[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 21-30

Ensurepass

QUESTION 21

Wireless users are reporting issues with the company’s video conferencing and VoIP systems. The security administrator notices DOS attacks on the network that are affecting the company’s VoIP system (i.e. premature call drops and garbled call signals). The security administrator also notices that the SIP servers are unavailable during these attacks. Which of the following security controls will MOST likely mitigate the VoIP DOS attacks on the network? (Select TWO).

 

A.

Configure 802.11b on the network

B.

Configure 802.1q on the network

C.

Configure 802.11e on the network

D.

Update the firewall managing the SIP servers

E.

Update the HIDS managing the SIP servers

 

Correct Answer: CD

 

 

QUESTION 22

Due to a new regulation, a company has to increase active monitoring of security-related events to 24 hours a day. The security staff only has three full time employees that work during normal business hours. Instead of hiring new security analysts to cover the remaining shifts necessary to meet the monitoring requirement, the Chief Information Officer (CIO) has hired a Managed Security Service (MSS) to monitor events. Which of the following should the company do to ensure that the chosen MSS meets expectations?

 

A.

Develop a memorandum of understanding on what the MSS is responsible to provide.

B.

Create internal metrics to track MSS performance.

C.

Establish a mutually agreed upon service level agreement.

D.

Issue a RFP to ensure the MSS follows guidelines.

 

Correct Answer: C

 

 

QUESTION 23

A company is developing a new web application for its Internet users and is following a secure coding methodology. Which of the following methods would BEST assist the developers in determining if any unknown vulnerabilities are present?

 

A.

Conduct web server load tests.

B.

Conduct static code analysis.

C.

Conduct fuzzing attacks.

D.

Conduct SQL injection and XSS attacks.

 

Correct Answer: C

 

 

QUESTION 24

A telecommunication company has recently upgraded their teleconference systems to multicast. Additionally, the security team has instituted a new policy which requires VPN to access the company’s video conference. All parties must be issued a VPN account and must connect to the company’s VPN concentrator to participate in the remote meetings. Which of the following settings will increase bandwidth utilization on the VPN concentrator during the remote meetings?

 

A.

IPSec transport mode is enabled

B.

ICMP is disabled

C.

Split tunneling is disabled

D.

NAT-traversal is enabled

 

Correct Answer: C

 

 

QUESTION 25

An Information Security Officer (ISO) has asked a security team to randomly retrieve discarded computers from the warehouse dumpster. The security team was able to retrieve two older computers and a broken MFD network printer. The security team was able to connect the hard drives from the two computers and the network printer to a computer equipped with forensic tools. The security team was able to retrieve PDF files from the network printer hard drive but the data on the two older hard drives was inaccessible. Which of the following should the Warehouse Manager do to remediate the security issue?

 

A.

Revise the hardware and software maintenance contract.

B.

Degauss the printer hard drive to delete data.

C.

Implement a new change control process.

D.

Update the hardware decommissioning procedures.

 

Correct Answer: D

 

 

QUESTION 26

Company ABC has recently completed the connection of its network to a national high speed private research network. Local businesses in the area are seeking sponsorship from Company ABC to connect to the high speed research network by directly connecting through Company ABC’s network. Company ABC’s Chief Information Officer (CIO) believes that this is an opportunity to increase revenues and visibility for the company, as well as promote research and development in the area. Which of the following must Company ABC require of its sponsored partners in order to document the technical security requirements of the connection?

 

A.

SLA

B.

ISA

C.

NDA

D.

BPA

 

Correct Answer: B

 

 

QUESTION 27

A security administrator has finished building a Li
nux server which will host multiple virtual machines through hypervisor technology. Management of the Linux server, including monitoring server performance, is achieved through a third party web enabled application installed on the Linux server. The security administrator is concerned about vulnerabilities in the web application that may allow an attacker to retrieve data from the virtual machines. Which of the following will BEST protect the data on the virtual machines from an attack?

 

A.

The security administrator must install the third party web enabled application in a chroot environment.

B.

The security administrator must install a software firewall on both the Linux server and the virtual machines.

C.

The security administrator must install anti-virus software on both the Linux server and the virtual machines.

D.

The security administrator must install the data exfiltration detection software on the perimeter firewall.

 

Correct Answer: A

 

 

QUESTION 28

The
security administrator at a bank is receiving numerous reports that customers are unable to login to the bank website. Upon further investigation, the security administrator discovers that the name associated with the bank website points to an unauthorized IP address. Which of the following solutions will MOST likely mitigate this type of attack?

 

A.

Security awareness and user training

B.

Recursive DNS from the root servers

C.

Configuring and deploying TSIG

D.

Firewalls and IDS technologies

 

Correct Answer: C

 

 

QUESTION 29

The security administrator is worried about possible SPIT attacks against the VoIP system. Which of the following security controls would MOST likely need to be implemented to detect this type of attack?

 

A.

SIP and SRTP traffic analysis

B.

QoS audit on Layer 3 devices

C.

IP and MAC filtering logs

D.

Email spam filter log

 

Correct Answer: A

 

 

QUESTION 30

An IT administrator has installed new DNS name servers (Primary and Secondary), which are used to host the company MX records and resolve the web server’s public address. In order to secure the zone transfer between the primary and secondary server, the administrator uses only server ACLs. Which of the following attacks could the secondary DNS server still be susceptible to?

 

A.

Email spamming

B.

IP spoofing

C.

Clickjacking

D.

DNS replication

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.