We provide real CAS-002 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass CompTIA CAS-002 Exam quickly & easily. The CAS-002 PDF type is available for reading and printing. You can print more and practice many times. With the help of our CompTIA CAS-002 dumps pdf and vce product and material, you can easily pass the CAS-002 exam.

Q291. - (Topic 5) 

A company wishes to purchase a new security appliance. A security administrator has extensively researched the appliances, and after presenting security choices to the company’s management team, they approve of the proposed solution. Which of the following documents should be constructed to acquire the security appliance? 

A. SLA 

B. RFQ 

C. RFP 

D. RFI 

Answer:


Q292. - (Topic 1) 

A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs. Which of the following will meet this goal without requiring any hardware pass-through implementations? 

A. vTPM 

B. HSM 

C. TPM 

D. INE 

Answer:


Q293. - (Topic 1) 

An organization has decided to reduce labor costs by outsourcing back office processing of credit applications to a provider located in another country. Data sovereignty and privacy concerns raised by the security team resulted in the third-party provider only accessing and processing the data via remote desktop sessions. To facilitate communications and improve productivity, staff at the third party has been provided with corporate email accounts that are only accessible via the remote desktop sessions. Email forwarding is blocked and staff at the third party can only communicate with staff within the organization. Which of the following additional controls should be implemented to prevent data loss? (Select THREE). 

A. Implement hashing of data in transit 

B. Session recording and capture 

C. Disable cross session cut and paste 

D. Monitor approved credit accounts 

E. User access audit reviews 

F. Source IP whitelisting 

Answer: C,E,F 


Q294. - (Topic 5) 

During a software development project review, the cryptographic engineer advises the project manager that security can be greatly improved by significantly slowing down the runtime of a hashing algorithm and increasing the entropy by passing the input and salt back during each iteration. Which of the following BEST describes what the engineer is trying to achieve? 

A. Monoalphabetic cipher 

B. Confusion 

C. Root of trust 

D. Key stretching 

E. Diffusion 

Answer:


Q295. - (Topic 1) 

A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected? 

A. The malware file’s modify, access, change time properties. 

B. The timeline analysis of the file system. 

C. The time stamp of the malware in the swap file. 

D. The date/time stamp of the malware detection in the antivirus logs. 

Answer:


Q296. - (Topic 2) 

An IT auditor is reviewing the data classification for a sensitive system. The company has classified the data stored in the sensitive system according to the following matrix: 

DATA TYPECONFIDENTIALITYINTEGRITYAVAILABILITY 

FinancialHIGHHIGHLOW 

Client nameMEDIUMMEDIUMHIGH 

Client addressLOWMEDIUMLOW 

AGGREGATEMEDIUMMEDIUMMEDIUM 

The auditor is advising the company to review the aggregate score and submit it to senior management. Which of the following should be the revised aggregate score? 

A. HIGH, MEDIUM, LOW 

B. MEDIUM, MEDIUM, LOW 

C. HIGH, HIGH, HIGH 

D. MEDIUM, MEDIUM, MEDIUM 

Answer:


Q297. - (Topic 2) 

A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The programmers are not on good terms with the security team and do not want to be distracted with security issues while they are working on a major project. Which of the following is the BEST time to make them address security issues in the project? 

A. In the middle of the project 

B. At the end of the project 

C. At the inception of the project 

D. At the time they request 

Answer:


Q298. - (Topic 5) 

A network administrator with a company’s NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the company’s physical security, which of the following can the network administrator use to scan and detect the presence of a malicious actor physically accessing the company’s network or information systems from within? (Select TWO). 

A. RAS 

B. Vulnerability scanner 

C. HTTP intercept 

D. HIDS 

E. Port scanner 

F. Protocol analyzer 

Answer: D,E 


Q299. - (Topic 3) 

After three vendors submit their requested documentation, the CPO and the SPM can better understand what each vendor does and what solutions that they can provide. But now they want to see the intricacies of how these solutions can adequately match the requirements needed by the firm. Upon the directive of the CPO, the CISO should submit which of the following to the three submitting firms? 

A. A T&M contract 

B. An RFP 

C. A FFP agreement 

D. A new RFQ 

Answer:


Q300. - (Topic 2) 

Since the implementation of IPv6 on the company network, the security administrator has been unable to identify the users associated with certain devices utilizing IPv6 addresses, even when the devices are centrally managed. 

en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 

ether f8:1e:af:ab:10:a3 

inet6 fw80::fa1e:dfff:fee6:9d8%en1 prefixlen 64 scopeid 0x5 

inet 192.168.1.14 netmask 0xffffff00 broadcast 192.168.1.255 

inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen 64 autoconf 

inet6 2001:200:5:922:10ab:5e21:aa9a:6393 prefixlen 64 autoconf temporary 

nd6 options=1<PERFORMNUD> 

media: autoselect 

status: active 

Given this output, which of the following protocols is in use by the company and what can the system administrator do to positively map users with IPv6 addresses in the future? (Select TWO). 

A. The devices use EUI-64 format 

B. The routers implement NDP 

C. The network implements 6to4 tunneling 

D. The router IPv6 advertisement has been disabled 

E. The administrator must disable IPv6 tunneling 

F. The administrator must disable the mobile IPv6 router flag 

G. The administrator must disable the IPv6 privacy extensions 

H. The administrator must disable DHCPv6 option code 1 

Answer: B,G