Press "Enter" to skip to content

What Does CAS-002 exam Mean?

Master the CAS-002 CompTIA Advanced Security Practitioner (CASP) content and be ready for exam day success quickly with this Examcollection CAS-002 practice question. We guarantee it!We make it a reality and give you real CAS-002 questions in our CompTIA CAS-002 braindumps.Latest 100% VALID CompTIA CAS-002 Exam Questions Dumps at below page. You can use our CompTIA CAS-002 braindumps and pass your exam.


Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:

Q171. – (Topic 1) 

A small company’s Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company’s security posture quickly with regard to targeted attacks. Which of the following should the CSO conduct FIRST? 

A. Survey threat feeds from services inside the same industry. 

B. Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic. 

C. Conduct an internal audit against industry best practices to perform a qualitative analysis. 

D. Deploy a UTM solution that receives frequent updates from a trusted industry vendor. 


Q172. – (Topic 1) 

A company sales manager received a memo from the company’s financial department which stated that the company would not be putting its software products through the same security testing as previous years to reduce the research and development cost by 20 percent for the upcoming year. The memo also stated that the marketing material and service level agreement for each product would remain unchanged. The sales manager has reviewed the sales goals for the upcoming year and identified an increased target across the software products that will be affected by the financial department’s change. All software products will continue to go through new development in the coming year. Which of the following should the sales manager do to ensure the company stays out of trouble? 

A. Discuss the issue with the software product's user groups 

B. Consult the company’s legal department on practices and law 

C. Contact senior finance management and provide background information 

D. Seek industry outreach for software practices and law 


Q173. – (Topic 1) 

Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. 

Which of the following would be the advantage of conducting this kind of penetration test? 

A. The risk of unplanned server outages is reduced. 

B. Using documentation provided to them, the pen-test organization can quickly determine areas to focus on. 

C. The results will show an in-depth view of the network and should help pin-point areas of internal weakness. 

D. The results should reflect what attackers may be able to learn about the company. 


Q174. – (Topic 5) 

A security architect is locked into a given cryptographic design based on the allowable software at the company. The key length for applications is already fixed as is the cipher and algorithm in use. The security architect advocates for the use of well-randomized keys as a mitigation to brute force and rainbow attacks. Which of the following is the security architect trying to increase in the design? 

A. Key stretching 

B. Availability 

C. Entropy 

D. Root of trust 

E. Integrity 


Q175. – (Topic 5) 

A company has decided to move to an agile software development methodology. The company gives all of its developers security training. After a year of agile, a management review finds that the number of items on a vulnerability scan has actually increased since the methodology change. Which of the following best practices has MOST likely been overlooked in the agile implementation? 

A. Penetration tests should be performed after each sprint. 

B. A security engineer should be paired with a developer during each cycle. 

C. The security requirements should be introduced during the implementation phase. 

D. The security requirements definition phase should be added to each sprint. 


Q176. – (Topic 4) 

A new IDS device is generating a very large number of irrelevant events. Which of the following would BEST remedy this problem? 

A. Change the IDS to use a heuristic anomaly filter. 

B. Adjust IDS filters to decrease the number of false positives. 

C. Change the IDS filter to data mine the false positives for statistical trending data. 

D. Adjust IDS filters to increase the number of false negatives. 


Q177. – (Topic 2) 

A network engineer wants to deploy user-based authentication across the company’s wired and wireless infrastructure at layer 2 of the OSI model. Company policies require that users be centrally managed and authenticated and that each user’s network access be controlled based on the user’s role within the company. Additionally, the central authentication system must support hierarchical trust and the ability to natively authenticate mobile devices and workstations. Which of the following are needed to implement these requirements? (Select TWO). 





E. Shibboleth 


Answer: C,D 

Q178. – (Topic 2) 

A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach to risk management? 

A. Subjective and based on an individual's experience. 

B. Requires a high degree of upfront work to gather environment details. 

C. Difficult to differentiate between high, medium, and low risks. 

D. Allows for cost and benefit analysis. 

E. Calculations can be extremely complex to manage. 


Q179. – (Topic 4) 

Company XYZ provides cable television service to several regional areas. They are currently installing fiber-to-the-home in many areas with hopes of also providing telephone and Internet services. The telephone and Internet services portions of the company will each be separate subsidiaries of the parent company. The board of directors wishes to keep the subsidiaries separate from the parent company. However all three companies must share customer data for the purposes of accounting, billing, and customer authentication. The solution must use open standards, and be simple and seamless for customers, while only sharing minimal data between the companies. Which of the following solutions is BEST suited for this scenario? 

A. The companies should federate, with the parent becoming the SP, and the subsidiaries becoming an IdP. 

B. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SSP. 

C. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SP. 

D. The companies should federate, with the parent becoming the ASP, and the subsidiaries becoming an IdP. 


Q180. – (Topic 2) 

A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user continue to operate on the network as normal. However, they would like to have a copy of any communications from the user involving certain key terms. Additionally, the law enforcement agency has requested that the user's ongoing communication be retained in the user's account for future investigations. Which of the following will BEST meet the goals of law enforcement? 

A. Begin a chain-of-custody on for the user's communication. Next, place a legal hold on the user's email account. 

B. Perform an e-discover using the applicable search terms. Next, back up the user's email for a future investigation. 

C. Place a legal hold on the user's email account. Next, perform e-discovery searches to collect applicable emails. 

D. Perform a back up of the user's email account. Next, export the applicable emails that match the search terms.