90 likes | 226 Views
CompTIA CAS-002 Study Guide Killtest mentioned above will help increasing your knowledge on CAS-002 subjects and also the CAS-002 practice test will identify your weakness. Killtest according to the product of the network planning and network support launched engineer's qualification certification programs, and ask the agent in countries with such an engineer, in order to improve the quality of services to clients, a network engineer qualification CompTIA CAS-002 Study Guide Killtest.
E N D
KilltestCompTIA CAS-002 Exam CAS-002 CompTIACASP test http://www.killtest.com/CASP/CAS-002.asp
CAS-002CompTIACASP exam overview • CompTIA Advanced Security Practitioner (CASP) meets the growing demand for advanced IT security in the enterprise. Recommended for IT professionals with at least 5 years of experience, CASP certifies critical thinking and judgment across a broad spectrum of security disciplines and requires candidates to implement clear solutions in complex environments.
CompTIA CAS-002 Exam Details • Exam Codes: CAS-002 • Launch Date: January 20, 2015 • Exam Description: CASP covers enterprise security, risk management and incident response, research and analysis, integration of computing, communications and business disciplines as well as technical integration of enterprise components. • Number of Questions: Maximum of 90 questions • Type of Questions: Multiple choice and performance-based • Length of Test: 165 Minutes • Passing Score: Pass/Fail only. No scaled score. • Recommended Experience: 10 years experience in IT administration, including at least 5 years of hands-on technical security experience • Languages: English • Retirement : TBD - Usually three years after launch. • Price: $414.00 USD (See all pricing)
CAS-002 Exam Demo Sharing • The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company’s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE). • A. Business or technical justification for not implementing the requirements. • B. Risks associated with the inability to implement the requirements. • C. Industry best practices with respect to the technical implementation of the current controls. • D. All sections of the policy that may justify non-implementation of the requirements. • E. A revised DRP and COOP plan to the exception form. • F. Internal procedures that may justify a budget submission to implement the new requirement. • G. Current and planned controls to mitigate the risks. • Answer: A, B, G
CAS-002 Exam Demo Sharing • A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company’s online shopping application. Based on heuristic information from the Security Operations • Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation? • A. $60,000 • B. $100,000 • C. $140,000 • D. $200,000 • Answer: A
CAS-002 Exam Demo Sharing • The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented? • A. Geographical regulation issues, loss of intellectual property and interoperability agreement issues • B. Improper handling of client data, interoperability agreement issues and regulatory issues • C. Cultural differences, increased cost of doing business and divestiture issues • D. Improper handling of customer data, loss of intellectual property and reputation damage • Answer: D
CAS-002 Exam Demo Sharing • A new piece of ransomware got installed on a company’s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern? • A. Determining how to install HIPS across all server platforms to prevent future incidents • B. Preventing the ransomware from re-infecting the server upon restore • C. Validating the integrity of the deduplicated data • D. Restoring the data will be difficult without the application configuration • Answer: D
CAS-002 Exam Demo Sharing • An insurance company is looking to purchase a smaller company in another country. Which of the following tasks would the security administrator perform as part of the security due diligence? • A. Review switch and router configurations • B. Review the security policies and standards • C. Perform a network penetration test • D. Review the firewall rule set and IPS logs • Answer: B