The Renew Guide To CAS-002 vce

New Questions 4

CORRECT TEXTAn administrator wants to install a patch to an application. Given the scenario, download, verify and install the patch in the most secure manner.

Instructions: The last install that is completed will be the final submission.

View Answer

New Questions 5

A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important?

A. Insecure direct object references, CSRF, Smurf

A. B. Privilege escalation, Application DoS, Buffer overflow

C. SQL injection, Resource exhaustion, Privilege escalation

D. CSRF, Fault injection, Memory leaks

View Answer

New Questions 6

ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE).

A. Establish a list of users that must work with each regulation

B. Establish a list of devices that must meet each regulation

C. Centralize management of all devices on the network

D. Compartmentalize the network

E. Establish a company framework

F. Apply technical controls to meet compliance with the regulation

View Answer

New Questions 7

Company policy requires that all company laptops meet the following baseline requirements:

Software requirements:

Antivirus Anti-malware Anti-spyware

Log monitoring

Full-disk encryption

Terminal services enabled for RDP Administrative access for local users

Hardware restrictions: Bluetooth disabled FireWire disabled WiFi adapter disabled

Ann, a web developer, reports performance issues with her laptop and is not able to access any network resources. After further investigation, a bootkit was discovered and it was trying to access external websites. Which of the following hardening techniques should be applied to mitigate this specific issue from reoccurring? (Select TWO).

A. Group policy to limit web access

B. Restrict VPN access for all mobile users

C. Remove full-disk encryption

D. Remove administrative access to local users

E. Restrict/disable TELNET access to network resources

F. Perform vulnerability scanning on a daily basis

G. Restrict/disable USB access

View Answer

New Questions 8

A security solutions architect has argued consistently to implement the most secure method of encrypting corporate messages. The solution has been derided as not being cost effective by other members of the IT department. The proposed solution uses symmetric keys to encrypt all messages and is very resistant to unauthorized decryption. The method also requires special handling and security for all key material that goes above and beyond most encryption systems.

Which of the following is the solutions architect MOST likely trying to implement?

A. One time pads

B. PKI

C. Quantum cryptography

D. Digital rights management

View Answer

New Questions 9

A company Chief Information Officer (CIO) is unsure which set of standards should govern

the companyu2021s IT policy. The CIO has hired consultants to develop use cases to test against various government and industry security standards. The CIO is convinced that there is large overlap between the configuration checks and security controls governing each set of standards. Which of the following selections represent the BEST option for the CIO?

A. Issue a RFQ for vendors to quote a complete vulnerability and risk management solution to the company.

B. Issue a policy that requires only the most stringent security standards be implemented throughout the company.

C. Issue a policy specifying best practice security standards and a baseline to be implemented across the company.

D. Issue a RFI for vendors to determine which set of security standards is best for the company.

View Answer

New Questions 10

News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit, network mapping and fingerprinting is conducted to prepare for further exploitation. Which of the following is the MOST effective

solution to protect against unrecognized malware infections?

A. Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology.

B. Implement an application whitelist at all levels of the organization.

C. Deploy a network based heuristic IDS, configure all layer 3 switches to feed data to the IDS for more effective monitoring.

D. Update router configuration to pass all network traffic through a new proxy server with advanced malware detection.

View Answer

New Questions 11

A senior network security engineer has been tasked to decrease the attack surface of the corporate network. Which of the following actions would protect the external network interfaces from external attackers performing network scanning?

A. Remove contact details from the domain name registrar to prevent social engineering attacks.

B. Test external interfaces to see how they function when they process fragmented IP packets.

C. Enable a honeynet to capture and facilitate future analysis of malicious attack vectors.

D. Filter all internal ICMP message traffic, forcing attackers to use full-blown TCP port

A. scans against external network interfaces.

View Answer

New Questions 12

A systems administrator establishes a CIFS share on a UNIX device to share data to

Windows systems. The security authentication on the Windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the UNIX share. Which of the following settings on the UNIX server would correct this problem?

A. Refuse LM and only accept NTLMv2

B. Accept only LM

C. Refuse NTLMv2 and accept LM

D. Accept only NTLM

View Answer

New Questions 13

An administrator has enabled salting for users' passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain passwords on the system? (Select TWO).

A. /etc/passwd

B. /etc/shadow

C. /etc/security

D. /etc/password

E. /sbin/logon

F. /bin/bash

View Answer