[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 271-280

Ensurepass

QUESTION 271

The security administrator at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years. The security administrator is only able to find one year’s worth of email records on the server and is now concerned about the possible legal implications of not complying with the request. Which of the following should the security administrator check BEFORE responding to the request?

 

A.

The company data privacy policies

B.

The company backup logs and archives

C.

The company data retention policies and guidelines

D.

The company data retention procedures

 

Correct Answer: B

 

 

 

QUESTION 272

CORRECT TEXT

The IDS has detected abnormal behavior on this network Click on the network devices to view device information Based on this information, the following tasks need to be completed:

 

1. Select the server that is a victim of a SQL injection attack.

2. Select the source of the buffer overflow attack.

3. Modify the access control list (ACL) on the router(s) to ONLY block the buffer overflow attack.

 

Instructions:

Simulations can be reset at any time to the initial state: however, all selections will be deleted.

 

clip_image002

clip_image004

clip_image006

 

Correct Answer:

Follow the Steps as:

1. Click on the server and find the SQL Server then Note the ip address of the server.

2. Click on the host machine and find the attacker then note the ip adddress of the host.

3. Check the host machine ip address in router ac source field and SQL Server ip in destination field and check the deny and unchek the permit.

 

Explanation:

First, we need to determine the source of the attack and the victim. View the IDS logs to determine this information. Although SIMs may vary, one example clearly shows the source of the attack as the 10.2.0.50 host and the victim is Server D.

To block only this traffic we need to modify the following rule on router 2 only:

Source address = 10.2.0.50

Destination address = 192.168.1.0/24

Deny box should be checked.

QUESTION 273

A Physical Security Manager is ready to replace all 50 analog surveillance cameras with IP cameras with built-in web management. The Security Manager has several security guard desks on different networks that must be able to view the cameras without unauthorized peopleviewing the video as well. The selected IP camera vendor does not have the ability to authenticate users at the camera level. Which of the following should the Security Manager suggest to BEST secure this environment?

 

A.

Create an IP camera network and deploy NIPS to prevent unauthorized access.

B.

Create an IP camera network and only allow SSL access to the cameras.

C.

Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras.

D.

Create an IP camera network and restrict access to cameras from a single management host.

 

Correct Answer: C

 

 

QUESTION 274

The Linux server at Company A hosts a graphical application widely used by the company designers. One designer regularly connects to the server from a Mac laptop in the designer’s office down the hall. When the security engineer learns of this it is discovered the connection is not secured and the password can easily be obtained via network sniffing. Which of the following would the security engineer MOST likely implement to secure this connection?

 

Linux Server: 192.168.10.10/24

Mac Laptop: 192.168.10.200/24

 

A.

From the server, establish an SSH tunnel to the Mac and VPN to 192.168.10.200.

B.

From the Mac, establish a remote desktop connection to 192.168.10.10 using Network Layer Authentica
tion and the CredSSP security provider.

C.

From the Mac, establish a VPN to the Linux server and connect the VNC to 127.0.0.1.

D.

From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to 127.0.0.1.

 

Correct Answer: D

 

 

QUESTION 275

In order for a company to boost profits by implementing cost savings on non-core business activities, the IT manager has sought approval for the corporate email system to be hosted in the cloud. The compliance officer has been tasked with ensuring that data lifecycle issues are taken into account. Which of the following BEST covers the data lifecycle end- to-end?

 

A.

Creation and secure destruction of mail accounts, emails, and calendar items

B.

Information classification, vendor selection, and the RFP process

C.

Data provisioning, processing, in transit, at rest, and de-provisioning

D.

Securing virtual environments, appliances, and equipment that handle email

 

Correct Answer: C

 

 

 

 

 

 

QUESTION 276

Which of the following is the BEST place to contractually document security priorities, responsibilities, guarantees, and warranties when dealing with outsourcing providers?

 

A.

NDA

B.

OLA

C.

MOU

D.

SLA

 

Correct Answer: D

 

 

QUESTION 277

A corporation has expanded for the first time by integrating several newly acquired businesses. Which of the following are the FIRST tasks that the security team should undertake? (Select TWO).

 

A.

Remove acquired companies Internet access.

B.

Federate identity management systems.

C.

Install firewalls between the businesses.

D.

Re-image all end user computers to a standard image.

E.

Develop interconnection policy.

F.

Conduct a risk analysis of each acquired company’s networks.

 

Correct Answer: EF

 

 

QUESTION 278

An organization has had six security incidents over the past year against their main web application. Each time the organization was able to determine the cause of the incident and restore operations within a few hours to a few days. Which of the following provides the MOST comprehensive method for reducing the time to recover?

 

A.

Create security metrics that provide information on response times and requirements to determine the best place to focus time and money.

B.

Conduct a loss analysis to determine which systems to focus time and money towards increasing security.

C.

Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation.

D.

Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics.

 

Correct Answer: D

 

 

QUESTION 279

A security administrator must implement a SCADA style network overlay to ensure secure remote management of all network management and infrastructure devices. Which of the following BEST describes the rationale behind this architecture?

 

A.

A physically isolated network that allows for secure metric collection.

B.

A physically isolated network with inband management that uses two factor authentication.

C.

A logically isolated network with inband management that uses secure two factor authentication.

D.

An isolated network that provides secure out-of-band remote management.

 

Correct Answer: D

 

 

QUESTION 280

Company A is purchasing Company B. Company A uses a change management system for all IT processes while Company B does not have one in place. Company B’s IT staff needs to purchase a third party product to enhance production. Which of the following NEXT steps should be implemented to address the security impacts this product may cause?

 

A.

Purchase the product and test it in a lab environment before installing it on any live system.

B.

Allow Company A and B’s IT staff to evaluate the new product prior to purchasing it.

C.

Purchase the product and test it on a few systems before installing it throughout the entire company.

D.

Use Company A’s change management process during the evaluation of the new product.

 

Correct Answer: D

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.