The Secret of CompTIA CAS-002 exam dumps

Question No: 13

A small company hosting multiple virtualized client servers on a single host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage solution. Which of the following is the hosting company MOST likely trying to achieve?

A. Increased customer data availability

B. Increased customer data confidentiality

C. Increased security through provisioning

D. Increased security through data integrity

View Answer

Question No: 14

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy. Which of the following are true statements? (Select TWO).

A. The X509 V3 certificate was issued by a non trusted public CA.

B. The client-server handshake could not negotiate strong ciphers.

C. The client-server handshake is configured with a wrong priority.

D. The client-server handshake is based on TLS authentication.

E. The X509 V3 certificate is expired.

F. The client-server implements client-server mutual authentication with different certificates.

View Answer

Question No: 15

A business unit of a large enterprise has outsourced the hosting and development of a new external website which will be accessed by premium customers, in order to speed up the time to market timeline. Which of the following is the MOST appropriate?

A. The external party providing the hosting and website development should be obligated under contract to provide a secure service which is regularly tested (vulnerability and penetration). SLAs should be in place for the resolution of newly identified vulnerabilities and a guaranteed uptime.

B. The use of external organizations to provide hosting and web development services is not recommended as the costs are typically higher than what can be achieved internally. In addition, compliance with privacy regulations becomes more complex and guaranteed uptimes are difficult to track and measure.

C. Outsourcing transfers all the risk to the third party. An SLA should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.

D. Outsourcing transfers the risk to the third party, thereby minimizing the cost and any legal obligations. An MOU should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.

View Answer

Question No: 16

An administrator attempts to install the package "named.9.3.6-12-x86_64.rpm" on a server. Even though the package was downloaded from the official repository, the server states the package cannot be installed because no GPG key is found. Which of the following should the administrator perform to allow the program to be installed?

A. Download the file from the program publisher's website.

B. Generate RSA and DSA keys using GPG.

C. Import the repository's public key.

D. Run sha1sum and verify the hash.

View Answer

Question No: 17

A university Chief Information Security Officer is analyzing various solutions for a new project involving the upgrade of the network infrastructure within the campus. The campus has several dorms (two-four person rooms) and administrative buildings. The network is currently setup to provide only two network ports in each dorm room and ten network ports per classroom. Only administrative buildings provide 2.4 GHz wireless coverage.

The following three goals must be met after the new implementation:

1. Provide all users (including students in their dorms) connections to the Internet.

2. Provide IT department with the ability to make changes to the network environment to improve performance.

3. Provide high speed connections wherever possible all throughout campus including sporting event areas.

Which of the following risk responses would MOST likely be used to reduce the risk of network outages and financial expenditures while still meeting each of the goals stated above?

A. Avoid any risk of network outages by providing additional wired connections to each

A. user and increasing the number of data ports throughout the campus.

B. Transfer the risk of network outages by hiring a third party to survey, implement and manage a 5.0 GHz wireless network.

C. Accept the risk of possible network outages and implement a WLAN solution to provide complete 5.0 GHz coverage in each building that can be managed centrally on campus.

D. Mitigate the risk of network outages by implementing SOHO WiFi coverage throughout the dorms and upgrading only the administrative buildings to 5.0 GHz coverage using a one for one AP replacement.

View Answer

Question No: 18

A company is preparing to upgrade its NIPS at five locations around the world. The three platforms the team plans to test, claims to have the most advanced features and lucrative pricing.

Assuming all platforms meet the functionality requirements, which of the following methods should be used to select the BEST platform?

A. Establish return on investment as the main criteria for selection.

A. B. Run a cost/benefit analysis based on the data received from the RFP.

C. Evaluate each platform based on the total cost of ownership.

D. Develop a service level agreement to ensure the selected NIPS meets all performance requirements.

View Answer

Question No: 19

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability?

A. Source code vulnerability scanning

B. Time-based access control lists

C. ISP to ISP network jitter

D. File-size validation

E. End to end network encryption

View Answer

Question No: 20

An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendoru2021s RFP responses is in-line with the security and other requirements. Which of the following should the security administrator do to ensure the firewall platform is appropriate for the Association?

A. Correlate current industry research with the RFP responses to ensure validity.

B. Create a lab environment to evaluate each of the three firewall platforms.

C. Benchmark each firewall platformu2021s capabilities and experiences with similar sized companies.

D. Develop criteria and rate each firewall platform based on information in the RFP responses.

View Answer

Question No: 21

The IT Security Analyst for a small organization is working on a customeru2021s system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion?

A. Contact the local authorities so an investigation can be started as quickly as possible.

B. Shut down the production network interfaces on the server and change all of the DBMS account passwords.

C. Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed.

D. Refer the issue to management for handling according to the incident response process.

View Answer

Question No: 22

Warehouse users are reporting performance issues at the end of each month when trying to access cloud applications to complete their end of the month financial reports. They have no problem accessing those applications at the beginning of the month.

Network information:

DMZ network u2013 192.168.5.0/24 VPN network u2013 192.168.1.0/24 Datacenter u2013 192.168.2.0/24 User network - 192.168.3.0/24

HR network u2013 192.168.4.0/24 Warehouse network u2013 192.168.6.0/24 Finance network 192.168.7.0/24

Traffic shaper configuration:

VLAN Bandwidth limit (Mbps) VPN50

User175 HR220

Finance230 Warehouse75 Guest50

External firewall allows all networks to access the Internet. Internal Firewall Rules:

ActionSourceDestination Permit192.168.1.0/24192.168.2.0/24 Permit192.168.1.0/24192.168.3.0/24 Permit192.168.1.0/24192.168.5.0/24 Permit192.168.2.0/24192.168.1.0/24 Permit192.168.3.0/24192.168.1.0/24 Permit192.168.5.0/24192.168.1.0/24 Permit192.168.4.0/24192.168.7.0/24 Permit192.168.7.0/24192.168.4.0/24

Permit192.168.7.0/24any Deny192.168.4.0/24any Deny192.168.1.0/24192.168.4.0/24

Denyanyany

Which of the following restrictions is the MOST likely cause?

A. Bandwidth limit on the traffic shaper for the finance department

B. Proxy server preventing the warehouse from accessing cloud applications

C. Deny statements in the firewall for the warehouse network

D. Bandwidth limit on the traffic shaper for the warehouse department

View Answer