Want to Pass CAS-002 Exam In Next HOURS? Download Now →
September 9, 2018

Improve CAS-002: Passleader real class from 2 to 11


Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certshared.com/exam/CAS-002/


P.S. Validated CAS-002 samples are available on Google Drive, GET MORE: https://drive.google.com/open?id=1_tUd--bSxHsmM0l1n-Nz8GSCb42PusVv


New CompTIA CAS-002 Exam Dumps Collection (Question 2 - Question 11)

New Questions 2

Which of the following is an example of single sign-on?

A. An administrator manages multiple platforms with the same username and hardware token. The same username and token is used across all the platforms.

B. Multiple applications have been integrated with a centralized LDAP directory for authentication and authorization. A user has to authenticate each time the user accesses an application.

C. A password is synchronized between multiple platforms and the user is required to authenticate with the same password across each platform.

D. A web access control infrastructure performs authentication and passes attributes in a HTTP header to multiple applications.

Answer: D



New Questions 3

The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take?

A. Address the security concerns through the network design and security controls.

B. Implement mitigations to the security risks and address the poor communications on the team with the project manager.

C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.

D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.

Answer: C



New Questions 4

A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs. Which of the following will meet this goal without requiring any hardware pass-through implementations?

A. vTPM

B. HSM

C. TPM

D. INE

Answer: A



New Questions 5

The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the companyu2019s contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO).

A. Block traffic from the ISPu2019s networks destined for blacklisted IPs.

B. Prevent the ISPu2019s customers from querying DNS servers other than those hosted by the ISP.

C. Block traffic with a source IP not allocated to the ISP from exiting the ISPu2019s network.

D. Scan the ISPu2019s customer networks using an up-to-date vulnerability scanner.

E. Notify customers when services they run are involved in an attack.

Answer: C,E



New Questions 6

A security administrator is shown the following log excerpt from a Unix system:

2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port

37914 ssh2

2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port

37915 ssh2

2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port

37916 ssh2

2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port

37918 ssh2

2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port

37920 ssh2

2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port

37924 ssh2

Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).

A. An authorized administrator has logged into the root account remotely.

B. The administrator should disable remote root logins.

C. Isolate the system immediately and begin forensic analysis on the host.

D. A remote attacker has compromised the root account using a buffer overflow in sshd.

E. A remote attacker has guessed the root password using a dictionary attack.

F. Use iptables to immediately DROP connections from the IP 198.51.100.23.

G. A remote attacker has compromised the private key of the root account.

H. Change the root password immediately to a password not found in a dictionary.

Answer: C,E



New Questions 7

An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?

A. Ensure the SaaS provider supports dual factor authentication.

B. Ensure the SaaS provider supports encrypted password transmission and storage.

C. Ensure the SaaS provider supports secure hash file exchange.

D. Ensure the SaaS provider supports role-based access control.

E. Ensure the SaaS provider supports directory services federation.

Answer: E



New Questions 8

Company XYZ is building a new customer facing website which must access some corporate resources. The company already has an internal facing web server and a separate server supporting an extranet to which suppliers have access. The extranet web server is located in a network DMZ. The internal website is hosted on a laptop on the internal corporate network. The internal network does not restrict traffic between any internal hosts. Which of the following locations will BEST secure both the intranet and the customer facing website?

A. The existing internal network segment

B. Dedicated DMZ network segments

C. The existing extranet network segment

D. A third-party web hosting company

Answer: B



New Questions 9

An extensible commercial software system was upgraded to the next minor release version to patch a security vulnerability. After the upgrade, an unauthorized intrusion into the system was detected. The software vendor is called in to troubleshoot the issue and reports that all core components were updated properly. Which of the following has been overlooked in securing the system? (Select TWO).

A. The companyu2019s IDS signatures were not updated.

B. The companyu2019s custom code was not patched.

C. The patch caused the system to revert to http.

D. The software patch was not cryptographically signed.

E. The wrong version of the patch was used.

F. Third-party plug-ins were not patched.

Answer: B,F



New Questions 10

Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victimu2019s privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?

A. Integer overflow

B. Click-jacking

C. Race condition

D. SQL injection

E. Use after free

F. Input validation

Answer: E



New Questions 11

A system administrator is troubleshooting a possible denial of service on a sensitive system. The system seems to run properly for a few hours after it is restarted, but then it suddenly stops processing transactions. The system administrator suspects an internal DoS caused by a disgruntled developer who is currently seeking a new job while still working for the company. After looking into various system logs, the system administrator looks at the following output from the main system service responsible for processing incoming transactions.

DATE/TIMEPIDCOMMAND%CPUMEM 031020141030002055com.proc10.2920K

031020141100002055com.proc12.35.2M

031020141230002055com.proc22.022M

031020141300002055com.proc33.01.6G

031020141330002055com.proc30.28.0G

Which of the following is the MOST likely cause for the DoS?

A. The system does not implement proper garbage collection.

B. The system is susceptible to integer overflow.

C. The system does not implement input validation.

D. The system does not protect against buffer overflows properly.

Answer: A



100% Abreast of the times CompTIA CAS-002 Questions & Answers shared by Examcollectionplus, Get HERE: https://www.examcollectionplus.net/vce-CAS-002/ (New 532 Q&As)