Download Free COMPTIA CAS-002 Exam Practice Questions | Exam4Help
                     CompTIA
CAS-002 Dumps PDF
CompTIA Advanced Security Practitioner (CASP) Exam
CAS-002 Dumps
About the exam
The CASP+ certification validates advanced-level competency in risk management; enterprise 
security operations and architecture; research and collaboration; and integration of enterprise 
security. Successful candidates will have the knowledge required to:
 Enterprise Security domain expanded to include operations and architecture concepts, 
techniques, and requirements
 More emphasis on analyzing risk through interpreting trend data and anticipating cyber 
defense needs to meet business goals
 Expanding security control topics to include Mobile and small form factor devices, as well as 
software vulnerability
 Broader coverage of integrating cloud and virtualization technologies into a secure enterprise 
architecture
 Inclusion of implementing cryptographic techniques, such as Blockchain- Cryptocurrency and 
Mobile device encryption
CASP+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 
8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation because it 
provides confidence and trust in the outputs of an accredited program. Over 1.3 million CompTIA 
ISO/ANSI-accredited examCs hAaSve- 0be0e2n  dEelxivaemred  Ssintcued Jayn uMaray t1e, 2r0i1a1l.
Exam Description
CASP+ covers the technical knowledge and skills 
required to conceptualize, engineer, integrate and 
implement secure solutions across complex 
environments to support a resilient enterprise.
CAS-002 Exam Study Material
Question: 1
An administrator wants to enable policy based flexible mandatory access controls on an open 
source OS to prevent abnormal application modifications or executions. Which of the 
following would BEST accomplish this?
A. Access control lists
B. SELinux
C. IPtables firewall
D. HIPS
Answer: B
CAS-002 Exam Study Material
Question: 2
Company ABC’s SAN is nearing capacity, and will cause costly downtimes if servers run out 
disk space. Which of the following is a more cost effective alternative to buying a new SAN?
A. Enable multipath to increase availability
B. Enable deduplication on the storage pools
C. Implement snapshots to reduce virtual disk size
D. Implement replication to offsite datacenter
Answer: B
CAS-002 Exam Dumps
Question: 3
A systems administrator establishes a CIFS share on a UNIX device to share data to Windows 
systems. The security authentication on the Windows domain is set to the highest level. 
Windows users are stating that they cannot authenticate to the UNIX share. Which of the 
following settings on the UNIX
server would correct this problem?
A. Refuse LM and only accept NTLMv2
B. Accept only LM
C. Refuse NTLMv2 and accept LM
D. Accept only NTLM
Answer: A
CAS-002 Exam Study Material
Question: 4
A security architect is designing a new infrastructure using both type 1 and type 2 virtual 
machines. In addition to the normal complement of security controls (e.g. antivirus, host 
hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store 
cryptographic keys used to sign code and code modules on the VMs. Which of the following will 
meet this goal without requiring any hardware pass-through implementations?
A. vTPM
B. HSM
C. TPM
D. INE
Answer: A
CAS-002 Dumps PDF
Question: 5
A user has a laptop configured with multiple operating system installations. The operating 
systems are all installed on a single SSD, but each has its own partition and logical volume. 
Which of the following is the BEST way to ensure confidentiality of individual operating system 
data?
A. Encryption of each individual partition
B. Encryption of the SSD at the file level
C. FDE of each logical volume on the SSD
D. FDE of the entire SSD as a single disk
Answer: A
CAS-002 Exam Study Material
CompTIA
CAS-002 Dumps PDF
CompTIA Advanced Security Practitioner (CASP) Exam
CAS-002 Dumps