CertBus 2020 Latest CompTIA CAS-002 CASP Exam VCE and PDF Dumps for Free Download!
☆ CAS-002 CASP Exam PDF and VCE Dumps : 733QAs Instant Download: https://www.certbus.com/cas-002.html [100% CAS-002 Exam Pass Guaranteed or Money Refund!!]
☆ Free view online pdf on CertBus free test CAS-002 PDF: https://www.certbus.com/online-pdf/cas-002.pdf
Following CAS-002 733QAs are all new published by CompTIA Official Exam Center
This is a note. Please give me your attention if you are preparing for your CompTIA Jun 25,2020 Hotest CAS-002 QAs exam. It is really a tough task to pass CASP Latest CAS-002 exam questions exam. However, CertBus will help you on that with the most comprehensive PDF and VCEs of the latest CASP Newest CAS-002 pdf dumps exam questions, covering each and every aspect of CASP Hotest CAS-002 exam questions CompTIA Advanced Security Practitioner Exam exam curriculum.
CertBus: best CAS-002 certification material provider are cheapest in the market! CertBus – help you to get your CAS-002 certification more easily. save your time and money! high pass rate! reliable CAS-002 certification exams preparation – latest braindumps at CertBus. CertBus – leader of CAS-002 certifications, latest dumps, guaranteed pass.
We CertBus has our own expert team. They selected and published the latest CAS-002 preparation materials from CompTIA Official Exam-Center: https://www.certbus.com/cas-002.html
Which of the following BEST constitutes the basis for protecting VMs from attacks from other VMs hosted on the same physical platform?
A. Aggressive patch management on the host and guest OSs.
B. Host based IDS sensors on all guest OSs.
C. Different antivirus solutions between the host and guest OSs.
D. Unique Network Interface Card (NIC) assignment per guest OS.
Correct Answer: A
The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the router\’s external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the company\’s external router\’s IP which is 18.104.22.168:
11:16:22.110343 IP 22.214.171.124.19 andgt; 126.96.36.199.19: UDP, length 1400 11:16:22.110351 IP 188.8.131.52.19 andgt; 184.108.40.206.19: UDP, length 1400 11:16:22.110358 IP 220.127.116.11.19 andgt; 18.104.22.168.19: UDP, length 1400 11:16:22.110402 IP 22.214.171.124.19 andgt; 126.96.36.199.19: UDP, length 1400 11:16:22.110406 IP 188.8.131.52.19 andgt; 184.108.40.206.19: UDP, length 1400 Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration?
A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the company\’s ISP should be contacted and instructed to block the malicious packets.
B. After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.
C. After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks.
D. After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company\’s external router to block incoming UDP port 19 traffic.
Correct Answer: A
A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:
Customers to upload their log files to the andquot;big dataandquot; platform Customers to perform remote log search Customers to integrate into the platform using an API so that third party business intelligence tools can be used for the purpose of trending, insights, and/or discovery Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).
A. Secure storage and transmission of API keys
B. Secure protocols for transmission of log files and search results
C. At least two years retention of log files in case of e-discovery requests
D. Multi-tenancy with RBAC support
E. Sanitizing filters to prevent upload of sensitive log file contents
F. Encryption of logical volumes on which the customers\’ log files reside
Correct Answer: ABD
The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?
A. Capture process ID data and submit to anti-virus vendor for review.
B. Reboot the Linux servers, check running processes, and install needed patches.
C. Remove a single Linux server from production and place in quarantine.
D. Notify upper management of a security breach.
E. Conduct a bit level image, including RAM, of one or more of the Linux servers.
Correct Answer: E
A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing confidential corporate information on a daily basis. Which of the following are the MOST effective security controls that can be implemented to stop the above problem? (Select TWO).
A. Implement a URL filter to block the online forum
B. Implement NIDS on the desktop and DMZ networks
C. Security awareness compliance training for all employees
D. Implement DLP on the desktop, email gateway, and web proxies
E. Review of security policies and procedures
Correct Answer: CD
Continuous monitoring is a popular risk reduction technique in many large organizations with formal certification processes for IT projects. In order to implement continuous monitoring in an effective manner which of the following is correct?
A. Only security related alerts should be forwarded to the network team for resolution.
B. All logs must be centrally managed and access to the logs restricted only to data storage staff.
C. Logging must be set appropriately and alerts delivered to security staff in a timely manner.
D. Critical logs must be monitored hourly and adequate staff must be assigned to the network team.
Correct Answer: C
Which of the following does SAML uses to prevent government auditors or law enforcement from identifying specific entities as having already connected to a service provider through an SSO operation?
A. Transient identifiers
B. Directory services
C. Restful interfaces
D. Security bindings
Correct Answer: A
Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim\’s privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?
A. Integer overflow
C. Race condition
D. SQL injection
E. Use after free
F. Input validation
Correct Answer: E
Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string: [email protected]:~$ sudo nmap 璒 192.168.1.54 Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device: TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778 Based on this information, which of the following operating systems is MOST likely running on the unknown node?
Correct Answer: C
Several business units have requested the ability to use collaborative web-based meeting places with third party vendors. Generally these require user registration, installation of client-based ActiveX or Java applets, and also the ability for the user to share their desktop in read-only or read-write mode. In order to ensure that information security is not compromised, which of the following controls is BEST suited to this situation?
A. Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation.
B. Hire an outside consultant firm to perform both a quantitative and a qualitative risk- based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur.
C. Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked.
D. Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited.
Correct Answer: D
CertBus exam braindumps are pass guaranteed. We guarantee your pass for the CAS-002 exam successfully with our CompTIA materials. CertBus CompTIA Advanced Security Practitioner Exam exam PDF and VCE are the latest and most accurate. We have the best CompTIA in our team to make sure CertBus CompTIA Advanced Security Practitioner Exam exam questions and answers are the most valid. CertBus exam CompTIA Advanced Security Practitioner Exam exam dumps will help you to be the CompTIA specialist, clear your CAS-002 exam and get the final success.
CAS-002 CompTIA exam dumps (100% Pass Guaranteed) from CertBus: https://www.certbus.com/cas-002.html [100% Exam Pass Guaranteed]
Why select/choose CertBus?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.