CompTIA Advanced Security Practitioner
Exam Code:CAS-002
Number of Questions:80 (Maximum)
Type of questions:Multiple choice and performance-based
Length of Test:165 minutes
Passing score:Pass/Fail only. No scaled score.
Recommended experience:10 years experience in IT administration, including at least 5 years of hands-on technical security experience
Languages:English

Retirement:The old exam CAS-001 will retire on June 20, 2015

 

 

 

 

Through the CompTIA certification CAS-002 exam method has a lot of kinds, spend a lot of time and energy to review the CompTIA certification CAS-002 exam related professional knowledge is a kind of method, through a small amount of time and money ITbraindumps choose to use the pertinence training and exercises is also a kind of method.

It's better to hand-lit own light than look up to someone else's glory. ITbraindumps CompTIA CAS-002 exam training materials will be the first step of your achievements. With it, you will be pass the CompTIA CAS-002 exam certification which is considered difficult by a lot of people. With this certification, you can light up your heart light in your life. Start your new journey, and have a successful life.

ITbraindumps provide you with the comprehensive CompTIA CAS-002 exam information to help you to succeed. Our training materials are the latest study materials which bring by experts. We help you achieve your success. You can get the most detailed and accurate exam questions and answers from us. Our Training Tools are updated in a timely manner in accordance with the changing of Exam Objectives. In fact, the success is not far away, go down along with ITbraindumps, then you will come to the road to success.

To want to pass CompTIA CAS-002 certification test can't be done just depend on the exam related books. Instead of blindly studying relevant knowledge the exam demands, you can do some valuable questions. The efficient exam dumps is essential tool to prepare for CAS-002 test. Come on and purchase ITbraindumps CompTIA CAS-002 practice test dumps. This braindump's hit accuracy is high and it works best the other way around. ITbraindumps CompTIA CAS-002 questions and answers are a rare material which can help you pass you exam first time.

CAS-002 Free Demo Download:

NO.1 Company GHI consolidated their network distribution so twelve network VLANs would be
available over dual fiber links to a modular L2 switch in each of the company's six IDFs. The IDF
modular switches have redundant switch fabrics and power supplies. Which of the following threats
will have the GREATEST impact on the network and what is the appropriate remediation step?
A. Threat: 802.1q trunking attack Remediation: Enable only necessary VLANs for each port
B. Threat: Bridge loop Remediation: Enable spanning tree
C. Threat: VLAN hopping Remediation: Enable only necessary VLANs for each port
D. Threat: VLAN hopping Remediation: Enable ACLs on the IDF switch
Answer: B

CompTIA Practice Exam   CAS-002 Exam Questions   CAS-002 dumps

NO.2 SAML entities can operate in a variety of different roles. Valid SAML roles include which of the
following?
A. Attribute authority and certificate authority
B. Certificate authority and attribute requestor
C. Identity provider and service provider
D. Service provider and administrator
Answer: C

CompTIA   CAS-002 questions   CAS-002 practice test   CAS-002 certification

NO.3 Which of the following is a security advantage of single sign-on? (Select TWO).
A. Users only have to remember one password.
B. Applications need to validate authentication tokens.
C. Authentication is secured by the certificate authority.
D. Less time and complexity removing user access.
E. All password transactions are encrypted.
Answer: A,D

CompTIA braindump   CAS-002 Braindumps   CAS-002 Exam Cost   CAS-002 dumps

NO.4 Company XYZ has experienced a breach and has requested an internal investigation be
conducted by the IT Department. Which of the following represents the correct order of the
investigation process?
A. Collection, Identification, Preservation, Examination, Analysis, Presentation.
B. Identification, Preservation, Collection, Examination, Analysis, Presentation.
C. Collection, Preservation, Examination, Identification, Analysis, Presentation.
D. Identification, Examination, Preservation, Collection, Analysis, Presentation.
Answer: B

CompTIA PDF VCE   CAS-002   CAS-002 VCE Dumps
Topic 5, Volume E

NO.5 Company A needs to export sensitive data from its financial system to company B's database,
using company B's API in an automated manner. Company A's policy prohibits the use of any
intermediary external systems to transfer or store its sensitive data, therefore the transfer must
occur directly between company A's financial system and company B's destination server using the
supplied API. Additionally, company A's legacy financial software does not support encryption, while
company B's API supports encryption. Which of the following will provide end-to-end encryption for
the data transfer while adhering to these requirements?
A. Company A must install an SSL tunneling service on the financial system.
B. Company A's security administrator should use an HTTPS capable browser to transfer the data.
C. Company A should use a dedicated MPLS circuit to transfer the sensitive data to company B.
D. Company A and B must create a site-to-site IPSec VPN on their respective firewalls.
Answer: A

CompTIA practice test   CAS-002 original questions   CAS-002 Braindumps

NO.6 A WAF without customization will protect the infrastructure from which of the following
attack combinations?
A. DDoS, DNS poisoning, Boink, Teardrop
B. Reflective XSS, HTTP exhaustion, Teardrop
C. SQL Injection, DOM based XSS, HTTP exhaustion
D. SQL Injection, CSRF, Clickjacking
Answer: C

CompTIA Exam Cost   CAS-002 Exam Prep   CAS-002 Exam Prep   CAS-002 Study Guide

NO.7 Mark works as a Network Security Administrator for uCertify Inc. The organization is using an
intranet to distribute information to its employees. A database residing on the network contains
employees' information, such as employee name, designation, department, phone extension, date of
birth, date of joining, etc. He is concerned about the security because the database has all
information about employees, which can help an unauthorized person to recognize an individual.
Which Personally Identifiable Information should be removed from the database so that the
unauthorized person cannot identify an individual?
A. Date of birth
B. Employee name
C. Employee code
D. Date of joining
Answer: A

CompTIA test   CAS-002 Real Questions   CAS-002   CAS-002 Exam Questions   CAS-002
Explanation:
According to the scenario, date of birth is uniquely identified information that can help the
unauthorized person to recognize an individual. Therefore, Mark should remove date of birth of all
employees from the database.

NO.8 An organization has decided to reduce labor costs by outsourcing back office processing of
credit applications to a provider located in another country. Data sovereignty and privacy concerns
raised by the security team resulted in the third-party provider only accessing and processing the
data via remote desktop sessions. To facilitate communications and improve productivity, staff at the
third party has been provided with corporate email accounts that are only accessible via the remote
desktop sessions. Email forwarding is blocked and staff at the third party can only communicate with
staff within the organization. Which of the following additional controls should be implemented to
prevent data loss? (Select THREE).
A. Implement hashing of data in transit
B. Session recording and capture
C. Disable cross session cut and paste
D. Monitor approved credit accounts
E. User access audit reviews
F. Source IP whitelisting
Answer: C,E,F

CompTIA test questions   CAS-002 Exam Cost   CAS-002 Real Questions   CAS-002 Study Guide