[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 291-300

Ensurepass

QUESTION 291

Staff from the sales department have administrator rights to their corporate standard operating environment, and often connect their work laptop to customer networks when onsite during meetings and presentations. This increases the risk and likelihood of a security incident when the sales staff reconnects to the corporate LAN. Which of the following controls would BEST protect the corporate network?

 

A.

Implement a network access control (NAC) solution that assesses the posture of the laptop before granting network access.

B.

Use an independent consulting firm to provide regular network vulnerability assessments and biannually qualitative risk assessments.

C.

Provide sales staff with a separate laptop with no administrator access just for sales visits.

D.

Update the acceptable use policy and ensure sales staff read and acknowledge the policy.

 

Correct Answer: A

 

 

QUESTION 292

Due to cost and implementation time pressures, a security architect has allowed a NAS to be used instead of a SAN for a non-critical, low volume database. Which of the following would make a NAS unsuitable for a business critical, high volume database application that required a high degree of data confidentiality and data availability? (Select THREE).

 

A.

File level transfer of data

B.

Zoning and LUN security

C.

Block level transfer of data

D.

Multipath

E.

Broadcast storms

F.

File level encryption

G.

Latency

 

Correct Answer: AEG

 

 

 

 

 

 

 

QUESTION 293

A network administrator notices a security intrusion on the web server. Which of the following is noticed by http://test.com/modules.php?op=modload&name=XForum&file=[hostilejavascript]&fid=2 in the log file?

 

A.

Buffer overflow

B.


Click jacking

C.

SQL injection

D.

XSS attack

 

Correct Answer: D

 

 

QUESTION 294

A database administrator comes across the below records in one of the databases during an internal audit of the payment system:

 

UserIDAddressCredit Card No.Password

 

jsmith123 fake street55XX-XXX-XXXX-1397Password100

 

jqdoe234 fake street42XX-XXX-XXXX-202717DEC12

 

From a security perspective, which of the following should be the administrator’s GREATEST concern, and what will correct the concern?

 

A.

Concern: Passwords are stored in plain text.

Correction: Require a minimum of 8 alphanumeric characters and hash the password.

B.

Concern: User IDs are also usernames, and could be enumerated, thereby disclosing sensitive account information.

Correction: Require user IDs to be more complex by using alphanumeric characters and hash the UserIDs.

C.

Concern: User IDs are confidential private information.

Correction: Require encryption of user IDs.

D.

Concern: More than four digits within a credit card number are stored.

Correction: Only store the last four digits of a credit card to protect sensitive financial information.

 

Correct Answer: A

 

 

QUESTION 295

Company XYZ has transferred all of the corporate servers, including web servers, to a cloud hosting provider to reduce costs. All of the servers are running unpatched, outdated versions of Apache. Furthermore, the corporate financial data is also hosted by the cloud services provider, but it is encrypted when not in use. Only the DNS server is configured to audit user and administrator actions and logging is disabled on the other virtual machines. Given this scenario, which of the following is the MOST significant risk to the system?

 

A.

All servers are unpatched and running old versions.

B.

Financial data is processed without being encrypted.

C.

Logging is disabled on critical servers.

D.

Server services have been virtualized and outsourced.

 

Correct Answer: A

 

 

QUESTION 296

A security consultant is hired by a company to determine if an int
ernally developed web application is vulnerable to attacks. The consultant spent two weeks testing the application, and determines that no vulnerabilities are present. Based on the results of the tools and tests available, which of the following statements BEST reflects the security status of the application?

 

A.

The company’s software lifecycle management improved the security of the application.

B.

There are no vulnerabilities in the application.

C.

The company should deploy a web application firewall to ensure extra security.

D.

There are no known vulnerabilities at this time.

 

Correct Answer: D

 

 

QUESTION 297

An organization determined that each of its remote sales representatives must use a smartphone for email access. The organization provides the same centrally manageable model to each person. Which of the following mechanisms BEST protects the confidentiality of the resident data?

 

A.

Require dual factor authentication when connecting to the organization’s email server.

B.

Require each sales representative to establish a PIN to access the smartphone and limit email storage to two weeks.

C.

Require encrypted communications when connecting to the organization’s email server.

D.

Require a PIN and automatic wiping of the smartphone if someone enters a specific number of incorrect PINs.

 

Correct Answer: D

 

 

QUESTION 298

An IT administrator wants to restrict DNS zone transfers between two geographically dispersed, external company DNS name servers, and has decided to use TSIG. Which of the following are critical when using TSIG? (Select TWO).

 

A.

Periodic key changes once the initial keys are established between the DNS name servers.

B.

Secure exchange of the key values between the two DNS name servers.

C.

A secure NTP source used by both DNS name servers to avoid message rejection.

D.

DNS configuration files on both DNS name servers must be identically encrypted.

E.

AES encryption with a SHA1 hash must be used to encrypt the configuration files on both DNS name servers.

 

Correct Answer: BC

 

 

 

 

 

 

 

 

QUESTION 299

DRAG DROP

Drag and Drop the following information types on to the appropriate CIA category

 

clip_image001

 

Correct Answer:

clip_image002

 

 

 

QUESTION 300

A hosting company provides inexpensive guest virtual machines to low-margin customers. Customers manage their own guest virtual machines. Some customers want basic guarantees of logical separation from other customers and it has been indicated that some customers would like to have configuration control of this separation; whereas others want this provided as a value-added service by the hosting company. Which of the following BEST meets these requirements?

 

A.

The hosting company should install a hypervisor-based firewall and allow customers to manage this on an as-needed basis.

B.

The hosting company should manage the hypervisor-based firewall; while allowing customers to configure their own host-based firewall.

C.

Customers should purchase physical firewalls to protect their guest hosts and have the hosting company manage these if requested.

D.

The hosting company should install a host-based firewall on customer guest hosts and offer to administer host firewalls for customers if requested.

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.