[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 51-60

Ensurepass

QUESTION 51

A technician states that workstations that are on the network in location B are unable to validate certificates, while workstations that are on the main location A’s network are having no issues. Which of the following methods allows a certificate to be validated by a single server that returns the validity of that certificate?

 

A.

XACML

B.

OCSP

C.

ACL

D.

CRL

 

Correct Answer: B

 

 

QUESTION 52

A security audit has uncovered a lack of security controls with respect to employees’ network account management. Specifically, the audit reveals that employee’s network accounts are notdisabled in a timely manner once an employee departs the organization. The company policy states that the network account of an employee should be disabled within eight hours of termination. However, the audit shows that 5% of the accounts were not terminated until three days after a dismissed employee departs. Furthermore, 2% of the accounts are still active. Which of the following is the BEST course of action that the security officer can take to avoid repeat audit findings?

 

A.

Review the HR termination process and ask the software developers to review the identity management code.

B.

Enforce the company policy by conducting monthly account reviews of inactive accounts.

C.

Review the termination policy with the company managers to ensure prompt reporting of employee terminations.

D.

Update the company policy to account for delays and unforeseen situations in account deactivation.

 

Correct Answer: C

 

 

QUESTION 53

A company contracts with a third party to develop a new web application to process credit cards. Which of the following assessments will give the company the GREATEST level of assurance for the web application?

 

A.

Social Engineering

B.

Penetration Test

C.

Vulnerability Assessment

D.

Code Review

 

Correct Answer: D

 

 

 

 

 

 

 

 

QUESTION 54

Statement: “The system shall implement measures to notify system administrators prior to a security incident occurring.”

 

Which of the following BEST restates the above statement to allow it to be implemented by a team of software developers?

 

A.

The system shall cease processing data when certain configurable events occur.

B.

The system shall continue processing in the event of an error and email the security administrator the error logs.

C.

The system shall halt on error.

D.

The system shall throw an error when specified incidents pass a configurable threshold.

 

Correct Answer: D

 

 

QUESTION 55

Which of the following BEST defines the term e-discovery?

 

A.

A product that provides IT-specific governance, risk management, and compliance.

B.

A form of reconnaissance used by penetration testers to discover listening hosts.

C.

A synonymous term for computer emergency response and incident handling.

D.

A process of producing electronically stored information for use as evidence.

 

Correct Answer: D

 

 

QUESTION 56

Company XYZ provides residential television cable service across a large region.

 

The company’s board of directors is in the process of approving a deal with the following three companies:

 

clip_image002A National landline telephone provider

clip_image002[1]A Regional wireless telephone provider

clip_image002[2]An international Internet service provider

 

The board of directors at Company XYZ wants to keep the companies and billing separated.

 

While the Chief Information Officer (CIO) at Company XYZ is concerned about the confidentiality of Company XYZ’s customer data and wants to share only minimal information about its customers for the purpose of accounting, billing, and customer authentication.

 

The proposed solution must use open standards and must make it simple and seamless for Company XYZ’s customers to receive all four services.

 

Which of the following solutions is BEST suited for this scenario?

 

A.

All four companies must implement a TACACS+ web based single sign-on solution with associated captive portal technology.

B.

Company XYZ must implement VPN and strict access control to allow the other three companies to access the internal LDAP.

C.

Company XYZ needs to install the SP, while the partner companies need to install the WAYF portion of a Federated identity solution.

D.

Company XYZ needs to install the IdP, while the partner companies need to install the SP portion of a Federated identity solution.

 

Correct Answer: D

 

 

QUESTION 57

Driven mainly by cost, many companies outsource computing jobs which require a large amount of processor cycles over a short duration to cloud providers. Thi
s allows the company to avoid a large investment in computing resources which will only be used for a short time. Assuming the provisioned resources are dedicated to a single company, which of the following is the MAIN vulnerability associated with on-demand provisioning?

 

A.

Traces of proprietary data which can remain on the virtual machine and be exploited

B.

Remnants of network data from prior customers on the physical servers during a compute job

C.

Exposure of proprietary data when in-transit to the cloud provider through IPSec tunnels

D.

Failure of the de-provisioning mechanism resulting in excessive charges for the resources

 

Correct Answer: A

 

 

QUESTION 58

A small bank is introducing online banking to its customers through its new secured website. The firewall has three interfaces: one for the Internet connection, another for the DMZ, and the other for the internal network. Which of the following will provide the MOST protection from all likely attacks on
the bank?

 

A.

Implement NIPS inline between the web server and the firewall.

B.

Implement a web application firewall inline between the web server and the firewall.

C.

Implement host intrusion prevention on all machines at the bank.

D.

Configure the firewall policy to only allow communication with the web server using SSL.

 

Correct Answer: C

 

 

QUESTION 59

On Monday, the Chief Information Officer (CIO) of a state agency received an e-discovery request for the release of all emails sent and received by the agency board of directors for the past five years. The CIO has contacted the email administrator and asked the administrator to provide the requested information by end of day on Friday. Which of the following has the GREATEST impact on the ability to fulfill the e-discovery request?

 

A.

Data retention policy

B.

Backup software and hardware

C.

Email encryption software

D.

Data recovery procedures

 

Correct Answer: A

 

 

 

 

 

 

QUESTION 60

A security architect is assigned to a major software development project. The software development team has a history of writing bug prone, inefficient code, with multiple securityflaws in every release. The security architect proposes implementing secure coding standards to the project manager. The secure coding standards will contain detailed standards for:

 

A.

error handling, input validation, memory use and reuse, race condition handling, commenting, and preventing typical security problems.

B.

error prevention, requirements validation, memory use and reuse, commenting typical security problems, and testing code standards.

C.

error elimination, trash collection, documenting race conditions, peer review, and typical security problems.

D.

error handling, input validation, commenting, preventing typical security problems, managing customers, and documenting extra requirements.

 

Correct Answer: A

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.