[Free] 2018(Jan) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 121-130

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 121 – (Topic 2)

An IT auditor is reviewing the data classification for a sensitive system. The company has classified the data stored in the sensitive system according to the following matrix:






The auditor is advising the company to review the aggregate score and submit it to senior management. Which of the following should be the revised aggregate score?





Answer: C

Question No: 122 – (Topic 2)

A business unit of a large enterprise has outsourced the hosting and development of a new external website which will be accessed by premium customers, in order to speed up the time to market timeline. Which of the following is the MOST appropriate?

  1. The external party providing the hosting and website development should be obligated under contract to provide a secure service which is regularly tested (vulnerability and penetration). SLAs should be in place for the resolution of newly identified vulnerabilities and a guaranteed uptime.

  2. The use of external organizations to provide hosting and web development services is not recommended as the costs are typically higher than what can be achieved internally. In addition, compliance with privacy regulations becomes more complex and guaranteed uptimes are difficult to track and measure.

  3. Outsourcing transfers all the risk to the third party. An SLA should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.

  4. Outsourcing transfers the risk to the third party, thereby minimizing the cost and any legal obligations. An MOU should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.

Answer: A

Question No: 123 – (Topic 2)

An insurance company has an online quoting system for insurance premiums. It allows potential customers to fill in certain details about their car and obtain a quote. During an investigation, the following patterns were detected:

Pattern 1 – Analysis of the logs identifies that insurance premium forms are being filled in but only single fields are incrementally being updated.

Pattern 2 – For every quote completed, a new customer number is created; due to legacy

systems, customer numbers are running out.

Which of the following is the attack type the system is susceptible to, and what is the BEST way to defend against it? (Select TWO).

  1. Apply a hidden field that triggers a SIEM alert

  2. Cross site scripting attack

  3. Resource exhaustion attack

  4. Input a blacklist of all known BOT malware IPs into the firewall

  5. SQL injection

  6. Implement an inline WAF and integrate into SIEM

  7. Distributed denial of service

  8. Implement firewall rules to block the attacking IP addresses

Answer: C,F

Question No: 124 – (Topic 2)

An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month. The new software product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per month and be more secure. How many years until there is a return on investment for this new package?

  1. 1

  2. 2

  3. 3

  4. 4

Answer: D

Question No: 125 – (Topic 2)

A security auditor suspects two employees of having devised a scheme to steal money from the company. While one employee submits purchase orders for personal items, the other employee approves these purchase orders. The auditor has contacted the human resources director with suggestions on how to detect such illegal activities. Which of the following should the human resource director implement to identify the employees involved in these activities and reduce the risk of this activity occurring in the future?

  1. Background checks

  2. Job rotation

  3. Least privilege

  4. Employee termination procedures

Answer: B

Question No: 126 – (Topic 2)

A security analyst, Ann, states that she believes Internet facing file transfer servers are being attacked. Which of the following is evidence that would aid Ann in making a case to management that action needs to be taken to safeguard these servers?

  1. Provide a report of all the IP addresses that are connecting to the systems and their locations

  2. Establish alerts at a certain threshold to notify the analyst of high activity

  3. Provide a report showing the file transfer logs of the servers

  4. Compare the current activity to the baseline of normal activity

Answer: D

Question No: 127 – (Topic 2)

The following has been discovered in an internally developed application:

Error – Memory allocated but not freed: char *myBuffer = malloc(BUFFER_SIZE); if (myBuffer != NULL) {

*myBuffer = STRING_WELCOME_MESSAGE; printf(“Welcome to: %s\n”, myBuffer);



Which of the following security assessment methods are likely to reveal this security weakness? (Select TWO).

  1. Static code analysis

  2. Memory dumping

  3. Manual code review

  4. Application sandboxing

  5. Penetration testing

  6. Black box testing

Answer: A,C

Question No: 128 – (Topic 2)

After reviewing a company’s NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS export. The security administrator decides to remove the no_root_squash directive from the export and add the nosuid directive. Which of the following is true about the security controls implemented by the security administrator?

  1. The newly implemented security controls are in place to ensure that NFS encryption can only be controlled by the root user.

  2. Removing the no_root_squash directive grants the root user remote NFS read/write access to important files owned by root on the NAS.

  3. Users with root access on remote NFS client computers can always use the SU command to modify other user’s files on the NAS.

  4. Adding the nosuid directive disables regular users from accessing files owned by the root user over NFS even after using the SU command.

Answer: C

Question No: 129 – (Topic 2)

An employee is performing a review of the organization’s security functions and noticed that there is some cross over responsibility between the IT security team and the financial fraud team. Which of the following security documents should be used to clarify the roles and responsibilities between the teams?

  1. BPA

  2. BIA

  3. MOU

  4. OLA

Answer: C

Question No: 130 – (Topic 2)

An information security assessor for an organization finished an assessment that identified critical issues with the human resource new employee management software application. The assessor submitted the report to senior management but nothing has happened.

Which of the following would be a logical next step?

  1. Meet the two key VPs and request a signature on the original assessment.

  2. Include specific case studies from other organizations in an updated report.

  3. Schedule a meeting with key human resource application stakeholders.

  4. Craft an RFP to begin finding a new human resource application.

Answer: C

100% Ensurepass Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Ensurepass Free Guaranteed!
CAS-002 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.