[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 151-160

Ensurepass

QUESTION 151

A company is trying to decide how to manage hosts in a branch location connected via a slow WAN link. The company desires to provide the same level of performance and functionality to the branch office as it provides to the main campus. The company uses Active Directory for its directory service and host configuration management. The branch location does not have a datacenter, and the physical security posture of the building is weak. Which of the following designs is MOST appropriate for this scenario?

 

A.

Deploy a branch location Read-Only Domain Controller in the DMZ at the main campus with a two-way trust.

B.

Deploy a corporate Read-Only Domain Controller to the branch location.

C.

Deploy a corporate Domain Controller in the DMZ at the main campus.

D.

Deploy a branch location Read-Only Domain Controller to the branch office location with a one-way trust.

E.

Deploy a corporate Domain Controller to the branch location.

F.

Deploy a branch location Domain Controller to the branch location with a one-way trust.

 

Correct Answer: B

 

 

QUESTION 152

A company that must comply with regulations is searching for a laptop encryption product to use for its 40,000 end points. The product must meet regulations but also be flexible enough to minimize overhead and support in regards to password resets and lockouts. Which of the following implementations would BEST meet the needs?

 

A.

A partition-based software encryption product with a low-level boot protection and authentication

B.

A container-based encryption product that allows the end users to select which files to encrypt

C.

A full-disk hardware-based encryption product with a low-level boot protection and authentication

D.

< /td>

A file-based encryption product using profiles to target areas on the file system to encrypt

 

Correct Answer: D

 

 

 

QUESTION 153

Since the implementation of IPv6 on the company network, the security administrator has been unable to identify the users associated with certain devices utilizing IPv6 addresses, even when the devices are centrally managed.

 

en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500

 

ether f8:1e:af:ab:10:a3

 

inet6 fw80::fa1e:dfff:fee6:9d8%en1 prefixlen 64 scopeid 0x5

 

inet 192.168.1.14 netmask 0xffffff00 broadcast 192.168.1.255

 

inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen 64 autoconf

 

inet6 2001:200:5:922:10ab:5e21:aa9a:6393 prefixlen 64 autoconf temporary

 

nd6 options=1<PERFORMNUD>

 

media: autoselect

 

status: active

 

Given this output, which of the following protocols is in use by the company and what can the system administrator do to positively map users with IPv6 addresses in the future? (Select TWO).

 

A.

The devices use EUI-64 format

B.

The routers implement NDP

C.

The network implements 6to4 tunneling

D.

The router IPv6 advertisement has been disabled

E.

The administrator must disable IPv6 tunneling

F.

The administrator must disable the mobile IPv6 router flag

G.

The administrator must disable the IPv6 privacy extensions

H.

The administrator must disable DHCPv6 option code 1

 

Correct Answer: BG

 

 

QUESTION 154

A company has a difficult time communicating between the security engineers, application developers, and sales staff. The sales staff tends to overpromise the application deliverables. The security engineers and application developers are falling behind schedule. Which of the following should be done to solve this?

 

A.

Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliver
ables.

B.

Allow the security engineering team to do application development so they understand why it takes so long.

C.

Allow the application developers to attend a sales conference so they understand how business is done.

D.

Allow the sales staff to learn application programming and security engineering so they understand the whole lifecycle.

 

Correct Answer: A

QUESTION 155

A security analyst, Ann, states that she believes Internet facing file transfer servers are being attacked. Which of the following is evidence that would aid Ann in making a case to management that action needs to be taken to safeguard these servers?

 

A.

Provide a report of all the IP addresses that are connecting to the systems and their locations

B.

Establish alerts at a certain threshold to notify the analyst of high activity

C.

Provide a report showing the file transfer logs of the servers

D.

Compare the current activity to the baseline of normal activity

 

Correct Answer: D

 

 

QUESTION 156

A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two- factor authentication for customer access to the administrative website. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data from customer A was found on a hidden directory within the VM of company B. Company B is not in the same industry as company A and the two are not competitors. Which of the following has MOST likely occurred?

 

A.

Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.

B.

A stolen two factor token was used to move data from one virtual guest to another host on the same network segment.

C.

A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access.

D.

An employee with administrative access to the virtual guests was able to dump the guest memory onto a mapped disk.

 

Correct Answer: A

 

 

QUESTION 157

A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The programmers are not on good terms with the security team and do not want to be distracted with security issues while they are working on a major project. Which of the following is the BEST time to make them address security issues in the project?

 

A.

In the middle of the project

B.

At the end of the project

C.

At the inception of the project

D.

At the time they request

 

Correct Answer: C

 

 

 

 

 

 

 

 

QUESTION 158

DRAG DROP

IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern. Options may be used once or not at all.

 

clip_image002

 

Correct Answer:

clip_image004

 

 

 

 

 

 

 

 

 

 

 

 

QUESTION 159

A bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/JSON calls. The bank wants to ensure that the communication is stateless between the mobile application and the web services gateway. Which of the following controls MUST be implemented to enable stateless communication?

 

A.

Generate a one-time key as part of the device registration process.

B.

Require SSL between the mobile application and the web services gateway.

C.

The jsession cookie should be stored securely after authentication.

D.

Authentication assertion should be stored securely on the client.

 

Correct Answer: D

 

 

QUESTION 160

A security tester is testing a website and performs the following manual query:

 

https://www.comptia.com/cookies.jsp?products=5%20and%201=1

 

The following response is received in the payload:

 

“ORA-000001: SQL command not properly ended”

 

Which of the following is the response an example of?

 

A.

Fingerprinting

B.

Cross-site scripting

C.

SQL injection

D.

Privilege escalation

 

Correct Answer: A

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized. Bookmark the permalink.