Download CompTIA Advanced Security Practitioner (CASP).CAS-002.CertKiller.2018-10-23.246q.tqb

Vendor: CompTIA
Exam Code: CAS-002
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Date: Oct 23, 2018
File Size: 1 MB
Download Exam

How to open TQB files?

Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.

Download
Taurus Exam Studio

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZ’s hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal. 
Which of the following BEST describes the core concerns of the security architect?
  1. Most of company XYZ’s customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.
  2. The availability requirements in SLAs with each hosted customer would have to be re-written to account for the transfer of virtual machines between physical platforms for regular maintenance.
  3. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.
  4. Not all of company XYZ’s customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.
Correct answer: C
Question 2
A university requires a significant increase in web and database server resources for one week, twice a year, to handle student registration. The web servers remain idle for the rest of the year. Which of the following is the MOST cost effective way for the university to securely handle student registration?
  1. Virtualize the web servers locally to add capacity during registration.
  2. Move the database servers to an elastic private cloud while keeping the web servers local.
  3. Move the database servers and web servers to an elastic private cloud.
  4. Move the web servers to an elastic public cloud while keeping the database servers local.
Correct answer: D
Question 3
Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption. Which of the following solutions minimizes the performance impact on the router?
  1. Deploy inline network encryption devices
  2. Install an SSL acceleration appliance
  3. Require all core business applications to use encryption
  4. Add an encryption module to the router and configure IPSec
Correct answer: A
Question 4
In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. 
Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).
  1. Provide free email software for personal devices.
  2. Encrypt data in transit for remote access.
  3. Require smart card authentication for all devices.
  4. Implement NAC to limit insecure devices access.
  5. Enable time of day restrictions for personal devices.
Correct answer: BD
Question 5
A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO).
  1. The user’s certificate private key must be installed on the VPN concentrator.
  2. The CA’s certificate private key must be installed on the VPN concentrator.
  3. The user certificate private key must be signed by the CA.
  4. The VPN concentrator’s certificate private key must be signed by the CA and installed on the VPN concentrator.
  5. The VPN concentrator’s certificate private key must be installed on the VPN concentrator.
  6. The CA’s certificate public key must be installed on the VPN concentrator.
Correct answer: EF
Question 6
Ann, a software developer, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software from running on mobile devices?
  1. Single sign-on
  2. Identity propagation
  3. Remote attestation
  4. Secure code review
Correct answer: C
Question 7
Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete?
  1. They should logon to the system using the username concatenated with the 6-digit code and their original password.
  2. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code.
  3. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed.
  4. They should use the username format: [email protected], together with a password and their 6-digit code.
Correct answer: D
Question 8
An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. 
Which of the following controls should be implemented to mitigate the attack in the future?
  1. Use PAP for secondary authentication on each RADIUS server
  2. Disable unused EAP methods on each RADIUS server
  3. Enforce TLS connections between RADIUS servers
  4. Use a shared secret for each pair of RADIUS servers
Correct answer: C
Question 9
Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. 
Which of the following methodologies should be adopted?
  1. The company should develop an in-house solution and keep the algorithm a secret.
  2. The company should use the CEO’s encryption scheme.
  3. The company should use a mixture of both systems to meet minimum standards.
  4. The company should use the method recommended by other respected information security organizations.
Correct answer: D
Question 10
Which of the following BEST constitutes the basis for protecting VMs from attacks from other VMs hosted on the same physical platform?
  1. Aggressive patch management on the host and guest OSs.
  2. Host based IDS sensors on all guest OSs.
  3. Different antivirus solutions between the host and guest OSs.
  4. Unique Network Interface Card (NIC) assignment per guest OS.
Correct answer: A
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!