. Transference of risk
Correct Answer: B

QUESTION 2
An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third-party? (Select TWO).
A. LDAP/S
B. SAML
C. NTLM
D. OAUTH
E. Kerberos
Correct Answer: BE

QUESTION 3
A sensitive database needs its cryptographic integrity upheld. Which of the following controls meets this goal? (Select TWO).
A. Data signing
B. Encryption
C. Perfect forward secrecy
D. Steganography
E. Data vaulting
F. RBAC
G. Lock and key
Correct Answer: AF

QUESTION 4
The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system?
A. Virtualize the system and migrate it to a cloud provider.
B. Segment the device on its own secure network.
C. Install an antivirus and HIDS on the system.
D. Hire developers to reduce vulnerabilities in the code.
Correct Answer: B

QUESTION 5
A security code reviewer has been engaged to manually review a legacy application. A number of systemic issues have been uncovered relating to buffer overflows and format string vulnerabilities.
The reviewer has advised that future software projects utilize managed code platforms if at all possible.
Which of the following languages would suit this recommendation? (Select TWO).
A. C
B. C#
C. C++
D. Perl
E. Java
Correct Answer: BE

QUESTION 6
The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take?
A. Address the security concerns through the network design and security controls.
B. Implement mitigations to the security risks and address the poor communications on the team with the project manager.
C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.
D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.
Correct Answer: C

QUESTION 7
A company has a single subnet in a small office. The administrator wants to limit non-web related traffic to the corporate intranet server as well as prevent abnormal HTTP requests and HTTP protocol anomalies from causing problems with the web server. Which of the following is the MOST likely solution?
A. Application firewall and NIPS
B. Edge firewall and HIDS
C. ACLs and anti-virus
D. Host firewall and WAF
Correct Answer: D

QUESTION 8
In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).
A. Provide free email software for personal devices.
B. Encrypt data in transit for remote access.
C. Require smart card authentication for all devices.
D. Implement NAC to limit insecure devices access.
E. Enable time of day restrictions for personal devices.
Correct Answer: BD

QUESTION 9
A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital\’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital\’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO).
A. Privacy could be compromised as patient records can be viewed in uncontrolled areas.
B. Device encryption has not been enabled and will result in a greater likelihood of data loss.
C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data.
D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes.
E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable.
Correct Answer: AD

QUESTION 10
When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.
Which of the following would impact the security of conference\’s resources?
A. Wireless network security may need to be increased to decrease access of mobile devices.
B. Physical security may need to be increased to deter or prevent theft of mobile devices.
C. Network security may need to be increased by reducing the number of available physical network jacks.
D. Wireless network security may need to be decreased to allow for increased access of mobile devices.
Correct Answer: C

QUESTION 11
Company A needs to export sensitive data from its financial system to company B\’s database, using company B\’s API in an automated manner. Company A\’s policy prohibits the use of any intermediary external systems to transfer or store its sensitive data, therefore the transfer must occur directly between company A\’s financial system and company B\’s destination server using the supplied API. Additionally, company A\’s legacy financial software does not support encryption, while company B\’s API supports encryption. Which of the following will provide end-to-end encryption for the data transfer while adhering to these requirements?
A. Company A must install an SSL tunneling software on the financial system.
B. Company A\’s security administrator should use an HTTPS capable browser to transfer the data.
C. Company A should use a dedicated MPLS circuit to transfer the sensitive data to company B.
D. Company A and B must create a site-to-site IPSec VPN on their respective firewalls.
Correct Answer: A

QUESTION 12
The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients.
Which of the following is MOST likely the cause of this problem?
A. TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped.
B. TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall.
C. Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped.
D. The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.
Correct Answer: A

QUESTION 13
A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company\’s online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation?
A. $60,000
B. $100,000
C. $140,000
D. $200,000
Correct Answer: A

QUESTION 14
A bank now has a major initiative to virtualize as many servers as possible, due to power and rack space capacity at both data centers. The bank has prioritized by virtualizing older servers first as the hardware is nearing end-of-life.
The two initial migrations include:
Windows 2000 hosts: domain controllers and front-facing web servers RHEL3 hosts: front-facing web servers
Which of the following should the security consultant recommend based on best practices?
A. One data center should host virtualized web servers and the second data center should host the virtualized domain controllers.
B. One virtual environment should be present at each data center, each housing a combination of the converted Windows 2000 and RHEL3 virtual machines.
C. Each data center should contain one virtual environment for the web servers and another virtual environment for the domain controllers.
D. Each data center should contain one virtual environment housing converted Windows 2000 virtual machines and converted RHEL3 virtual machines.
Correct Answer: C

QUESTION 15
A large bank deployed a DLP solution to detect and block customer and credit card data from leaving the organization via email. A disgruntled employee was able to successfully exfiltrate data through the corporate email gateway by embedding a word processing document containing sensitive data as an object in a CAD file. Which of the following BEST explains why it was not detected and blocked by the DLP solution? (Select TWO).
A. The product does not understand how to decode embedded objects.
B. The embedding of objects in other documents enables document encryption by default.
C. The process of embedding an object obfuscates the data.
D. The mail client used to send the email is not compatible with the DLP product.
E. The DLP product cannot scan multiple email attachments at the same time.
Correct Answer: AC

Best useful CompTIA CASP CAS-002 dumps exam practice materials in PDF format free download from lead4pass. The best and most updated CompTIA CASP https://www.leads4pass.com/cas-002.html dumps pdf training resources which are the best for clearing CAS-002 exam test, and to get certified by CompTIA CASP, download one of the many PDF readers that are available for free.

High quality CompTIA CASP CAS-002 dumps vce youtube: https://youtu.be/UHKlO1Y4xjY