[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 121-130

Ensurepass

QUESTION 121

A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network. Vendors were authenticating directly to the retailer’s AD servers, and an improper firewall rule allowed pivoting from the AD server to the DMZ where credit card servers were kept. The firewall rule was needed for an internal application that was developed, which presents risk. The retailer determined that because the vendors were required to have site to site VPN’s no other security action was taken. To prove to the retailer the monetary value of this risk, which of the following type of calculations is needed?

 

A.

Residual Risk calculation

B.

A cost/benefit analysis

C.

Quantitative Risk Analysis

D.

Qualitative Risk Analysis

 

Correct Answer: C

 

 

QUESTION 122

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?

 

A.

Isolate the system on a secure network to limit its contact with other systems

B.

Implement an application layer firewall to protect the payroll system interface

C.

Monitor the system’s security log for unauthorized access to the payroll application

D.

Perform reconciliation of all payroll transactions on a daily basis

 

Correct Answer: A

 

 

QUESTION 123

A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is concerned about the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a downside of using presence technology?

 

A.

Insider threat

B.

Network reconnaissance

C.

Physical security

D.

Industrial espionage

 

Correct Answer: C

 

 

 

 

QUESTION 124

The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?

 

A.

Capture process ID data and submit to anti-virus vendor for review.

B.

Reboot the Linux servers, check running processes, and install needed patches.

C.

Remove a single Linux server from production and place in quarantine.

D.

Notify upper management of a security breach.

E.

Conduct a bit level image, including RAM, of one or more of the Linux servers.

 

Correct Answer: E

 

 

QUESTION 125

A new IT company has hired a security consultant to implement a remote access system, which will enable employees to telecommute from home using both company issued as well as personal computing devices, including mobile devices. The company wants a flexible system to provide confidentiality and integrity for data in transit to the company’s internally developed application GUI. Company policy prohibits employees from having administrative rights to company issued devices. Which of the following remote access solutions has the lowest technical complexity?

 

A.

RDP server

B.

Client-based VPN

C.

IPSec

D.

Jump box

E.

SSL VPN

 

Correct Answer: A

 

 

QUESTION 126

Ann is testing the robustness of a marketing website through an intercepting proxy. She has intercepted the following HTTP request:

 

POST /login.aspx HTTP/1.1

 

Host: comptia.org

 

Content-type: text/html

 

txtUsername=ann&txtPassword=ann&alreadyLoggedIn=false&submit=true

 

Which of the following should Ann perform to test whether the website is susceptible to a simple authentication bypass?

 

A.

Remove all of the post data and change the request to /login.aspx from POST to GET

B.

Attempt to brute force all usernames and passwords using a password cracker

C.

Remove the txtPassword post data and change alreadyLoggedIn from false to true

D.

Remove the txtUsername and txtPassword post data and toggle submit from true to false

 

Correct Answer: C

QUESTION 127

During a new desktop refresh, all hosts are hardened at the OS level before deployment to comply with policy. Six months later, the company is audited for compliance to regulations. The audit discovers that 40 percent of the desktops do not meet requirements. Which of the following is the MOST likely cause of the noncompliance?

 

A.

The devices are being modified and settings are being overridden in production.

B.

The patch management system is causing the devices to be noncompliant after issuing the latest patches.

C.

The desktop applications were configured with the default username and password.

D.

40 percent of the devices use full disk encryption.

 

Correct Answer: A

 

 

QUESTION 128

VPN users cannot access the active FTP server through the router but can access any server in the data center.

 

Additional network information:

 

DMZ network – 192.168.5.0/24 (FTP server is 192.168.5.11)

 

VPN network – 192.168.1.0/24

 

Datacenter – 192.168.2.0/24

 

User network – 192.168.3.0/24

 

HR network – 192.168.4.0/24

 

Traffic shaper configuration:

 

VLAN Bandwidth Limit (Mbps)

 

VPN50

 

User175

 

HR250

 

Finance250

 

Guest0

 

Router ACL:

 

ActionSourceDestination

 

Permit192.168.1.0/24192.168.2.0/24

 

Permit192.168.1.0/24192.168.3.0/24

 

Permit192.168.1.0/24192.168.5.0/24

 

Permit192.168.2.0/24192.168.1.0/24

 

Permit192.168.3.0/24192.168.1.0/24

 

Permit192.168.5.1/32192.168.1.0/24

 

Deny192.168.4.0/24192.168.1.0/24

 

Deny192.168.1.0/24192.168.4.0/24

 

Denyanyany

 

Which of the following solutions would allow the users to access the active FTP server?

 

A.

Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network

B.

Add a permit statement to allow traffic to 192.168.5.1 from the VPN network

C.

IPS is blocking traffic and needs to be reconfigured

D.

Configure the traffic shaper to limit DMZ traffic

E.

Increase bandwidth limit on the VPN network

 

Correct Answer: A

 

 

QUESTION 129

An information security assessor for an organization finished an assessment that identified critical issues with the human resource new employee management software application. The assessor submitted the report to senior management but nothing has happened. Which of the following would be a logical next step?

 

A.

Meet the two key VPs and request a signature on the original assessment.

B.

Include specific case studies from other organizations in an updated report.

C.

Schedule a meeting with key human resource application stakeholders.

D.

Craft an RFP to begin finding a new human resource application.

 

Correct Answer: C

 

 

QUESTION 130

A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach to risk management?

 

A.

Subjective and based on an individual’s experience.

B.

Requires a high degree of upfront work to gather environment details.

C.

Difficult to differentiate between high, medium, and low risks.

D.

Allows for cost and benefit analysis.

E.

Calculations can be extremely complex to manage.

 

Correct Answer: A

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized. Bookmark the permalink.