[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 211-220

Ensurepass

 

QUESTION 211

A security administrator wants to verify and improve the security of a business process which is tied to proven company workflow. The security administrator was able to improve security by applying controls that were defined by the newly released company security standard. Such controls included code improvement, transport encryption, and interface restrictions. Which of the following can the security administrator do to further increase security after having exhausted all the technical controls dictated by the company’s security standard?

 

A.

Modify the company standard to account for higher security and meet with upper management for approval to implement the new standard.

B.

Conduct a gap analysis and recommend appropriate non-technical mitigating controls, and incorporate the new controls into the standard.

C.

Conduct a risk analysis on all current controls, and recommend appropriate mechanisms to increase overall security.

D.

Modify the company policy to account for higher security, adapt the standard accordingly, and implement new technical controls.

 

Correct Answer: B

 

QUESTION 212

A company has a single subnet in a small office. The administrator wants to limit non-web related traffic to the corporate intranet server as well as prevent abnormal HTTP requests and HTTP protocol anomalies from causing problems with the web server. Which of the following is the MOST likely solution?

 

A.

Application firewall and NIPS

B.

Edge firewall and HIDS

C.

ACLs and anti-virus

D.

Host firewall and WAF

 

Correct Answer: D

 

 

QUESTION 213

A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention. Which of the following recommendations should the consultant provide to the security administrator?

 

A.

Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.

B.

Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.

C.

Disable AH. Enable ESP on the internal network, and use NIPS on both networks.

D.

Enable ESP on the internal network, and place NIPS on both networks.

 

Correct Answer: A

 

 

QUESTION 214

A Chief Information Security Officer (CISO) of a major consulting firm has significantly increased the company’s security posture; however, the company is still plagued by data breaches of misplaced assets. These data breaches as a result have led to the compromise of sensitive corporate and client data on at least 25 occasions. Each employee in the company is provided a laptop to perform company business. Which of the following actions can the CISO take to mitigate the breaches?

 

A.

Reload all user laptops with full disk encryption software immediately.

B.

Implement full disk encryption on all storage devices the firm owns.

C.

Implement new continuous monitoring procedures.

D.

Implement an open source system which allows data to be encrypted while processed.

 

Correct Answer: B

 

 

QUESTION 215

A financial institution wants to reduce the costs associated with managing and troubleshooting employees’ desktops and applications, while k
eeping employees from copying data onto external storage. The Chief Information Officer (CIO) has asked the security team to evaluate four solutions submitted by the change management group. Which of the following BEST accomplishes this task?

 

A.

Implement desktop virtualization and encrypt all sensitive data at rest and in transit.

B.

Implement server virtualization and move the application from the desktop to the server.

C.

Implement VDI and disable hardware and storage mapping from the thin client.

D.

Move the critical applications to a private cloud and disable VPN and tunneling.

 

Correct Answer: C

 

 

QUESTION 216

A health service provider is considering the impact of allowing doctors and nurses access to the internal email system from their personal smartphones. The Information Security Officer (ISO) has received a technical document from the security administrator explaining that the current email system is capable of enforcing security policies to personal smartph
ones, including screen lockout and mandatory PINs. Additionally, the system is able to remotely wipe a phone if reported lost or stolen. Which of the following should the Information Security Officer be MOST concerned with based on this scenario? (Select THREE).

 

A.

The email system may become unavailable due to overload.

B.

Compliance may not be supported by all smartphones.

C.

Equipment loss, theft, and data leakage.

D.

Smartphone radios can interfere with health equipment.

E.

Data usage cost could significantly increase.

F.

Not all smartphones natively support encryption.

G.

Smartphones may be used as rogue access points.

 

Correct Answer: BCF

 

 

QUESTION 217

A team of security engineers has applied regulatory and corporate guidance to the design of a corporate network. The engineers have generated an SRTM based on their work and a thorough analysis of the complete set of functional and performance requirements in the network specification. Which of the following BEST describes the purpose of an SRTM in this scenario?

 

A.

To ensure the security of the network is documented prior to customer delivery

B.

To document the source of all functional requirements applicable to the network

C.

To facilitate the creation of performance testing metrics and test plans

D.

To allow certifiers to verify the network meets applicable security requirements

 

Correct Answer: D

 

 

QUESTION 218

The security administrator is responsible for the confidentiality of all corporate data. The company’s servers are located in a datacenter run by a different vendor. The vendor datacenter hosts servers for many different clients, all of whom have access to the datacenter. None of the racks are physically secured. Recently, the company has been the victim of several attacks involving data injection and exfiltatration. The security administrator suspects these attacks are due to several new network based attacks facilitated by having physical access to a system. Which of the following BEST describes how to adapt to the threat?

 

A.

Apply port security to all switches, switch to SCP, and implement IPSec tunnels between devices.

B.

Apply two factor authentication, require point to point VPNs, and enable log auditing on all devices.

C.

Apply port security to all routers, switch to telnet, and implement point to point VPNs on all servers.

D.

Apply three factor authentication, implement IPSec, and enable SNMP.

 

Correct Answer: A

 

 

QUESTION 219

A newly-appointed risk management director for the IT department at Company XYZ, a major pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and well-written report from the independent contractor who performed a security assessment of the system. The report details what seem to be a manageable volume of infrequently exploited security vulnerabilities. The director decides to implement continuous monitoring and other security controls to mitigate the impact of the vulnerabilities. Which of the following should the director require from the developers before agreeing to deploy the system?

 

A.

An incident response plan which guarantees response by tier two support within 15 minutes of an incident.

B.

A definitive plan of action and milestones which lays out resolutions to all vulnerabilities within six months.

C.

Business insurance to transfer all risk from the company shareholders to the insurance company.

D.

A prudent plan of action which details how to decommission the system within 90 days of becoming operational.

 

Correct Answer: B

 

 

QUESTION 220

An administrator is reviewing logs and sees the following entry:

 

Message: Access denied with code 403 (phase 2). Pattern match “bunionb.{1,100}?bselectb” at ARGS:$id. [data “union all select”] [severity “CRITICAL”] [tag “WEB_ATTACK”] [tag “WASCTC/WASC-19”] [tag “OWASP_TOP_10/A1”] [tag “OWASP_AppSensor/CIE1”]

 

Action: Intercepted (phase 2) Apache-Handler: php5-script

 

Which of the following attacks was being attempted?

 

A.

Session hijacking

B.

Cross-site script

C.

SQL injection

D.

Buffer overflow

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.