Tips to Pass CAS-002 Exam (10 to 19)

Download of CAS-002 free draindumps materials and answers for CompTIA certification for candidates, Real Success Guaranteed with Updated CAS-002 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP) exam Today!

2018 NEW RECOMMEND

Free VCE & PDF File for CompTIA CAS-002 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/CAS-002-dumps.html

P.S. Download CAS-002 answers are available on Google Drive, GET MORE: https://drive.google.com/open?id=1o83EG0ADisGFtGQxvx-BzUZbRUif5wko

New CompTIA CAS-002 Exam Dumps Collection (Question 10 – Question 19)

Q10. A health service provider is considering the impact of allowing doctors and nurses access to the internal email system from their personal smartphones. The Information Security Officer (ISO) has received a technical document from the security administrator explaining that the current email system is capable of enforcing security policies to personal smartphones, including screen lockout and mandatory PINs. Additionally, the system is able to remotely wipe a phone if reported lost or stolen. Which of the following should the Information Security Officer be MOST concerned with based on this scenario? (Select THREE).

A. The email system may become unavailable due to overload.

B. Compliance may not be supported by all smartphones.

C. Equipment loss, theft, and data leakage.

D. Smartphone radios can interfere with health equipment.

E. Data usage cost could significantly increase.

F. Not all smartphones natively support encryption.

G. Smartphones may be used as rogue access points.

Answer: B,C,F

Q11. A data processing server uses a Linux based file system to remotely mount physical disks on a shared SAN. The server administrator reports problems related to processing of files where the file appears to be incompletely written to the disk. The network administration team has conducted a thorough review of all network infrastructure and devices and found everything running at optimal performance. Other SAN customers are unaffected. The data being processed consists of millions of small files being written to disk from a network source one file at a time. These files are then accessed by a local Java program for processing before being transferred over the network to a SE Linux host for processing. Which of the following is the MOST likely cause of the processing problem?

A. The administrator has a PERL script running which disrupts the NIC by restarting the CRON process every 65 seconds.

B. The Java developers accounted for network latency only for the read portion of the processing and not the write process.

C. The virtual file system on the SAN is experiencing a race condition between the reads and writes of network files.

D. The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors.

Answer: D

Q12. An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability?

A. Source code vulnerability scanning

B. Time-based access control lists

C. ISP to ISP network jitter

D. File-size validation

E. End to end network encryption

Answer: B

Q13. A University uses a card transaction system that allows students to purchase goods using their student ID. Students can put money on their ID at terminals throughout the campus. The security administrator was notified that computer science students have been using the network to illegally put money on their cards. The administrator would like to attempt to reproduce what the students are doing. Which of the following is the BEST course of action?

A. Notify the transaction system vendor of the security vulnerability that was discovered.

B. Use a protocol analyzer to reverse engineer the transaction systemu2019s protocol.

C. Contact the computer science students and threaten disciplinary action if they continue their actions.

D. Install a NIDS in front of all the transaction system terminals.

Answer: B

Q14. The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the routeru2019s external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the companyu2019s external routeru2019s IP which is 128.20.176.19:

11:16:22.110343 IP 90.237.31.27.19 > 128.20.176.19.19: UDP, length 1400

11:16:22.110351 IP 23.27.112.200.19 > 128.20.176.19.19: UDP, length 1400

11:16:22.110358 IP 192.200.132.213.19 > 128.20.176.19.19: UDP, length 1400

11:16:22.110402 IP 70.192.2.55.19 > 128.20.176.19.19: UDP, length 1400

11:16:22.110406 IP 112.201.7.39.19 > 128.20.176.19.19: UDP, length 1400

Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration?

A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the companyu2019s ISP should be contacted and instructed to block the malicious packets.

B. After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.

C. After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks.

D. After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the companyu2019s external router to block incoming UDP port 19 traffic.

Answer: A

Q15. After three vendors submit their requested documentation, the CPO and the SPM can better understand what each vendor does and what solutions that they can provide. But now they want to see the intricacies of how these solutions can adequately match the

requirements needed by the firm. Upon the directive of the CPO, the CISO should submit which of the following to the three submitting firms?

A. A T&M contract

B. An RFP

C. A FFP agreement

D. A new RFQ

Answer: B

Q16. A security manager is developing new policies and procedures. Which of the following is a best practice in end user security?

A. Employee identity badges and physical access controls to ensure only staff are allowed onsite.

B. A training program that is consistent, ongoing, and relevant.

C. Access controls to prevent end users from gaining access to confidential data.

D. Access controls for computer systems and networks with two-factor authentication.

Answer: B

Q17. The security administrator at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years. The security administrator is only able to find one yearu2019s worth of email records on the server and is now concerned about the possible legal implications of not complying with the request. Which of the following should the security administrator check BEFORE responding to the request?

A. The company data privacy policies

B. The company backup logs and archives

C. The company data retention policies and guidelines

D. The company data retention procedures

Answer: B

Q18. Company XYZ has transferred all of the corporate servers, including web servers, to a cloud hosting provider to reduce costs. All of the servers are running unpatched, outdated versions of Apache. Furthermore, the corporate financial data is also hosted by the cloud services provider, but it is encrypted when not in use. Only the DNS server is configured to audit user and administrator actions and logging is disabled on the other virtual machines. Given this scenario, which of the following is the MOST significant risk to the system?

A. All servers are unpatched and running old versions.

B. Financial data is processed without being encrypted.

C. Logging is disabled on critical servers.

D. Server services have been virtualized and outsourced.

Answer: A

Q19. A business owner has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently implemented a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation?

A. The business owner is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.

B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.

C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the business owner.

D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.

Answer: D

Recommend!! Get the Download CAS-002 dumps in VCE and PDF From Thedumpscentre, Welcome to download: http://www.thedumpscentre.com/CAS-002-dumps/ (New 532 Q&As Version)