[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 111-120

Ensurepass

QUESTION 111

After a system update causes significant downtime, the Chief Information Security Officer (CISO) asks the IT manager who was responsible for the update. The IT manager responds that it is impossible to know who did the update since five different people have administrative access. How should the IT manager increase accountability to prevent this situation from reoccurring? (Select TWO).

 

A.

Implement an enforceable change management system.

B.

Implement a software development life cycle policy.

C.

Enable user level auditing on all servers.

D.

Implement a federated identity management system.

E.

Configure automatic updates on all servers.

 

Correct Answer: AC

 

 

QUESTION 112

A financial institution has decided to purchase a very expensive resource management system and has selected the product and vendor. The vendor is experiencing some minor, but public, legal issues. Senior management has some concerns on maintaining this system should the vendor go out of business. Which of the following should the Chief Information Security Officer (CISO) recommend to BEST limit exposure?

 

A.

Include a source code escrow clause in the contract for this system.

B.

Require proof-of-insurance by the vendor in the RFP for this system.

C.

Include a penalty clause in the contract for this system.

D.

Require on-going maintenance as part of the SLA for this system.

 

Correct Answer: A

 

 

 

 

 

 

QUESTION 113

Unit testing for security functionality and resiliency to attack, as well as developing secure code and exploit mitigation, occur in which of the following phases of the Secure Software Development Lifecycle?

 

A.

Secure Software Requirements

B.

Secure Software Implementation

C.

Secure Software Design

D.

Software Acceptance

 

Correct Answer: B

 

 

QUESTION 114

Company GHI consolidated their network distribution so twelve network VLANs would be available over dual fiber links to a modular L2 switch in each of the company’s six IDFs. The IDF modular switches have redundant switch fabrics and power supplies. Which of the following threats will have the GREATEST impact on the network and what is the appropriate remediation step?

 

A.

Threat: 802.1q trunking attack

Remediation: Enable only necessary VLANs for each port

B.

Threat: Bridge loop

Remediation: Enable spanning tree

C.

Threat: VLAN hopping

Remediation: Enable only necessary VLANs for each port

D.

Threat: VLAN hopping

Remediation: Enable ACLs on the IDF switch

 

Correct Answer: B

 

 

QUESTION 115

An administrator would like to connect a server to a SAN. Which of the following processes would BEST allow for availability and access control?

 

A.

Install a dual port HBA on the SAN, create a LUN on the server, and enable deduplication and data snapshots.

B.

Install a multipath LUN on the server with deduplication, and enable LUN masking on the SAN.

C.

Install 2 LUNs on the server, cluster HBAs on the SAN, and enable multipath and data deduplication.

D.

Install a dual port HBA in the server; create a LUN on the SAN, and enable LUN masking and multipath.

 

Correct Answer: D

 

 

 

 

 

 

 

 

 

QUESTION 116

An administrator notices the following file in the Linux server’s /tmp directory.

 

-rwsr-xr-x. 4 root root 234223 Jun 6 22:52 bash*

 

Which of the following should be done to prevent further attacks of this nature?

 

A.

Never mount the /tmp directory over NFS

B.

Stop the rpcidmapd service from running

C.

Mount all tmp directories nosuid, noexec

D.

Restrict access to the /tmp directory

 

Correct Answer: C

 

 

QUESTION 117

A new vendor product has been acquired to replace a legacy perimeter security product. There are significant time constraints due to the existing solution nearing end-of-life with no options for extended support. It has been emphasized that only essential activities be performed. Which of the following sequences BEST describes the order of activities when balancing security posture and time constraints?

 

A.

Install the new solution, migrate to the new solution, and test the new solution.

B.

Purchase the new solution, test the new solution, and migrate to the new solution.

C.

Decommission the old solution, install the new solution, and test the new solution.

D.

Test the new solution, migrate to the new solution, and decommission the old solution.

 

Correct Answer: D

 

 

QUESTION 118

A bank has just outsourced the security department to a consulting firm, but retained the security architecture group. A few months into the contract the bank discovers that the consulting firm has sub-contracted some of the security functions to another provider. Management is pressuring the sourcing manager to ensure adequate protections are in place to insulate the bank from legal and service exposures. Which of the following is the MOST appropriate action to take?

 

A.

Directly establish another separate service contract with the sub-contractor to limit the risk exposure and legal implications.

B.

Ensure the consulting firm has service agreements with the sub-contractor; if the agreement does not exist, exit the contract when possible.

C.

Log it as a risk in the business risk register and pass the risk to the consulting firm for acceptance and responsibility.

D.

Terminate the contract immediately and bring the security department in-house again to reduce legal and regulatory exposure.

 

Correct Answer: B

 

 

 

 

 

 

 

QUESTION 119

A legacy system is not scheduled to be decommissioned for two years and requires the use of the standard Telnet protocol. Which of the following should be used to mitigate the security risks of this system?

 

A.

Migrate the system to IPv6.

B.

Migrate the system to RSH.

C.

Move the system to a secure VLAN.

D.

Use LDAPs for authentication.

 

Correct Answer: C

 

 

QUESTION 120

A newly-hired Chief Information Security Officer (CISO) is faced with improving security for a company with low morale and numerous disgruntled employees. After reviewing the situation for several weeks the CISO publishes a more comprehensive security policy with associated standards. Which of the following issues could be addressed through the use of technical controls specified in the new security policy?

 

A.

Employees publishing negative information and stories about company management on social network sites and blogs.

B.

An employee remotely configuring the email server at a relative’s company during work hours.

C.

Employees posting negative comments about the company from personal phones and PDAs.

D.

External parties cloning some of the company’s externally facing web pages and creating look-alike sites.

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.