[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 141-150

Ensurepass

QUESTION 141

An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000, ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the accountant?

 

A.

$4,800

B.

$24,000

C.

$96,000

D.

$120,000

 

Correct Answer: C

 

 

QUESTION 142

An administrator is implementing a new network-based storage device. In selecting a storage protocol, the administrator would like the data in transit’s integrity to be the most important concern. Which of the following protocols meets these needs by implementing either AES-CMAC or HMAC-SHA256 to sign data?

 

A.

SMB

B.

NFS

C.

FCoE

D.

iSCSI

 

Correct Answer: A

 

 

QUESTION 143

A security administrator has been asked to select a cryptographic algorithm to meet the criteria of a new application. The application utilizes streaming video that can be viewed both on computers and mobile devices. The application designers have asked that the algorithm support the transport encryption with the lowest possible performance overhead. Which of the following recommendations would BEST meet the needs of the application designers? (Select TWO).

 

A.

Use AES in Electronic Codebook mode

B.

Use RC4 in Cipher Block Chaining mode

C.

Use RC4 with Fixed IV generation

D.

Use AES with cipher text padding

E.

Use RC4 with a nonce generated IV

F.

Use AES in Counter mode

 

Correct Answer: EF

 

 

 

 

 

 

 

 

 

 

 

QUESTION 144

DRAG DROP

A manufacturer is planning to build a segregated network. There are requirements to segregate development and test infrastructure from production and the need to support multiple entry points into the network depending on the service being accessed. There are also strict rules in place to only permit user access from within the same zone. Currently, the following access requirements have been identified:

 

1. Developers have the ability to perform technical validation of development applications.

2. End users have the ability to access internal web applications.

3. Third-party vendors have the ability to support applications.

 

In order to meet segregation and access requirements, drag and drop the appropriate network zone that the user would be accessing and the access mechanism to meet the above criteria. Options may be used once or not at all. All placeholders must be filled.

 

clip_image001

 

Correct Answer:

clip_image002

 

 

QUESTION 145

Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows:

 

Delivered-To: customer@example.com

 

Received: by 10.14.120.205

 

Mon, 1 Nov 2010 11:15:24 -0700 (PDT)

 

Received: by 10.231.31.193

 

Mon, 01 Nov 2010 11:15:23 -0700 (PDT)

 

Return-Path: <IT@company.com>

 

Received: from 127.0.0.1 for <customer@example.com>; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from <IT@company.com>)

 

Received: by smtpex.example.com (SMTP READY)

 

with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500

Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500

 

From: Company <IT@Company.com>

 

To: “customer@example.com” <customer@example.com>

 

Date: Mon, 1 Nov 2010 13:15:11 -0500

 

Subject: New Insurance Application

 

Thread-Topic: New Insurance Application

 

Please download and install software from the site below to maintain full access to your account.

 

www.examplesite.com

 

________________________________

 

Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11.

 < /span>

The network’s subnet is 192.168.2.0/25.

 

Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).

 

A.

Identify the origination point for malicious activity on the unauthorized mail server.

B.

Block port 25 on the firewall for all unauthorized mail servers.

C.

Disable open relay functionality.

D.

Shut down the SMTP service on the unauthorized mail server.

E.

Enable STARTTLS on the spam filter.

 

Correct Answer: BD

 

 

QUESTION 146

The IT director has charged the company helpdesk with sanitizing fixed and removable media. The helpdesk manager has written a new procedure to be followed by the helpdesk staff. This procedure includes the current standard to be used for data sanitization, as well as the location of physical degaussing tools. In which of the following cases should the helpdesk staff use the new procedure? (Select THREE).

 

A.

During asset disposal

B.

While reviewing the risk assessment

C.

While deploying new assets

D.

Before asset repurposing

E.

After the media has been disposed of

F.

During the data classification process

G.

When installing new printers

H.

When media fails or is unusable

 

Correct Answer: ADH

 

 

 

QUESTION 147

An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month. The new software product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per month and be more secure. How many years until there is a return on investment for this new package?

 

A.

1

B.

2

C.

3

D.

4

 

Correct Answer: D

 

 

QUESTION 148

The telecommunications manager wants to improve the process for assigning company- owned mobile devices and ensuring data is properly removed when no longer needed. Additionally, the manager wants to onboard and offboard personally owned mobile devices that will be used in the BYOD initiative. Which of the following should be implemented to ensure these processes can be automated? (Select THREE).

 

A.

SIM’s PIN

B.

Remote wiping

C.

Chargeback system

D.

MDM software

E.

Presence software

F.

Email profiles

G.

Identity attestation

H.

GPS tracking

 

Correct Answer: BDG

 

 

QUESTION 149

After reviewing a company’s NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS export. The security administrator decides to remove the no_root_squash directive from the export and add the nosuid directive. Which of the following is true about the security controls implemented by the security administrator?

 

A.

The newly implemented security controls are in place to ensure that NFS encryption can only be controlled by the root user.

B.

Removing the no_root_squash directive grants the root user remote NFS read/write access to important files owned by root on the NAS.

C.

Users with root access on remote NFS client computers can always use the SU command to modify other user’s files on the NAS.

D.

Adding the nosuid directive disables regular users from accessing files owned by the root user over NFS even after using the SU command.

 

Correct Answer: C

 

 

QUESTION 150

ODBC access to a database on a network-connected host is required. The host does not have a security mechanism to authenticate the incoming ODBC connection, and the application requires that the connection have read/write permissions. In order to further secure the data, a nonstandard configuration would need to be implemented. The information in the database is not sensitive, but was not readily accessible prior to the implementation of the ODBC connection. Which of the following actions should be taken by the security analyst?

 

A.

Accept the risk in order to keep the system within the company’s standard security configuration.

B.

Explain the risks to the data owner and aid in the decision to accept the risk versus choosing a nonstandard solution.

C.

Secure the data despite the need to use a security control or solution that is not within company standards.

D.

Do not allow the connection to be made to avoid unnecessary risk and avoid deviating from the standard security configuration.

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-002 Exam Questions (December) and tagged , , , , , , . Bookmark the permalink.