[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 11-20

Ensurepass

QUESTION 11

Which of the following attacks does Unicast Reverse Path Forwarding prevent?

 

A.

Man in the Middle

B.

ARP poisoning

C.

Broadcast storm

D.

IP Spoofing

 

Correct Answer: D

 

 

QUESTION 12

The IT department of a large telecommunications company has developed and finalized a set of security solutions and policies which have been appr
oved by upper management for deployment within the company. During the development of the security solutions and policies, the FIRST thing the IT department should have done was:

 

A.

contact vendor management so the RFI and RFP process can be started as soon as possible.

B.

contact an independent consultant who can tell them what policies and solutions they need.

C.

discuss requirements with stakeholders from the various internal departments.

D.

involve facilities management early in the project so they can plan for the new security hardware in the data center.

 

Correct Answer: C

 

 

QUESTION 13

A security analyst at Company A has been trying to convince the Information Security Officer (ISO) to allocate budget towards the purchase of a new intrusion prevention system (IPS) capable of analyzing encrypted web transactions. Which of the following should the analyst provide to the ISO to support the request? (Select TWO).

 

A.

Emerging threat reports

B.

Company attack tends

C.

Request for Quote (RFQ)

D.

Best practices

E.

New technologies report

 

Correct Answer: AB

 

 

QUESTION 14

Which of the following authentication types is used primarily to authenticate users through the use of tickets?

 

A.

LDAP

B.

RADIUS

C.

TACACS+

D.

Kerberos

 

Correct Answer: D

 

 

QUESTION 15

Within a large organization, the corporate security policy states that personal electronic devices are not allowed to be placed on the company network. There is considerable pressure from thecompany board to allow smartphones to connect and synchronize email and calendar items of board members and company executives. Which of the following options BEST balances the security and usability requirements of the executive management team?

 

A.

Allow only the executive management team the ability to use personal devices on the company network, as they have important responsibilities and need convenient access.

B.

Review the security policy. Perform a risk evaluation of allowing devices that can be centrally managed, remotely disabled, and have device-level encryption of sensitive data.

C.

Stand firm on disallowing non-company assets from connecting to the network as the assets may lead to undesirable security consequences, such as sensitive emails being leaked outside the company.

D.

Allow only certain devices that are known to have the ability of being centrally managed. Do not allow any other smartphones until the device is proven to be centrally managed.

 

Correct Answer: B

 

 

QUESTION 16

A company has asked their network engineer to list the major advantages for implementing a virtual environment in regards to cost. Which of the following would MOST likely be selected?

 

A.

Ease of patch testing

B.

Reducing physical footprint

C.

Reduced network traffic

D.

Isolation of applications

 

Correct Answer: B

 

 

QUESTION 17

A manufacturing company is having issues with unauthorized access and modification of the controls operating the production equipment. A communication requirement is to allow the free flow of data between all network segments at the site. Which of the following BEST remediates the issue?

 

A.

Implement SCADA security measures.

B.

Implement NIPS to prevent the unauthorized activity.

C.

Implement an AAA solution.

D.

Implement a firewall to restrict access to only a single management station.

 

Correct Answer: C

 

 

 

 

 

QUESTION 18

The Chief Executive Officer (CEO) of a corporation decided to move all email to a cloud computing environment. The Chief Information Security Officer (CISO) was told to research the risk involved in this environment. Which of the following measures should be implemented to minimize the risk of hosting email in the cloud?

 

A.

Remind users that all emails with sensitive information need be encrypted and physically inspect the cloud computing.

B.

Ensure logins are over an encrypted channel and obtain an NDA and an SLA from the cloud provider.

C.

Ensure logins are over an encrypted channel and remind users to encrypt all emails that contain sensitive information.

D.

Obtain an NDA from the cloud provider and remind users that all emails with sensitive information need be encrypted.

 

Correct Answer: B

 

 

QUESTION 19

Several critical servers are unresponsive after an update was installed. Other computers that have not yet received the same update are operational, but are vulnerable to certain buffer overflow attacks. The security administrator is required to ensure all systems have the latest updates while minimizing any downtime. Which of the following is the BEST risk mitigation strategy to use to ensure a system is properly updated and operational?

 

A.

Distributed patch management system where all systems in production are patched as updates are released.

B.

Central patch management system where all systems in production are patched by automatic updates as they are released.

C.

Central patch management system where all updates are tested in a lab environment after being installed on a live production system.

D.

Distributed patch management system where all updates are tested in a lab environment prior to being installed on a live production system.

 

Correct Answer: D

 

 

QUESTION 20

A security administrator needs a secure computing solution to use for all of the company’s security audit log storage, and to act as a central server to execute security functions from. Which of the following is the BEST option for the server in this scenario?

 

A.

A hardened Red Hat Enterprise Linux implementation running a software firewall

B.

Windows 7 with a secure domain policy and smartcard based authentication

C.

A hardened bastion host with a permit all policy implemented in a software firewall

D.

Solaris 10 with trusted extensions or SE Linux with a trusted policy

 

Correct Answer: D

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.