[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 191-200

Ensurepass

QUESTION 191

A security architect is seeking to outsource company server resources to a commercial cloud service provider. The provider under consideration has a reputation for poorly controlling physical access to datacenters and has been the victim of multiple social engineering attacks. The service provider regularly assigns VMs from multiple clients to the same physical resources. When conducting the final risk assessment which of the following should the security architect take into consideration?

 

A.

The ability to implement user training programs for the purpose of educating internal staff about the dangers of social engineering.

B.

The cost of resources required to relocate services in the event of resource exhaustion on a particular VM.

C.

The likelihood a malicious user will obtain proprietary information by gaining local access to the hypervisor platform.

D.

Annual loss expectancy resulting from social engineering attacks against the cloud service provider affecting corporate network infrastructure.

 

Correct Answer: C

 

 

QUESTION 192

An administrator is troubleshooting availability issues on a FCoE based storage array that uses deduplication. An administrator has access to the raw data from the SAN and wants to restore the data to different hardware. Which of the following issues may potentially occur?

 

A.

The existing SAN may be read-only.

B.

The existing SAN used LUN masking.

C.

The new SAN is not FCoE based.

D.

The data may not be in a usable format.

 

Correct Answer: D

 

 

QUESTION 193

When authenticating over HTTP using SAML, which of the following is issued to the authenticating user?

 

A.

A symmetric key

B.

A PKI ticket

C.

An X.509 certificate

D.

An assertion ticket

 

Correct Answer: D

 

 

QUESTION 194

An employee of a company files a complaint with a security administrator. While sniffing network traffic, the employee discovers that financially confidential emails were passing between two warehouse users. The two users deny sending confidential emails to each other. Which of the following security practices would allow for non-repudiation and prevent network sniffers from reading the confidential mail? (Select TWO).

 

A.

Transport encryption

B.

Authentication hashing

C.

Digital signature

D.

Legal mail hold

E.

TSIG code signing

 

Correct Answer: AC

 

 

 

 

QUESTION 195

In order to reduce cost and improve employee satisfaction, a large corporation has decided to allow personal communication devices to access email and to remotely connect to the corporate network. Which of the following security measures should the IT organization implement? (Select TWO).

 

A.

A device lockdown according to policies

B.

An IDS on the internal networks

C.

A data disclosure policy

D.

A privacy policy

E.

Encrypt data in transit for remote access

 

Correct Answer: AE

 

 

QUESTION 196

The security administrator at `company.com’ is reviewing the network logs and notices a new UDP port pattern where the amount of UDP port 123 packets has increased by 20% above the baseline. The administrator runs a packet capturing tool from a server attached to a SPAN port and notices the following:

 

UDP 192.168.0.1:123 -> 172.60.3.0:123

 

UDP 192.168.0.36:123 -> time.company.com

 

UDP 192.168.0.112:123 -> 172.60.3.0:123

 

UDP 192.168.0.91:123 -> time.company.com

 

UDP 192.168.0.211:123 -> 172.60.3.0:123

 

UDP 192.168.0.237:123 -> time.company.com

 

UDP 192.168.0.78:123 -> 172.60.3.0:123

 

The corporate HIPS console reports an MD5 hash mismatch on the svchost.exe file of the following computers:

 

192.168.0.1

 

192.168.0.112

 

192.168.0.211

 

192.168.0.78

 

Which of the following should the security administrator report to upper management based on the above output?

 

A.

An NTP client side attack successfully exploited some hosts.

B.

A DNS cache poisoning successfully exploited some hosts.

C.

An NTP server side attack successfully exploited some hosts.

D.

A DNS server side attack successfully exploited some hosts.

 

Correct Answer: A

 

 

QUESTION 197

Company XYZ has invested an increasing amount in security due to the changing threat landscape. The company is going through a cost cutting exercise and the Chief Financial Officer (CFO) has queried the security budget allocated to the Chief Information Security Officer (CISO). At the same time, the CISO is actively promoting business cases for additional funding to support new initiatives. These initiatives will mitigate several security incidents that have occurred due to ineffective controls. A security advisor is engaged to assess the current controls framework and to provide recommendations on whether preventative, detective, or corrective controls should be implemented. How should the security advisor respond when explaining which controls to implement?

 

A.

Preventative controls are useful before an event occurs, detective controls are useful during an event, and corrective controls are useful after an event has occurred. A combination of controls can be used.

B.

Corrective controls are more costly to implement, but are only needed for real attacks or high value assets; therefore, controls should only be put in place after a real attack has occurred.

C.

Detective controls are less costly to implement than preventative controls; therefore, they should be encouraged wherever possible. Corrective controls are used during an event or security incident. Preventative controls are hard to achieve in practice due to current market offerings.

D.

Always advise the use of preventative controls as this will prevent security incidents from occurring in the first place. Detective and corrective controls are redundant compensating controls and are not required if preventative controls are implemented.

 

Correct Answer: A

 

 

QUESTION 198

After a recent outbreak of malware attacks, the Chief Information Officer (CIO) tasks the new security manager with determining how to keep these attacks from reoccurring. The company has a standard image for all laptops/workstations and uses a host-based firewall and anti-virus. Which of the following should the security manager suggest to INCREASE each system’s security level?

 

A.

Upgrade all system’s to use a HIPS and require daily anti-virus scans.

B.

Conduct a vulnerability assessment of the standard image and remediate findings.

C.

Upgrade the existing NIDS to NIPS and deploy the system across all network segments.

D.

Rebuild the standard image and require daily anti-virus scans of all PCs and laptops.

 

Correct Answer: B

 

 

QUESTION 199

Which of the following is a security concern with deploying COTS products within the network?

 

A.

It is difficult to verify the security of COTS code because the source is available to the customer and it takes significant man hours to sort through it.

B.

COTS software often provides the source code as part of the licensing agreement and it becomes the company’s responsibility to verify the security.

C.

It is difficult to verify the security of COTS code because the source is not available to the customer in many cases.

D.

COTS source code is readily available to the customer in many cases which opens the customer’s network to both internal and external attacks.

Correct Answer: C

 

 

QUESTION 200

A company has a primary DNS server at address 192.168.10.53 and a secondary server at 192.168.20.53. An administrator wants to secure a company by only allowing secure zone transfers to the secondary server. Which of the following should appear in the primary DNS configuration file to accomplish this?

 

A.

key company-key.{

algorithm hmac-rc4;

secret “Hdue8du9jdknkhdoLksdlkeYEIks83K=”;

};

allow transfer { 192.168.20.53; }

B.

key company-key.{

algorithm hmac-md5;

secret “Hdue8du9jdknkhdoLksdlkeYEIks83K=”;

};

allow transfer { 192.168.10.53; }

C.

key company-key.{

algorithm hmac-md5;

secret “Hdue8du9jdknkhdoLksdlkeYEIks83K=”;

};

allow transfer { 192.168.20.53; }

D.

key company-key.{

algorithm hmac-rc4;

secret “Hdue8du9jdknkhdoLksdlkeYEIks83K=”;

};

allow transfer { 192.168.10.53; }

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.