Update CompTIA CASP CAS-002 Dumps with VCE and PDF for Free (Question 641 – Question 645)

PassLeader released the NEWEST CompTIA CAS-002 exam dumps recently! Both CAS-002 VCE dumps and CAS-002 PDF dumps are available on PassLeader, either CAS-002 VCE dumps or CAS-002 PDF dumps have the NEWEST CAS-002 exam questions in it, they will help you passing CompTIA CAS-002 exam easily! You can download the valid CAS-002 dumps VCE and PDF from PassLeader here: https://www.passleader.com/cas-002.html (900 Q&As Dumps)

Also, previewing the NEWEST PassLeader CAS-002 dumps online for free on Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpenQtV3dLMDkyM0U

Fill in the blank with the appropriate word. ____ encryption protects a file as it travels over protocols, such as FTPS (SSL), SFTP (SSH), and HTTPS.

Answer: Transport

Interceptor is a pseudo proxy server that performs HTTP diagnostics, which of the following features are provided by HTTP Interceptor? (Each correct answer represents a complete solution. Choose all that apply.)

A.    It controls cookies being sent and received.
B.    It allows to browse anonymously by withholding Referrer tag, and user agent.
C.    It can view each entire HTTP header.
D.    It debugs DOC, DOCX, and JPG file.

Answer: ABC
HTTP diagnostics is performed by the HTTP Interceptor which is a pseudo proxy server and it also facilitates viewing the two way communication between the browser and the Internet. Various features of HTTP Interceptor are as follows:
– View each entire HTTP header.
– Debug your PHP, ASP, CGI or JavaScript and htaccess file.
– Control Cookies being sent and received.
– Find out what sort of URL redirection the site may be using.
– Browse anonymously by withholding Referrer tag, and user agent.

John is concerned about internal security threats on the network he administers. He believes that he has taken every reasonable precaution against external threats, but is concerned that he may have gaps in his internal security. Which of the following is the most likely internal threat?

A.    Employees not following security policy
B.    Privilege Escalation
C.    SQL Injection
D.    Employees selling sensitive data

Answer: A
Employees may disregard policies, such as policies limiting the use of USB devices or the ability to download programs from the internet. This is the most pervasive internal security threat.
Not D: Employees selling sensitive data is, of course, possible. However, this scenario is less likely that option A.
Not C: SQL Injection is most likely accomplished by an external hacker.
Not B: Privilege escalation can be done by internal or external attackers. However, even with internal attackers, it is far less likely than option B.

Resource exhaustion includes all of the following except ____.

A.    opening too many connections
B.    allocating all system memory to a single application
C.    overflowing a buffer with too much data
D.    flooding a network with excessive packets

Answer: C
Buffer overflow attacks is related to resource exhaustion but is not the same thing. The reason being that the buffer overflow is based on programmers not checking array bounds, rather than exhausting resources. Answer options A, B, and D are incorrect. All of these are examples of resource exhaustion.

Which of the following security practices are included in the Implementation phase of the Security Development Lifecycle (SDL)? (Select TWO.)

A.    Establish Design Requirements
B.    Perform Static Analysis
C.    Use Approved Tools
D.    Execute Incident Response Plan

Answer: BC
Security practices performed during each phase of the Security Development Lifecycle (SDL) process are as follows:

Welcome to choose PassLeader CAS-002 dumps for 100% passing CompTIA CAS-002 exam: https://www.passleader.com/cas-002.html (900 Q&As VCE Dumps and PDF Dumps)

Also, previewing the NEWEST PassLeader CAS-002 dumps online for free on Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpenQtV3dLMDkyM0U