Free CompTIA CAS-002 Exam Dumps Questions & Answers

Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim's privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?

• A.  Use after free
• B.  Click-jacking
• C.  Integer overflow
• D.  Race condition
• E.  SQL injection
• F.  Input validation

After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system was restored on a newer revision of the same brand and model device. After the restore, the specialized application no longer works. Which of the following is the MOST likely cause of the problem?

• A.  The binary files used by the application have been modified by malware.
• B.  The restored image backup was encrypted with the wrong key.
• C.  The application is unable to perform remote attestation due to blocked ports.
• D.  The hash key summary of hardware and installed software no longer match.

A security administrator wants to prevent sensitive data residing on corporate laptops and desktops from leaking outside of the corporate network. The company has already implemented full-disk encryption and has disabled all peripheral devices on its desktops and laptops. Which of the following additional controls MUST be implemented to minimize the risk of data leakage? (Select TWO).

• A.  Full-tunnel VPN should be required for all network communication.
• B.  Strong authentication should be implemented via external biometric devices.
• C.  Split-tunnel VPN should be enforced when transferring sensitive data.
• D.  A DLP gateway should be installed at the company border.
• E.  A full-system backup should be implemented to a third-party provider with strong encryption for data in transit.
• F.  Full-drive file hashing should be implemented with hashes stored on separate storage.

Company A has a remote work force that often includes independent contractors and out of state full time employees.
Company A's security engineer has been asked to implement a solution allowing these users to collaborate on projects with the following goals:
All communications between parties need to be encrypted in transport Users must all have the same application sets at the same version All data must remain at Company A's site All users must not access the system between 12:00 and 1:00 as that is the maintenance window Easy to maintain, patch and change application environment.
Which of the following solutions should the security engineer recommend to meet the MOST goals?

• A.  Create an SSL reverse proxy to a collaboration workspace. Use remote installation service to maintain application version. Have users use full desktop encryption. Schedule server downtime from 12:00 to 1:00 PM.
• B.  Install an SSL VPN to Company A's datacenter, have users connect to a standard virtual workstation image, set workstation time of day restrictions.
• C.  Schedule server downtime from 12:00 to 1:00 PM, implement a Terminal Server Gateway, use remote installation services to standardize application on user's laptops.
• D.  Create an extranet web portal using third party web based office applications. Ensure that Company A maintains the administrative access.

The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company's contribution to worldwide Distributed Denial of Service (DDoS) attacks.
Which of the following should the ISP implement? (Select TWO).

• A.  Prevent the ISP's customers from querying DNS servers other than those hosted by the ISP.
• B.  Scan the ISP's customer networks using an up-to-date vulnerability scanner.
• C.  Block traffic with an IP source not allocated to customers from exiting the ISP's network.
• D.  Notify customers when services they run are involved in an attack.
• E.  Block traffic from the ISP's networks destined for blacklisted IPs.