[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 101-110

Ensurepass

QUESTION 101

The security administrator reports that the physical security of the Ethernet network has been breached, but the fibre channel storage network was not breached. Why might this still concern the storage administrator? (Select TWO).

 

A.

The storage network uses FCoE.

B.

The storage network uses iSCSI.

C.

The storage network uses vSAN.

D.

The storage network uses switch zoning.

E.

The storage network uses LUN masking.

 

Correct Answer: AB

 

 

QUESTION 102

An administrator wants to integrate the Credential Security Support Provider (CredSSP) protocol network level authentication (NLA) into the remote desktop terminal services environment. Which of the following are supported authentication or encryption methods to use while implementing this? (Select THREE).

 

A.

Kerberos

B.

NTLM

C.

RADIUS

D.

TACACS+

E.

TLS

F.

HMAC

G.

Camellia

 

Correct Answer: ABE

 

 

QUESTION 103

An existing enterprise architecture included an enclave where sensitive research and development work was conducted. This network enclave also served as a storage location for proprietary corporate data and records. The initial security architect chose to protect the enclaveby restricting access to a single physical port on a firewall. All downstream network devices were isolated from the rest of the network and communicated solely through the single 100mbps firewall port. Over time, researchers connected devices on the protected enclave directly to external resources and corporate data stores. Mobile and wireless devices were also added to the enclave to support high speed data research. Which of the following BEST describes the process which weakened the security posture of the enclave?

 

A.

Emerging business requirements led to the de-perimiterization of the network.

B.

Emerging security threats rendered the existing architecture obsolete.

C.

The single firewall port was oversaturated with network packets.

D.

The shrinking of an overall attack surface due to the additional access.

 

Correct Answer: A

 

 

QUESTION 104

A Chief Information Security Officer (CISO) has been trying to eliminate some IT security risks for several months. These risks are not high profile but still exist. Furthermore, many of these risks have been mitigated with innovative solutions. However, at this point in time, the budget is insufficient to deal with the risks. Which of the following risk strategies should be used?

 

A.

Transfer the risks

B.

Avoid the risks

C.

Accept the risks

D.

Mitigate the risks

 

Correct Answer: C

 

 

QUESTION 105

Virtual hosts with different security requirements should be:

 

A.

encrypted with a one-time password.

B.

stored on separate physical hosts.

C.

moved to the cloud.

D.

scanned for vulnerabilities regularly.

 

Correct Answer: B

 

 

QUESTION 106

To prevent a third party from identifying a specific user as having previously accessed a service provider through an SSO operation, SAML uses which of the following?

 

A.

Transient identifiers

B.

SOAP calls

C.

Discovery profiles

D.

Security bindings

 

Correct Answer: A

 

 

QUESTION 107

A software vendor has had several zero-day attacks against its software, due to previously unknown security defects being exploited by attackers. The attackers have been able to perform operations at the same security level as the trusted application. The vendor product management team has decided to re-design the application with security as a priority. Which of the following is a design principle that should be used to BEST prevent these types of attacks?

 

A.

Application sandboxing

B.

Input validation

C.

Penetration testing

D.

Code reviews

 

Correct Answer: A

QUESTION 108

The security administrator has noticed a range of network problems affecting the proxy server. Based on reviewing the logs, the administrator notices that the firewall is being targeted with various web attacks at the same time that the network problems are occurring. Which of the following strategies would be MOST effective in conducting an in- depth assessment and remediation of the problems?

 

A.

1. Deploy an HTTP interceptor on the switch span port;

2. Adjust the external facing NIDS;

3. Reconfigure the firewall ACLs to block the all traffic above port 2000;

4. Verify the proxy server is configured correctly and hardened;

5. Review the logs weekly in the future.

B.

1. Deploy a protocol analyzer on the switch span port;

2. Adjust the internal HIDS;

3. Reconfigure the firewall ACLs to block outbound HTTP traffic;

4. Reboot the proxy server;

5. Continue to monitor the network.

C.

1. Deploy a protocol analyzer on the switch span port;

2. Adjust the external facing IPS;

3. Reconfigure the firewall ACLs to block unnecessary ports;

4. Verify the proxy server is configured correctly and hardened;

5. Continue to monitor the network.

D.

1. Deploy a network fuzzer on the switch span port;

2. Adjust the external facing IPS;

3. Reconfigure the proxy server to block the attacks;

4. Verify the firewall is configured correctly and hardened.

 

Correct Answer: C

 

 

QUESTION 109

Company A is merging with Company B. Company B uses mostly hosted services from an outside vendor, while Company A uses mostly in-house products.

 

The project manager of the merger states the merged systems should meet these goals:

 

clip_image002Ability to customi
ze systems per department

clip_image002[1]Quick implementation along with an immediate ROI

clip_image002[2]The internal IT team having administrative level control over all products

 

The project manager states the in-house services are the best solution. Because of staff shortages, the senior security administrator argues that security will be best maintained by continuing to use outsourced services.

 

Which of the following solutions BEST solves the disagreement?

 

A.

Raise the issue to the Chief Executive Officer (CEO) to escalate the decision to senior management with the recommendation to continue the outsourcing of all IT services.

B.

Calculate the time to deploy and support the in-sourced systems accounting for the staff shortage and compare the costs to the ROI costs minus outsourcing costs. Present the document numbers to management for a final decision.

C.

Perform a detailed cost benefit analysis of
outsourcing vs. in-sourcing the IT systems and review the system documentation to assess the ROI of in-sourcing. Select COTS products to eliminate development time to meet the ROI goals.

D.

Arrange a meeting between the project manager and the senior security administrator to review the requirements and determine how critical all the requirements are.

 

Correct Answer: B

 

 

QUESTION 110

Which of the following is a security advantage of single sign-on? (Select TWO).

 

A.

Users only have to remember one password.

B.

Applications need to validate authentication tokens.

C.

Authentication is secured by the certificate authority.

D.

Less time and complexity removing user access.

E.

All password transactions are encrypted.

 

Correct Answer: AD

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.