Latest CAS-002 test question Guide

Our pass rate is high to 98.9% and the similarity percentage between our CAS-002 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA CAS-002 exam in just one try? I am currently studying for the CompTIA CAS-002 exam. Latest CompTIA CAS-002 Test exam practice questions and answers, Try CompTIA CAS-002 Brain Dumps First.

2018 NEW RECOMMEND

Free VCE & PDF File for CompTIA CAS-002 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/CAS-002-dumps.html

P.S. Verified CAS-002 Q&A are available on Google Drive, GET MORE: https://drive.google.com/open?id=1J1BBpAPWFcvqB6OREC6YP3KoGX0G5jQM

New CompTIA CAS-002 Exam Dumps Collection (Question 14 – Question 23)

New Questions 14

A UNIX administrator notifies the storage administrator that extra LUNs can be seen on a UNIX server. The LUNs appear to be NTFS file systems. Which of the following MOST likely happened?

A. The iSCSI initiator was not restarted.

B. The NTFS LUNs are snapshots.

C. The HBA allocation is wrong.

D. The UNIX server is multipathed.

Answer: C

New Questions 15

A network administrator notices a security intrusion on the web server. Which of the following is noticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2 in the log file?

A. Buffer overflow

B. Click jacking

C. SQL injection

D. XSS attack

Answer: D

New Questions 16

Company XYZ has experienced a breach and has requested an internal investigation be conducted by the IT Department. Which of the following represents the correct order of the investigation process?

A. Collection, Identification, Preservation, Examination, Analysis, Presentation.

B. Identification, Preservation, Collection, Examination, Analysis, Presentation.

C. Collection, Preservation, Examination, Identification, Analysis, Presentation.

A. D. Identification, Examination, Preservation, Collection, Analysis, Presentation.

Answer: B

New Questions 17

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out

to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

A. Review the flow data against each serveru2019s baseline communications profile.

B. Configure the server logs to collect unusual activity including failed logins and restarted services.

C. Correlate data loss prevention logs for anomalous communications from the server.

D. Setup a packet capture on the firewall to collect all of the server communications.

Answer: A

New Questions 18

When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.

Which of the following would impact the security of conferenceu2019s resources?

A. Wireless network security may need to be increased to decrease access of mobile devices.

B. Physical security may need to be increased to deter or prevent theft of mobile devices.

C. Network security may need to be increased by reducing the number of available physical network jacks.

D. Wireless network security may need to be decreased to allow for increased access of mobile devices.

Answer: C

New Questions 19

An administrator attempts to install the package "named.9.3.6-12-x86_64.rpm" on a server. Even though the package was downloaded from the official repository, the server states the package cannot be installed because no GPG key is found. Which of the following should the administrator perform to allow the program to be installed?

A. Download the file from the program publisher's website.

B. Generate RSA and DSA keys using GPG.

C. Import the repository's public key.

D. Run sha1sum and verify the hash.

Answer: C

New Questions 20

Due to cost and implementation time pressures, a security architect has allowed a NAS to be used instead of a SAN for a non-critical, low volume database. Which of the following would make a NAS unsuitable for a business critical, high volume database application that required a high degree of data confidentiality and data availability? (Select THREE).

A. File level transfer of data

B. Zoning and LUN security

C. Block level transfer of data

D. Multipath

E. Broadcast storms

F. File level encryption

G. Latency

Answer: A,E,G

New Questions 21

If a technician must take an employeeu2019s workstation into custody in response to an investigation, which of the following can BEST reduce the likelihood of related legal issues?

A. A formal letter from the companyu2019s president approving the seizure of the workstation.

B. A formal training and awareness program on information security for all company

A. managers.

C. A screen displayed at log in that informs users of the employeru2019s rights to seize, search, and monitor company devices.

D. A printout of an activity log, showing that the employee has been spending substantial time on non-work related websites.

Answer: C

New Questions 22

Some mobile devices are jail-broken by connecting via USB cable and then exploiting

software vulnerabilities to get kernel-level access. Which of the following attack types represents this scenario? (Select TWO).

A. Session management attack

B. Protocol fuzzing

C. Root-kit compromise

D. Physical attack

E. Privilege escalation

F. Man-in-the-middle

Answer: D,E

New Questions 23

A startup company offering software on demand has hired a security consultant to provide expertise on data security. The companyu2019s clients are concerned about data confidentiality. The security consultant must design an environment with data confidentiality as the top priority, over availability and integrity. Which of the following designs is BEST suited for this purpose?

A. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment to access the virtualized applications. A secret key kept by the startup encrypts the application virtual memory and data store.

B. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment and to access the virtualized applications. Each client has a common shared key, which encrypts the application virtual memory and data store.

C. Each client is assigned a set of virtual hosts running shared hardware. Physical storage is partitioned into LUNS and assigned to each client. MPLS technology is used to segment and encrypt each of the clientu2019s networks. PKI based remote desktop with hardware tokens is used by the client to connect to the application.

D. Each client is assigned a set of virtual hosts running shared hardware. Virtual storage is partitioned and assigned to each client. VLAN technology is used to segment each of the clientu2019s networks. PKI based remote desktop access is used by the client to connect to the application.

Answer: C

P.S. Easily pass CAS-002 Exam with Certleader Verified Dumps & pdf vce, Try Free: https://www.certleader.com/CAS-002-dumps.html (532 New Questions)