[Free] Download New Latest (November) CompTIA CAS-001 Actual Tests 71-80

Ensurepass

 

QUESTION 71

The security administrator is receiving numerous alerts from the internal IDS of a possible Conficker infection spreading through the network via the Windows file sharing services. Given the size of the company which deploys over 20,000 workstations and 1,000 servers, the security engineer believes that the best course of action is to block the file sharing service across the organization by placing ACLs on the internal routers. Which of the following should the security administrator do before applying the ACL?

 

A.

Quickly research best practices with respect to stopping Conficker infections and implement the solution.

B.

Consult with the rest of the security team and get approval on the solution by all the team members and the team manager.

C.

Apply the ACL immediately since this is an emergency that could lead to a widespread data compromise.

D.

Call an emergency change management meeting to ensure the ACL will not impact core business functions.

 

Correct Answer: D

 

 

QUESTION 72

The security administrator of a small private firm is researching and putting together a proposal to purchase an IPS to replace an existing IDS. A specific brand and model has been selected, but the security administrator needs to gather various cost information for that product. Which of the following documents would perform a cost analysis report and include information such as payment terms?

 

A.

RFI

B.

RTO

C.

RFQ

D.

RFC

 

Correct Answer: C

 

 

QUESTION 73

A production server has been compromised. Which of the following is the BEST way to preserve the non-volatile evidence?

 

A.

Shut the server down and image the hard drive.

B.

Remove all power sources from the server.

C.

Install remote backup software and copy data to write-once media.

D.

Login remotely and perform a full backup of the server.

 

Correct Answer: A

 

 

QUESTION 74

The Chief Executive Officer (CEO) has decided to outsource systems which are not core business functions; howe
ver, a recent review by the risk officer has indicated that core business functions are dependent on the outsourced systems. The risk officer has requested that the IT department calculates the priority of restoration for all systems and applications under the new business model. Which of the following is the BEST tool to achieve this?

 

A.

Business impact analysis

B.

Annualized loss expectancy analysis

C.

TCO analysis

D.

Residual risk and gap analysis

 

Correct Answer: A

 

 

QUESTION 75

A system administrator needs to develop a policy for when an application server is no longer needed. Which of the following policies would need to be developed?

 < /font>

A.

Backup policy

B.

De-provisioning policy

C.

Data retention policy

D.

Provisioning policy

 

Correct Answer: C

 

 

QUESTION 76

The sales division within a large organization purchased touch screen tablet computers for all 250 sales representatives in an effort to showcase the use of technology to its customers and increase productivity. This includes the development of a new product tracking application that works with the new platform. The security manager attempted to stop the deployment because the equipment and application are non-standard and unsupported within the organization. However, upper management decided to continue the deployment. Which of the following provides the BEST method for evaluating the potential threats?

 

A.

Conduct a vulnerability assessment to determine the security posture of the new devices and the application.

B.

Benchmark other organization’s that already encountered this type of situation and apply all relevant learning’s and industry best practices.

C.

Work with the business to understand and classify the risk associated with the full lifecycle of the hardware and software deployment.

D.

Develop a standard image for the new devices and migrate to a web application to eliminate locally resident data.

 

Correct Answer: C

 

 

QUESTION 77

A security incident happens three times a year on a company’s web server costing the company $1,500 in downtime, per occurrence. The web server is only for archival access and is scheduled to be decommissioned in five years. The cost of implementing software to prevent this incident would be $15,000 initially, plus $1,000 a year for maintenance. Which of the following is the MOST cost-effective manner to deal with this risk?

 

A.

Avoid the risk

B.

Transfer the risk

C.

Accept the risk

D.

Mitigate the risk

 

Correct Answer: D

 

 

QUESTION 78

Which of the following should be used with caution because of its ability to provide access to block level data instead of file level data?

 

A.

CIFS

B.

NFS

C.

iSCSI

D.

NAS

 

Correct Answer: C

 

 

QUESTION 79

A user logs into domain A using a PKI certificate on a smartcard protected by an 8 digit PIN. The credential is cached by the authenticating server in domain A. Later, the user attempts to access a resource in domain B. This initiates a request to the original authenticating server to somehow attest to the resource server in the second domain that the user is in fact who they claim to be. Which of the following is being described?

 

A.

Authentication

B.

Authorization

C.

SAML

D.

Kerberos

 

Correct Answer: C

 

 

QUESTION 80

A breach at a government agency resulted in the public release of top secret information. The Chief Information Security Officer has tasked a group of security professionals to deploy a system which will protect against such breaches in the future. Which of the following can the government agency deploy to meet future security needs?

 

A.

A DAC which enforces no read-up, a DAC which enforces no write-down, and a MAC which uses an access matrix.

B.

A MAC which enforces no write-up, a MAC which enforces no read-down, and a DAC which uses an ACL.

C.

A MAC which enforces no read-up, a MAC which enforces no write-down, and a DAC which uses an access matrix.

D.

A DAC which enforces no write-up, a DAC which enforces no read-down, and a MAC which uses an ACL.

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA CAS-001 Actual Tests

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-001 Actual Tests (November) and tagged , , , , , , . Bookmark the permalink.