Your success in CompTIA CAS-002 is our sole target and we develop all our CAS-002 braindumps in a way that facilitates the attainment of this target. Not only is our CAS-002 study material the best you can find, it is also the most detailed and the most updated. CAS-002 Practice Exams for CompTIA CASP CAS-002 are written to the highest standards of technical accuracy.


2024 New CAS-002 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/CAS-002/

P.S. Practical CAS-002 training tools are available on Google Drive, GET MORE: https://drive.google.com/open?id=1D1OsvtV6EsmahSAfh5egZO5fZVoFYzmV


New CompTIA CAS-002 Exam Dumps Collection (Question 9 - Question 18)

New Questions 9

A project manager working for a large city government is required to plan and build a WAN, which will be required to host official business and public access. It is also anticipated that the cityu2021s emergency and first response communication systems will be required to operate across the same network. The project manager has experience with enterprise IT projects, but feels this project has an increased complexity as a result of the mixed business / public use and the critical infrastructure it will provide. Which of the following should the project manager release to the public, academia, and private industry to ensure the city provides due care in considering all project factors prior to building its new WAN?

A. NDA

B. RFI

C. RFP

D. RFQ

Answer: B


New Questions 10

ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone?

A. Ensure hypervisor layer firewalling between all VM hosts regardless of security zone.

B. Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s).

C. Organize VM hosts into containers based on security zone and restrict access using an ACL.

D. Require multi-factor authentication when accessing the console at the physical VM host.

Answer: C


New Questions 11

Staff from the sales department have administrator rights to their corporate standard operating environment, and often connect their work laptop to customer networks when onsite during meetings and presentations. This increases the risk and likelihood of a security incident when the sales staff reconnects to the corporate LAN. Which of the following controls would BEST protect the corporate network?

A. Implement a network access control (NAC) solution that assesses the posture of the laptop before granting network access.

B. Use an independent consulting firm to provide regular network vulnerability assessments and biannually qualitative risk assessments.

C. Provide sales staff with a separate laptop with no administrator access just for sales visits.

D. Update the acceptable use policy and ensure sales staff read and acknowledge the policy.

Answer: A


New Questions 12

A business owner has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently implemented a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation?

A. The business owner is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.

B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.

C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the business owner.

D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.

Answer: D


New Questions 13

A business wants to start using social media to promote the corporation and to ensure that customers have a good experience with their products. Which of the following security items should the company have in place before implementation? (Select TWO).

A. The company must dedicate specific staff to act as social media representatives of the company.

B. All staff needs to be instructed in the proper use of social media in the work environment.

C. Senior staff blogs should be ghost written by marketing professionals.

D. The finance department must provide a cost benefit analysis for social media.

E. The security policy needs to be reviewed to ensure that social media policy is properly implemented.

F. The company should ensure that the company has sufficient bandwidth to allow for social media traffic.

Answer: A,E


New Questions 14

In a SPML exchange, which of the following BEST describes the three primary roles?

A. The Provisioning Service Target (PST) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the PST requests, and the Provisioning Service Target (PST) performs the provisioning.

B. The Provisioning Service Provider (PSP) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the PSP requests, and the Provisioning Service Provider (PSP) performs the provisioning.

C. The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the RA requests, and the Provisioning Service Provider (PSP) performs the provisioning.

D. The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the RA requests, and the Provisioning Service Target (PST) performs the provisioning.

Answer: D


New Questions 15

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO).

A. Erase all files on drive

B. Install of standard image

C. Remove and hold all drives

D. Physical destruction

E. Drive wipe

Answer: D,E


New Questions 16

The <nameID> element in SAML can be provided in which of the following predefined

formats? (Select TWO).

A. X.509 subject name

B. PTR DNS record

C. EV certificate OID extension

D. Kerberos principal name

E. WWN record name

Answer: A,D


New Questions 17

An international shipping company discovered that deliveries left idle are being tampered with. The company wants to reduce the idle time associated with international deliveries by ensuring that personnel are automatically notified when an inbound delivery arrives at the transit dock. Which of the following should be implemented to help the company increase the security posture of its operations?

A. Back office database

B. Asset tracking

C. Geo-fencing

D. Barcode scanner

Answer: C

Topic 3, Volume C


New Questions 18

Customer Need:

u201cWe need the system to produce a series of numbers with no discernible mathematical progression for use by our Java based, PKI-enabled, customer facing website.u201d

Which of the following BEST restates the customer need?

A. The system shall use a pseudo-random number generator seeded the same every time.

B. The system shall generate a pseudo-random number upon invocation by the existing Java program.

C. The system shall generate a truly random number based upon user PKI certificates.

D. The system shall implement a pseudo-random number generator for use by corporate customers.

Answer: : B


P.S. Easily pass CAS-002 Exam with Certifytools Practical Dumps & pdf vce, Try Free: https://www.certifytools.com/CAS-002-exam.html (532 New Questions)