[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 1-10

Ensurepass

QUESTION 1

An administrator wants to enable policy based flexible mandatory access controls on an open source OS to prevent abnormal application modifications or executions. Which of the following would BEST accomplish this?

 

A.

Access control lists

B.

SELinux

C.

IPtables firewall

D.

HIPS

 

Correct Answer: B

 

 

QUESTION 2

Ann, a software de
veloper, wants to publish her newly developed software to an online store. Ann wants to ensure that the software will not be modified by a third party or end users before being installed on mobile devices. Which of the following should Ann implement to stop modified copies of her software from running on mobile devices?

 

A.

Single sign-on

B.

Identity propagation

C.

Remote attestation

D.

Secure code review

 

Correct Answer: C

 

 

QUESTION 3

select id, firstname, lastname from authors

 

User input= firstname= Hack;man

 

lastname=Johnson

 

Which of the following types of attacks is the user attempting?

 

A.

XML injection

B.

Command injection

C.

Cross-site scripting

D.

SQL injection

 

Correct Answer: D

 

 

QUESTION 4

In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).

 

A.

Provide free email software for personal devices.

B.

Encrypt data in transit for remote access.

C.

Require smart card authentication for all devices.

D.

Implement NAC to limit insecure devices access.

E.

Enable time of day restrictions for personal devices.

 

Correct Answer: BD

 

 

QUESTION 5

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string:

 

user@hostname:~$ sudo nmap -O 192.168.1.54

 

Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:

 

TCP/22

 

TCP/111

 

TCP/512-514

 

TCP/2049

 

TCP/32778

 

Based on this information, which of the following operating systems is MOST likely running on the unknown node?

 

A.

Linux

B.

Windows

C.

Solaris

D.

OSX

 

Correct Answer: C

 

 

QUESTION 6

An organization has decided to reduce labor costs by outsourcing back office processing of credit applications to a provider located in another country. Data sovereignty and privacy concerns raised by the security team resulted in the third-party provider only accessing and processing the data via remote desktop sessions. To facilitate communications and improve productivity, staff at the third party has been provided with corporate email accounts that are only accessible via the remote desktop sessions. Email forwarding is blocked and staff at the third party can only communicate with staff within the organization. Which of the following additional controls should be implemented to prevent data loss? (Select THREE).

 

A.

Implement hashing of data in transit

B.

Session recording and capture

C.

Disable cross session cut and paste

D.

Monitor approved credit accounts

E.

User access audit reviews

F.

Source IP whitelisting

 

Correct Answer: CEF

 

 

QUESTION 7

News outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit, network mapping and fingerprinting is conducted to prepare for further exploitation. Which of the following is the MOST effective solution to protect against unrecognized malware infections?

 

A.

Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology.

B.

Implement an application whitelist at all levels of the organization.

C.

Deploy a network based heuristic IDS, configure all layer 3 switches to feed data to the IDS for more effective monitoring.

D.

Update router configuration to pass all network traffic through a new proxy server with advanced malware detection.

 

Correct Answer: B

 

 

QUESTION 8

A security manager has received the following email from the Chief Financial Officer (CFO):

 

“While I am concerned about the security of the proprietary financial data in our ERP application, we have had a lot of turnover in the accounting group and I am having a difficult time meeting our monthly performance targets. As things currently stand, we do not allow employees to work from home but this is something I am willing to allow so we can get back on track. What should we do first to securely enable this capability for my group?”

 

Based on the information provided, which of the following would be the MOST appropriate response to the CFO?

 

A.

Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed.

B.

Allow VNC access to corporate desktops from personal computers for the users working from home.

C.

Allow terminal services access from personal computers after the CFO provides a list of the users working from home.

D.

Work with the executive management team to revise policies before allowing any remote access.

 

Correct Answer: D

 

 

QUESTION 9

A security manager for a service provider has approved two vendors for connections to the service provider backbone. One vendor will be providing authentication services for its payment card service, and the other vendor will be providing maintenance to the service provider infrastructure sites. Which of the following business agreements is MOST relevant to the vendors and service provider’s relationship?

 

A.

Memorandum of Agreement

B.

Interconnection Security Agreement

C.

Non-Disclosure Agreement

D.

Operating Level Agreement

 

Correct Answer: B

 

 

QUESTION 10

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets.

 

The information security team has been a part of the department meetings and come away with the following notes:

 

clip_image002Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application.

clip_image002[1]Sales is asking for easy order tracking to facilitate feedback to customers.

clip_image002[2]Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction.

clip_image002[3]Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy.

clip_image002[4]Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining.

 

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption.

 

Which of the following departments’ request is in contrast to the favored solution?

 

A.

Manufacturing

B.

Legal

C.

Sales

D.

Quality assurance

E.

Human resources

 

Correct Answer: E

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized. Bookmark the permalink.