[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 221-230

Ensurepass

QUESTION 221

In an effort to reduce internal email administration costs, a company is determining whether to outsource its email to a managed service provider that provides email, spam, and malware protection. The security manager is asked to provide input regarding any security implications of this change. Which of the following BEST addresses risks associated with disclosure of intellectual property?

 

A.

Require the managed service provider to implement additional data separation.

B.

Require encrypted communications when accessing email.

C.

Enable data loss protection to minimize emailing PII and confidential data.

D.

Establish an acceptable use policy and incident response policy.

 

Correct Answer: C

 

 

QUESTION 222

DRAG DROP

Company A has experienced external attacks on their network and wants to minimize the attacks from reoccurring. Modify the network diagram to prevent SQL injections. XSS attacks, smurf attacks, e-mail spam, downloaded malware. viruses and ping attacks. The company can spend a MAXIMUM of 550.000 USD. A cost list for each item is listed below:

 

1. Anti-Virus Server- $10,000

2. Firewall-$15,000

3. Load Balanced Server – $10,000

4. NIDS/NIPS-$10,000

5. Packet Analyzer-55.000

6 Patch Server-$15,000

7. Proxy Server-$20,000

8. Router – S10.000

9. Spam Filter – S5 000

10 Traffic Shaper – $20,000

11. Web Application Firewall – $10,000

 

Instructions:

Not all placeholders in the diagram need to be filled and items can only be used once.

 

clip_image002

clip_image004

 

Correct Answer:

clip_image006

 

 

QUESTION 223

A company receives an e-discovery request for the Chief Information Officer’s (CIO’s) email data. The storage administrator reports that the data retention policy relevant to their industry only requires one year of email data. However the storage administrator also reports that there are three years of email data on the server and five years of email data on backup tapes. How many years of data MUST the company legally provide?

 

A.

1

B.

2

C.

3

D.

5

 

Correct Answer: D

 

 

QUESTION 224

A small customer focused bank with implemented least privilege principles, is concerned about the possibility of branch staff unintentionally aiding fraud in their day to day interactions with customers. Bank staff has been encouraged to build friendships with customers to make the banking experience feel more personal. The security and risk team have decided that a policy needs to be implemented across all branches to address the risk. Which of the following BEST addresses the security and risk team’s concerns?

 

A.

Information disclosure policy

B.

Awareness training

C.

Job rotation

D.

Separation of duties

 

Correct Answer: B

 

 

QUESTION 225

Which of the following provides the HIGHEST level of security for an integrated network providing services to authenticated corporate users?

 

A.

Point to point VPN tunnels for external users, three-factor authentication, a cold site, physical security guards, cloud based servers, and IPv6 networking.

B.

IPv6 networking, port security, full disk encryption, three-factor authentication, cloud based servers, and a cold site.

C.

Port security on switches, point to point VPN tunnels for user server connections, two- factor cryptographic authentication, physical locks, and a standby hot site.

D.

Port security on all switches, point to point VPN tunnels for user connections to servers, two-factor authentication, a sign-in roster, and a warm site.

 

Correct Answer: C

 

 

QUESTION 226

A process allows a LUN to be available to some hosts and unavailable to others. Which of the following causes such a process to become vulnerable?

 

A.

LUN masking

B.

Data injection

C.

Data fragmentation

D.

Moving the HBA

 

Correct Answer: D

 

 

QUESTION 227

A new startup company with very limited funds wants to protect the organization from external threats by implementing some type of best practice security controls across a number of hosts located in the application zone, the production zone, and the core network. The 50 hosts in the core network are a mixture of Windows and Linux based systems, used by development staff todevelop new applications. The single Windows host in the application zone is used exclusively by the production team to control software deployments into the production zone. There are 10 UNIX web application hosts in the production zone which are publically accessible. Development staff is required to install and remove various types of software from their hosts on a regular basis while the hosts in the zone rarely require any type of configuration changes. Which of the following when implemented would provide the BEST level of protection with the LEAST amount of disruption to staff?

 

A.

NIPS in the production zone, HIPS in the application zone, and anti-virus / anti-malware across all Windows hosts.

B.

NIPS in the production zone, NIDS in the application zone, HIPS in the core network, and anti-virus / anti-malware across all hosts.

C.

HIPS in the production zone, NIPS in the application zone, and HIPS in the core network.

D.

NIDS in the production zone, HIDS in the application zone, and anti-virus / anti-malware across all hosts.

Correct Answer: A

 

 

QUESTION 228

A company runs large computing jobs only during the overnight hours. To minimize the amount of capital investment in equipment, the company relies on the elastic computing services of a major cloud computing vendor. Because the virtual resources are created and destroyed on the fly across a large pool of shared resources, the company never knows which specific hardware platforms will be used from night to night. Which of the following presents the MOST risk to confidentiality in this scenario?

 

A.

Loss of physical control of the servers

B.

Distribution of the job to multiple data centers

C.

Network transmission of cryptographic keys

D.

Data scraped from the hardware platforms

 

Correct Answer: D

 

 

QUESTION 229

A company receives a subpoena for email that is four years old. Which of the following should the company consult to determine if it can provide the email in question?

 

A.

Data retention policy

B.

Business continuity plan

C.

Backup and archive processes

D.

Electronic inventory

 

Correct Answer: A

 

 

QUESTION 230

The Chief Technology Officer (CTO) has decided that serv
ers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required. Which of the following BEST describes the risk assurance officer’s concerns?

 

A.

Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.

B.

Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.

C.

A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.

D.

A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues.

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.