CertBus 2019 Real CompTIA CAS-002 CASP Exam VCE and PDF Dumps for Free Download!
☆ CAS-002 CASP Exam PDF and VCE Dumps : 733QAs Instant Download: https://www.certbus.com/cas-002.html [100% CAS-002 Exam Pass Guaranteed or Money Refund!!]
☆ Free view online pdf on CertBus free test CAS-002 PDF: https://www.certbus.com/online-pdf/cas-002.pdf
Following CAS-002 733QAs are all new published by CompTIA Official Exam Center
We promise that you should not worry about May 06,2019 Latest CAS-002 free download exam at all. We, CertBus, are here to provide guidance to help you pass the CASP Newest CAS-002 study guide CompTIA Advanced Security Practitioner Exam exam and get the CompTIA certification. CertBus offers the latest real Latest CAS-002 vce dumps CompTIA Advanced Security Practitioner Exam exam PDF and VCE dumps. All the CASP Hotest CAS-002 pdf dumps exam questions and answers are the latest and cover every aspect of Hotest CAS-002 free download exam.
CertBus – 100% real CAS-002 certification exam questions and answers. easily pass with a high score. CertBus – 100% real CAS-002 certification exam questions and answers. easily pass with a high score. CertBus – our goal is to help all candidates pass their CAS-002 exams and get their certifications in their first attempt. money back guarantee.
We CertBus has our own expert team. They selected and published the latest CAS-002 preparation materials from CompTIA Official Exam-Center: https://www.certbus.com/cas-002.html
A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this information and why would it be valuable?
A. This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection.
B. This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network.
C. This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections.
D. This information can be found by querying the network\’s DNS servers, and is valuable because backup DNS servers typically allow recursive queries from Internet hosts.
Correct Answer: A
The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the router\’s external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the company\’s external router\’s IP which is 126.96.36.199:
11:16:22.110343 IP 188.8.131.52.19 andgt; 184.108.40.206.19: UDP, length 1400 11:16:22.110351 IP 220.127.116.11.19 andgt; 18.104.22.168.19: UDP, length 1400 11:16:22.110358 IP 22.214.171.124.19 andgt; 126.96.36.199.19: UDP, length 1400 11:16:22.110402 IP 188.8.131.52.19 andgt; 184.108.40.206.19: UDP, length 1400 11:16:22.110406 IP 220.127.116.11.19 andgt; 18.104.22.168.19: UDP, length 1400 Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration?
A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the company\’s ISP should be contacted and instructed to block the malicious packets.
B. After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.
C. After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks.
D. After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company\’s external router to block incoming UDP port 19 traffic.
Correct Answer: A
A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this policy. One system will be upgraded in six months, and two are not expected to be upgraded or removed from the network. Which of the following processes should be followed?
A. Establish a risk matrix
B. Inherit the risk for six months
C. Provide a business justification to avoid the risk
D. Provide a business justification for a risk exception
Correct Answer: D
An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability?
A. Source code vulnerability scanning
B. Time-based access control lists
C. ISP to ISP network jitter
D. File-size validation
E. End to end network encryption
Correct Answer: B
VPN users cannot access the active FTP server through the router but can access any server in the data center.
Additional network information:
DMZ network -192.168.5.0/24 (FTP server is 192.168.5.11)
VPN network -192.168.1.0/24
User network – 192.168.3.0/24
HR network -192.168.4.0/24\
Traffic shaper configuration:
VLAN Bandwidth Limit (Mbps)
Which of the following solutions would allow the users to access the active FTP server?
A. Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network
B. Add a permit statement to allow traffic to 192.168.5.1 from the VPN network
C. IPS is blocking traffic and needs to be reconfigured
D. Configure the traffic shaper to limit DMZ traffic
E. Increase bandwidth limit on the VPN network
Correct Answer: A
A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO wants to know upfront what the projected TCO would be before looking further into this concern. Two vendor proposals have been received:
Vendor A: product-based solution which can be purchased by the pharmaceutical company.
Capital expenses to cover central log collectors, correlators, storage and management consoles expected to be $150,000. Operational expenses are expected to be a 0.5 full time employee (FTE) to manage the solution, and 1 full time
employee to respond to incidents per year.
Vendor B: managed service-based solution which can be the outsourcer for the pharmaceutical company\’s needs.
Bundled offering expected to be $100,000 per year.
Operational expenses for the pharmaceutical company to partner with the vendor are expected to be a 0.5 FTE per year.
Internal employee costs are averaged to be $80,000 per year per FTE. Based on calculating TCO of the two vendor proposals over a 5 year period, which of the following options is MOST accurate?
A. Based on cost alone, having an outsourced solution appears cheaper.
B. Based on cost alone, having an outsourced solution appears to be more expensive.
C. Based on cost alone, both outsourced an in-sourced solutions appear to be the same.
D. Based on cost alone, having a purchased product solution appears cheaper.
Correct Answer: A
A security consultant is called into a small advertising business to recommend which security policies and procedures would be most helpful to the business. The business is comprised of 20 employees, operating off of two shared servers. One server houses employee data and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not access either of the servers remotely. Assuming no security policies or procedures are in place right now, which of the following would be the MOST applicable for implementation? (Select TWO).
A. Password Policy
B. Data Classification Policy
C. Wireless Access Procedure
D. VPN Policy
E. Database Administrative Procedure
Correct Answer: AB
If a technician must take an employee\’s workstation into custody in response to an investigation, which of the following can BEST reduce the likelihood of related legal issues?
A. A formal letter from the company\’s president approving the seizure of the workstation.
B. A formal training and awareness program on information security for all company managers.
C. A screen displayed at log in that informs users of the employer\’s rights to seize, search, and monitor company devices.
D. A printout of an activity log, showing that the employee has been spending substantial time on non-work related websites.
Correct Answer: C
Which of the following are components defined within an Enterprise Security Architecture Framework? (Select THREE).
A. Implementation run-sheets
B. Solution designs
C. Business capabilities
D. Solution architectures
E. Business requirements documents
F. Reference models
G. Business cases
H. Business vision and drivers
Correct Answer: CFH
The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements?
A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator.
B. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud.
C. A SaaS based firewall which logs to the company\’s local storage via SSL, and is managed by the change control team.
D. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware.
Correct Answer: A
CertBus exam braindumps are pass guaranteed. We guarantee your pass for the CAS-002 exam successfully with our CompTIA materials. CertBus CompTIA Advanced Security Practitioner Exam exam PDF and VCE are the latest and most accurate. We have the best CompTIA in our team to make sure CertBus CompTIA Advanced Security Practitioner Exam exam questions and answers are the most valid. CertBus exam CompTIA Advanced Security Practitioner Exam exam dumps will help you to be the CompTIA specialist, clear your CAS-002 exam and get the final success.
CAS-002 CompTIA exam dumps (100% Pass Guaranteed) from CertBus: https://www.certbus.com/cas-002.html [100% Exam Pass Guaranteed]
Why select/choose CertBus?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.