[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 171-180

Ensurepass

QUESTION 171

The new security policy states that only authorized software will be allowed on the corporate network and all personally owned equipment needs to be configured by the IT security staff before being allowed on the network. The security administrator creates standard images with all the required software and proper security controls. These images are required to be loaded on all personally owned equipment prior to connecting to the corporate network. These measures ensure compliance with the new security policy. Which of the following security risks still needs to be addressed in this scenario?

 

A.

An employee copying gigabytes of personal video files from the employee’s personal laptop to their company desktop to share files.

B.

An employee connecting their personal laptop to use a non-company endorsed accounting application that the employee used at a previous company.

C.

An employee using a corporate FTP application to transfer customer lists and other proprietary files to an external computer and selling them to a competitor.

D.

An employee accidentally infecting the network with a virus by connecting a USB drive to the employee’s personal laptop.

 

Correct Answer: C

 

 

 

 

 

 

 

QUESTION 172

Company ABC has a 100Mbps fiber connection from headquarters to a remote office 200km (123 miles) away. This connection is provided by the local cable television company. ABC would like to extend a secure VLAN to the remote office, but the cable company says this is impossible since they already use VLANs on their internal network. Which of the following protocols should the cable company be using to allow their customers to establish VLANs to other sites?

 

A.

IS-IS

B.

EIGRP

C.

MPLS

D.

802.1q

 

Correct Answer: C

 

 

QUESTION 173

The root cause analysis of a recent security incident reveals that an attacker accessed a printer from the Internet. The attacker then accessed the print server, using the printer as a launch pad for a shell exploit. The print server logs show that the attacker was able to exploit multiple accounts, ultimately launching a successful DoS attack on the domain controller. Defending against which of the following attacks should form the basis of the incident mitigation plan?

 

A.

DDoS

B.

SYN flood

C.

Buffer overflow

D.

Privilege escalation

 

Correct Answer: D

 

 

QUESTION 174

Company A is trying to implement controls to reduce costs and time spent on litigation.

 

To accomplish this, Company A has established several goals:

 

clip_image002Prevent data breaches from lost/stolen assets

clip_image002[1]Reduce time to fulfill e-discovery requests

clip_image002[2]Prevent PII from leaving the network

clip_image002[3]Lessen the network perimeter attack surface

clip_image002[4]Reduce internal fraud

 

Which of the following solutions accomplishes the MOST of these goals?

 

A.

Implement separation of duties; enable full encryption on USB devices and cell phones, allow cell phones to remotely connect to e-mail and network VPN, enforce a 90 day data retention policy.

B.

Eliminate VPN access from remote devices. Restrict junior administrators to read-only shell access on network devices. Install virus scanning and SPAM filtering. Harden all servers with trusted OS extensions.

C.

Create a change control process with stakeholder review board, implement separation of duties and mandatory vacation, create regular SAN snapshots, enable GPS tracking on all cell phones and laptops, and fully encrypt all email in transport.

D.

Implement outgoing mail sanitation and incoming SPAM filtering. Allow VPN for mobile devices; cross train managers in multiple disciplines, ensure all corporate USB drives are provided by Company A and de-duplicate all server storage.

 

Correct Answer: A

 

 

QUESTION 175

Capital Reconnaissance, LLC is building a brand new research and testing location, and the physical security manager wants to deploy IP-based access control and video surveillance. These two systems are essential for keeping the building open for operations. Which of the following controls should the security administrator recommend to determine new threats against the new IP-based access control and video surveillance systems?

 

A.

Develop a network traffic baseline for each of the physical security systems.

B.

Air gap the physical security networks from the administrative and operational networks.

C.

Require separate non-VLANed networks and NIPS for each physical security system network.

D.

Have the Network Operations Center (NOC) review logs and create a CERT to respond to breaches.

 

Correct Answer: A

 

 

QUESTION 176

The Chief Executive Officer (CEO) has asked a security project manager to provide recommendations on the breakout of tasks for the development of a new product. The CEO thinks that by assigning areas of work appropriately the overall security of the product will be increased, because staff will focus on their areas of expertise. Given the below groups and tasks select the BEST list of assignments.

 

Groups: Networks, Development, Project Management, Security, Systems Engineering, Testing

Tasks: Decomposing requirements, Secure coding standards, Code stability, Functional validation, Stakeholder engagement, Secure transport

 

A.

Systems Engineering. Decomposing requirements

Development: Secure coding standards

Testing. Code stability

Project Management: Stakeholder engagement

Security: Secure transport

Networks: Functional validation

B.

Systems Engineering. Decomposing requirements

Development: Code stability

Testing. Functional validation

Project Management: Stakeholder engagement

Security: Secure coding standards

Networks: Secure transport

C.

Systems Engineering. Functional validation

Development: Stakeholder engagement

Testing. Code stability

Project Management: Decomposing requirements

Security: Secure coding standards

Networks: Secure transport

D.

Systems Engineering. Decomposing requirements

Development: Stakeholder engagement

Testing. Code stability

Project Management: Functional validation

Security: Secure coding standards

Networks: Secure transport

 

Correct Answer: B

 

 

QUESTION 177

Which of the following potential vulnerabilities exists in the following code snippet?

 

var myEmail = document.getElementById(“formInputEmail”).value;

 

if (xmlhttp.readyState==4 && xmlhttp.status==200)

 

{

 

Document.getElementById(“profileBox”).innerHTML = “Emails will be sent to ” + myEmail + xmlhttp.responseText;

 

}

 

A.

Javascript buffer overflow

B.

AJAX XHR weaknesses

C.

DOM-based XSS

D.

JSON weaknesses

 

Correct Answer: C

 

 

QUESTION 178

The IT Manager has mandated that an extensible markup language be implemented which can be used to exchange provisioning requests and responses for account creation. Which of the following is BEST able to achieve this?

 

A.

XACML

B.

SAML

C.

SOAP

D.

SPML

 

Correct Answer: D

 

 

QUESTION 179

A company has recently implemented a video conference solution that uses the H.323 protocol. The security engineer is asked to make recommendations on how to secure video conferences to protect confidentiality. Which of the following should the security engineer recommend?

 

A.

Implement H.235 extensions with DES to secure the audio and video transport.

B.

Recommend moving to SIP and RTP as those protocols are inherently secure.

C.

Recommend implementing G.711 for the audio channel and H.264 for the video.

D.

Encapsulate the audio channel in the G.711 codec rather than the unsecured Speex.

 

Correct Answer: A

 

 

QUESTION 180

As part of a new wireless implementation, the Chief Information Officer’s (CIO’s) main objective is to immediately deploy a system that supports the 802.11r standard, which will help wireless VoIP devices in moving vehicles. However, the 802.11r standard was not ratified by the IETF. The wireless vendor’s products do support the pre-ratification version of 802.11r. The security and network administrators have tested the product and do not see any security or compatibility issues; however, they are concerned that the standard is not yet final. Which of the following is the BEST way to proceed?

 

A.

Purchase the equipment now, but do not use 802.11r until the standard is ratified.

B.

Do not purchase the equipment now as the client devices do not yet support 802.11r.

C.

Purchase the equipment now, as long as it will be firmware upgradeable to the final 802.11r standard.

D.

Do not purchase the equipment now; delay the implementation until the IETF has ratified the final 802.11r standard.

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.