CAS-002 試験問題を無料オンラインアクセス
| 試験コード: | CAS-002 |
| 試験名称: | CompTIA Advanced Security Practitioner (CASP) |
| 認定資格: | CompTIA |
| 無料問題数: | 465 |
| 更新日: | 2026-05-30 |
An administrator receives reports that the network is running slow for users connected to a certain switch. Viewing the network traffic, the administrator reviews the following:
1 8:51:59.042108 IP linuxwksta.55467 > dns.company.com.domain: 39462+ PTR?
2 22.17.4.10.in-addr.arpa. (42)
1 8:51:59.055732 IP dns.company.com.domain > linuxwksta.55467: 39462 NXDomain
0 /0/0 (42)
1 8:51:59.055842 IP linuxwksta.48287 > dns.company.com.domain: 46767+ PTR?
2 55.19.4.10.in-addr.arpa. (42)
1 8:51:59.069816 IP dns.company.com.domain > linuxwksta.48287: 46767 NXDomain
0 /0/0 (42)
18:51:59.159060 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [P.], seq
1989625106:1989625154, ack 2067334822, win 1525, options [nop,nop,TS val 16021424 ecr 215646227], length 48
1 8:51:59.159145 IP linuxwksta.48854 > dns.company.com.domain: 3834+ PTR?
7 2.17.4.10.in-addr.arpa. (41)
1 8:51:59.159314 IP 10.4.17.72.iscsi-target > linuxwksta.42491: Flags [P.], seq 1:49, ack
4 8, win 124, options [nop,nop,TS val 215647479 ecr 16021424], length 48
18:51:59.159330 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [.], ack 49, win 1525, options [nop,nop,TS val 16021424 ecr 215647479], length 0
18:51:59.165342 IP dns.company.com.domain > linuxwksta.48854: 3834 NXDomain 0/0/0 (41)
18:51:59.397461 ARP, Request who-has 10.4.16.58 tell 10.4.16.1, length 46
1 8:51:59.397597 IP linuxwksta.37684 > dns.company.com.domain: 15022+ PTR?
5 8.16.4.10.in-addr.arpa. (41)
Given the traffic report, which of the following is MOST likely causing the slow traffic?
-- Exhibit --
-- Exhibit --
Company management has indicated that instant messengers (IM) add to employee productivity. Management would like to implement an IM solution, but does not have a budget for the project. The security engineer creates a feature matrix to help decide the most secure product. Click on the Exhibit button.
Which of the following would the security engineer MOST likely recommend based on the table?
The security manager of a company has hired an external consultant to conduct a security assessment of the company network. The contract stipulates that the consultant is not allowed to transmit any data on the company network while performing wired and wireless security assessments. Which of the following technical means can the consultant use to determine the manufacturer and likely operating system of the company wireless and wired network devices, as well as the computers connected to the company network?
Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at Company XYZ's headquarters. Which of the following BEST prevents Company XYZ representatives from gaining access to unauthorized Company ABC systems?
A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO wants to know upfront what the projected TCO would be before looking further into this concern. Two vendor proposals have been received:
* Vendor A: product-based solution which can be purchased by the pharmaceutical company.
* Capital expenses to cover central log collectors, correlators, storage and management consoles expected to be $150,000. Operational expenses are expected to be a 0.5 full time employee (FTE) to manage the solution, and 1 full time employee to respond to incidents per year.
* Vendor B: managed service-based solution which can be the outsourcer for the pharmaceutical company's needs.
Bundled offering expected to be $100,000 per year.
Operational expenses for the pharmaceutical company to partner with the vendor are expected to be a 0.5 FTE per year.
Internal employee costs are averaged to be $80,000 per year per FTE. Based on calculating TCO of the two vendor proposals over a 5 year period, which of the following options is MOST accurate?