QUESTION 191
A security solutions architect has argued consistently to implement the most secure method of encrypting corporate messages. The solution has been derided as not being cost effective by other members of the IT department. The proposed solution uses symmetric keys to encrypt all messages and is very resistant to unauthorized decryption. The method also requires special handling and security for all key material that goes above and beyond most encryption systems. Which of the following is the solutions architect MOST likely trying to implement?
A. |
One time pads |
B. |
PKI |
C. |
Quantum cryptography |
D. |
Digital rights management |
Correct Answer: A
QUESTION 192
CORRECT TEXT
An administrator wants to install a patch to an application. Given the scenario, download, verify and install the patch in the most secure manner.
Instructions:
The last install that is completed will be the final submission.
Correct Answer:
In this case the second link should be used (This may vary in actual exam). The first link showed the following error so it should not be used.
Also, Two of the link choices used HTTP and not HTTPS as shown when hovering over the links as shown:
Since we need to do this in the most secure manner possible, they should not be used.
Finally, the second link was used and the MD5 utility of MD5sum should be used on the install.exe file as shown. Make sure that the hash matches.
Finally, type in install.exe to install it and make sure there are no signature verification errors.
QUESTION 193
A company Chief Information Officer (CIO) is unsure which set of standards should govern the company’s IT policy. The CIO has hired consultants to develop use cases to test against various government and industry security standards. The CIO is convinced that there is large overlap between the configuration checks and security controls governing each set of standards. Which of the following selections represent the BEST option for the CIO?
A. font> |
Issue a RFQ for vendors to quote a complete vulnerability and risk management solution to the company. |
B. |
Issue a policy that requires only the most stringent security standards be implemented throughout the company. |
C. |
Issue a policy specifying best practice security standards and a baseline to be implemented across the company. |
D. |
Issue a RFI for vendors to determine which set of security standards is best for the company. |
Correct Answer: C
QUESTION 194
A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various security devices compiled from a report through the company’s security information and event management server.
Logs:
Log 1:
Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 10.2.5.81 3 packets
Log 2:
HTTP://www.company.com/index.php?user=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Log 3:
Security Error Alert
Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client
Log 4:
Encoder oe = new OracleEncoder ();
String query = “Select user_id FROM user_data WHERE user_name = ` “
+ oe.encode ( req.getParameter(“userID”) ) + ” ` and user_password = ` “
+ oe.encode ( req.getParameter(“pwd”) ) +” ` “;
Vulnerabilities
Buffer overflow
SQL injection
ACL
XSS
Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select TWO).
A. |
Log 1 |
B. |
Log 2 |
C. |
Log 3 |
D. |
Log 4 |
E. |
Buffer overflow |
F. |
ACL |
G. |
XSS |
H. |
SQL injection |
Correct Answer: BE
QUESTION 195
Using SSL, an administrator wishes to secure public facing server farms in three subdomains: dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the following is the number of wildcard SSL certificates that should be purchased?
A. |
0 |
B. |
1 |
C. |
3 |
D. |
6 |
Correct Answer: C
QUESTION 196
A security manager is looking into the following vendor proposal for a cloud-based SIEM solution. The intention is that the cost of the SIEM solution will be justified by having reduced the numbe
r of incidents and therefore saving on the amount spent investigating incidents.
Proposal:
External cloud-based software as a service subscription costing $5,000 per month. Expected to reduce the number of current incidents per annum by 50%.
The company currently has ten security incidents per annum at an average cost of $10,000 per incident. Which of the following is the ROI for this proposal after three years?
A. |
-$30,000 |
B. |
$120,000 |
C. |
$150,000 |
D. |
$180,000 |
Correct Answer: A
QUESTION 197
A senior network security engineer has been tasked to decrease the attack surface of the corporate network. Which of the following actions would protect the external network interfaces from external attackers performing network scanning?
A. |
Remove contact details from the domain name registrar to prevent social engineering attacks. |
B. |
Test external interfaces to see how they function when they process fragmented IP packets. |
C. |
Enable a honeynet to capture and facilitate future analysis of malicious attack vectors. |
D. |
Filter all internal ICMP message traffic, forcing attackers to use full-blown TCP port scans against external network interfaces. |
Correct Answer: B
QUESTION 198
An IT Manager is concerned about errors made during the deployment process for a new model of tablet. Which of the following would suggest best practices and configuration parameters that technicians could follow during the deployment process?
A. |
Automated workflow |
B. |
Procedure |
C. |
Corporate standard |
D. |
Guideline |
E. |
Policy |
Correct Answer: D
QUESTION 199
A network engineer wants to deploy user-based authentication across the company’s wired and wireless infrastructure at layer 2 of the OSI model. Company policies require that users be centrally managed and authenticated and that each user’s network access be controlled based on the user’s role within the company. Additionally, the central authentication system must support hierarchical trust and the ability to natively authenticate mobile devices and workstations. Which of the following are needed to implement these requirements? (Select TWO).
A. |
SAML |
B. |
WAYF |
C. |
LDAP |
D. |
RADIUS |
E. |
Shibboleth |
F. |
PKI |
Correct Answer: CD
QUESTION 200
During an incident involving the company main database, a team of forensics experts is hired to respond to the breach. The team is in charge of collecting forensics evidence from the company’s database server. Which of the following is the correct order in which the forensics team should engage?
A. |
Notify senior management, secure the scene, capture volatile storage, capture non- volatile storage, implement chain of custody, and analyze original media. |
B. |
Take inventory, secure the scene, capture RAM, capture had drive, implement chain of custody, document, and analyze the data. |
C. |
Implement chain of custody, take inventory, secure the scene, capture volatile and non- volatile storage, and document the findings. |
D. |
Secure the scene, take inventory, capture volatile storage, capture non-volatile storage, document, and implement chain of custody. |
Correct Answer: D
Free VCE & PDF File for CompTIA CAS-002 Real Exam
Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …
100-105 Dumps VCE PDF
200-105 Dumps VCE PDF
300-101 Dumps VCE PDF
300-115 Dumps VCE PDF
300-135 Dumps VCE PDF
300-320 Dumps VCE PDF
400-101 Dumps VCE PDF
640-911 Dumps VCE PDF
640-916 Dumps VCE PDF
70-410 Dumps VCE PDF
70-411 Dumps VCE PDF
70-412 Dumps VCE PDF
70-413 Dumps VCE PDF
70-414 Dumps VCE PDF
70-417 Dumps VCE PDF
70-461 Dumps VCE PDF
70-462 Dumps VCE PDF
70-463 Dumps VCE PDF
70-464 Dumps VCE PDF
70-465 Dumps VCE PDF
70-480 Dumps VCE PDF
70-483 Dumps VCE PDF
70-486 Dumps VCE PDF
70-487 Dumps VCE PDF
220-901 Dumps VCE PDF
220-902 Dumps VCE PDF
N10-006 Dumps VCE PDF
SY0-401 Dumps VCE PDF