[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 261-270

Ensurepass

QUESTION 261

An administrator has a system hardening policy to only allow network access to certain services, to always use similar hardware, and to protect from unauthorized application configuration changes. Which of the following technologies would help meet this policy requirement? (Select TWO).

 

A.

Spam filter

B.

Solid state drives

C.

Management interface

D.

Virtualization

E.

Host firewall

 

Correct Answer: DE

 

 

QUESTION 262

An intrusion detection system logged an attack attempt from a remote IP address. One week later, the attacker successfully compromised the network. Which of the following MOST likely occurred?

 

A.

The IDS generated too many false negatives.

B.

The attack occurred after hours.

C.

The IDS generated too many false positives.

D.

No one was reviewing the IDS event logs.

 

Correct Answer: D

 

 < /span>

QUESTION 263

A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplifythe underlying complexity. Which of the following is the MOST suitable integration platform to provide event-driven and standards-based secure software architecture?

 

A.

Service oriented architecture (SOA)

B.

Federated identities

C.

Object request broker (ORB)

D.

Enterprise service bus (ESB)

 

Correct Answer: D

 

 

QUESTION 264

When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones. Which of the following would impact the security of conference’s resources?

 

A.

Wireless network security may need to be increased to decrease access of mobile devices.

B.

Physical security may need to be increased to deter or prevent theft of mobile devices.

C.

Network security may need to be increased by reducing the number of available physical network jacks.

D.

Wireless network security may need to be decreased to allow for increased access of mobile devices.

 

Correct Answer: C

 

 

QUESTION 265

The Chief Informatio
n Security Officer (CISO) of a small bank wants to embed a monthly testing regiment into the security management plan specifically for the development area. The CISO’s requirements are that testing must have a low risk of impacting system stability, can be scripted, and is very thorough. The development team claims that this will lead to a higher degree of test script maintenance and that it would be preferable if the testing was outsourced to a third party. The CISO still maintains that third-party testing would not be as thorough as the third party lacks the introspection of the development team. Which of the following will satisfy the CISO requirements?

 

A.

Grey box testing performed by a major external consulting firm who have signed a NDA.

B.

Black box testing performed by a major external consulting firm who have signed a NDA.

C.

White box testing performed by the development and security assurance teams.

D.

Grey box testing performed by the development and security assurance teams.

 

Correct Answer: C

 

 

QUESTION 266

A startup company offering software on demand has hired a security consultant to provide expertise on data security. The company’s clients are concerned about data confidentiality. The security consultant must design an environment with data confidentiality as the top priority, over availability and integrity. Which of the following designs is BEST suited for this purpose?

 

A.

All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment to access the virtualized applications. A secret key kept by the startup encrypts the application virtual memory and data store.

B.

All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment and to access the virtualized applications. Each client has a common shared key, which encrypts the application virtual memory and data store.

C.

Each client is assigned a set of virtual hosts running shared hardware. Physical storage is partitioned into LUNS and assigned to each client. MPLS technology is used to segment and encrypt each of the client’s networks. PKI based remote desktop with hardware tokens is used by the client to connect to the application.

D.

Each client is assigned a set of virtual hosts running shared hardware. Virtual storage is partitioned and assigned to each client. VLAN technology is used to segment each of the client’s networks. PKI based remote desktop access is used by the client to connect to the application.

 

Correct Answer: C

 

 

QUESTION 267

The risk committee has endorsed the adoption of a security system development life cycle (SSDLC) designed to ensure compliance with PCI-DSS, HIPAA, and meet the organization’s mission. Which of the following BEST describes the correct order of implementing a five phase SSDLC?

 

A.

Initiation, assessment/acquisition, development/implementation, operations/maintenance and sunset.

B.

Initiation, acquisition/development, implementation/assessment, operations/maintenance and sunset.

C.

Assessment, initiation/development, implementation/assessment, operations/maintenance and disposal.

D.

Acquisition, initiation/development, implementation/assessment, operations/maintenance and disposal.

 

Correct Answer: B

 

 

QUESTION 268

A company is preparing to upgrade its NIPS at five locations around the world. The three platforms the team plans to test, claims to have the most advanced features and lucrative pricing. Assuming all platforms meet the functionality requirements, which of the following methods should be used to select the BEST platform?

 

A.

Establish return on investment as the main criteria for selection.

B.

Run a cost/benefit analysis based on the data received from the RFP.

C.

Evaluate each platform based on the total cost of ownership.

D.

Develop a service level agreement to ensure the selected NIPS meets all performance requirements.

Correct Answer: C

 

 

QUESTION 269

After connecting to a secure payment server at https://pay.xyz.com, an auditor notices that the SSL certificate was issued to *.xyz.com. The
auditor also notices that many of the internal development servers use the same certificate. After installing the certificate on dev1.xyz.com, one of the developers reports misplacing the USB thumb-drive where the SSL certificate was stored. Which of the following should the auditor recommend FIRST?

 

A.

Generate a new public key on both servers.

B.

Replace the SSL certificate on dev1.xyz.com.

C.

Generate a new private key password for both servers.

D.

Replace the SSL certificate on pay.xyz.com.

 

Correct Answer: D

 

 

QUESTION 270

A corporation has Research and Development (R&D) and IT support teams, each requiring separate networks with independent control of their security boundaries to support department objectives. The corporation’s Information Security Officer (ISO) is responsible for providing firewall services to both departments, but does not want to increase the hardware footprint within the datacenter. Which of the following should the ISO consider to provide
the independent functionality required by each department’s IT teams?

 

A.

Put both departments behind the firewall and assign administrative control for each department to the corporate firewall.

B.

Provide each department with a virtual firewall and assign administrative control to the physical firewall.

C.

Put both departments behind the firewall and incorporate restrictive controls on each department’s network.

D.

Provide each department with a virtual firewall and assign appropriate levels of management for the virtual device.

 

Correct Answer: D

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.