CAS-002 | 10 Tips For Leading CAS-002 practice test


P.S. Realistic CAS-002 ebook are available on Google Drive, GET MORE: https://drive.google.com/open?id=1MWxVvRqKw5P-3mL6Zi7QlXk_26ObOJ_y


New CompTIA CAS-002 Exam Dumps Collection (Question 3 - Question 12)

New Questions 3

Which of the following does SAML uses to prevent government auditors or law enforcement from identifying specific entities as having already connected to a service provider through an SSO operation?

A. Transient identifiers

B. Directory services

C. Restful interfaces

D. Security bindings

Answer:: A

New Questions 4

An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third-party? (Select TWO).

A. LDAP/S

B. SAML

C. NTLM

D. OAUTH

E. Kerberos

Answer: B,E

New Questions 5

The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage; and realizes this is a risk to the company. In response, the CISO implements a mandatory training course in which all employees are instructed on the proper use of cloud-based storage. Which of the following risk strategies did the CISO implement?

A. Avoid

B. Accept

C. Mitigate

D. Transfer

Answer: C

New Questions 6

A security manager is concerned about performance and patch management, and, as a result, wants to implement a virtualization strategy to avoid potential future OS vulnerabilities in the host system. The IT manager wants a strategy that would provide the hypervisor with direct communications with the underlying physical hardware allowing the hardware resources to be paravirtualized and delivered to the guest machines. Which of the following recommendations from the server administrator BEST meets the IT and security managersu2021 requirements? (Select TWO).

A. Nested virtualized hypervisors

B. Type 1 hypervisor

C. Hosted hypervisor with a three layer software stack

D. Type 2 hypervisor

E. Bare metal hypervisor with a software stack of two layers

Answer: B,E

New Questions 7

A large bank deployed a DLP solution to detect and block customer and credit card data from leaving the organization via email. A disgruntled employee was able to successfully exfiltrate data through the corporate email gateway by embedding a word processing document containing sensitive data as an object in a CAD file. Which of the following BEST explains why it was not detected and blocked by the DLP solution? (Select TWO).

A. The product does not understand how to decode embedded objects.

B. The embedding of objects in other documents enables document encryption by default.

C. The process of embedding an object obfuscates the data.

D. The mail client used to send the email is not compatible with the DLP product.

E. The DLP product cannot scan multiple email attachments at the same time.

Answer: A,C

New Questions 8

A software development manager is taking over an existing software development project. The team currently suffers from poor communication due to a long delay between requirements documentation and feature delivery. This gap is resulting in an above average number of security-related bugs making it into production. Which of the following development methodologies is the team MOST likely using now?

A. Agile

B. Waterfall

C. Scrum

D. Spiral

Answer: B

New Questions 9

A company has migrated its data and application hosting to a cloud service provider (CSP).

To meet its future needs, the company considers an IdP. Why might the company want to select an IdP that is separate from its CSP? (Select TWO).

A. A circle of trust can be formed with all domains authorized to delegate trust to an IdP

B. Identity verification can occur outside the circle of trust if specified or delegated

C. Replication of data occurs between the CSP and IdP before a verification occurs

D. Greater security can be provided if the circle of trust is formed within multiple CSP domains

E. Faster connections can occur between the CSP and IdP without the use of SAML

Answer: A,D

New Questions 10

The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following:

90.76.165.40 u2013 - [08/Mar/2014:10:54:04] u201cGET calendar.php?create%20table%20hidden HTTP/1.1u201d 200 5724

90.76.165.40 u2013 - [08/Mar/2014:10:54:05] u201cGET ../../../root/.bash_history HTTP/1.1u201d 200

5724

90.76.165.40 u2013 - [08/Mar/2014:10:54:04] u201cGET index.php?user=<script>Create</script> HTTP/1.1u201d 200 5724

The security administrator also inspects the following file system locations on the database server using the command u2021ls -al /rootu2021

drwxrwxrwx 11 root root 4096 Sep 28 22:45 .

drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..

-rws------ 25 root root 4096 Mar 8 09:30 .bash_history

-rw------- 25 root root 4096 Mar 8 09:30 .bash_history

-rw------- 25 root root 4096 Mar 8 09:30 .profile

-rw------- 25 root root 4096 Mar 8 09:30 .ssh

Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).

A. Privilege escalation

B. Brute force attack

C. SQL injection

D. Cross-site scripting

E. Using input validation, ensure the following characters are sanitized. <>

F. Update crontab with: find / ( -perm -4000 ) u2013type f u2013print0 | xargs -0 ls u2013l | email.sh

G. Implement the following PHP directive: $clean_user_input = addslashes($user_input)

H. Set an account lockout policy

Answer: A,F

New Questions 11

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers?

A. SSL certificate revocation

B. SSL certificate pinning

A. C. Mobile device root-kit detection

D. Extended Validation certificates

Answer: B

New Questions 12

As a cost saving measure, a company has instructed the security engineering team to allow all consumer devices to be able to access the network. They have asked for recommendations on what is needed to secure the enterprise, yet offer the most flexibility in terms of controlling applications, and stolen devices. Which of the following is BEST suited for the requirements?

A. MEAP with Enterprise Appstore

B. Enterprise Appstore with client-side VPN software

C. MEAP with TLS

D. MEAP with MDM

Answer: D

100% Down to date CompTIA CAS-002 Questions & Answers shared by Surepassexam, Get HERE: https://www.surepassexam.com/CAS-002-exam-dumps.html (New 532 Q&As)