[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 311-320

Ensurepass

QUESTION 311

A WAF without customization will protect the infrastructure from which of the following attack combinations?

 

A.

DDoS, DNS poisoning, Boink, Teardrop

B.

Reflective XSS, HTTP exhaustion, Teardrop

C.

SQL Injection, DOM based XSS, HTTP exhaustion

D.

SQL Injection, CSRF, Clickjacking

 

Correct Answer: C

 

 

QUESTION 312

A small comp
any hosting multiple virtualized client servers on a single host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage solution. Which of the following is the hosting company MOST likely trying to achieve?

 

A.

Increased customer data availability

B.

Increased customer data confidentiality

C.

Increased security through provisioning

D.

Increased security through data integrity

 

Correct Answer: A

 

 

QUESTION 313

A company has a single subnet in a small office. The administrator wants to limit non-web related traffic to the corporate intranet server as well as prevent abnormal HTTP requests and HTTP protocol anomalies from causing problems with the web server. Which of the following is the MOST likely solution?

 

A.

Application firewall and NIPS

B.

Edge firewall and HIDS

C.

ACLs and anti-virus

D.

Host firewall and WAF

 

Correct Answer: D

QUESTION 314

Company ABC was formed by combining numerous companies which all had multiple databases, web portals, and cloud data sets. Each data store had a unique set of custom developed authentication mechanisms and schemas. Which of the following approaches to combining the disparate mechanisms has the LOWEST up front development costs?

 

A.

Attestation

B.

PKI

C.

Biometrics

D.

Federated IDs

 

Correct Answer: D

 

 

QUESTION 315

A security manager is developing new policies and procedures. Which of the following is a best practice in end user security?

 

A.

Employee identity badges and physical access controls to ensure only staff are allowed onsite.

B.

A training program that is consistent, ongoing, and relevant.

C.

Access controls to prevent end users from gaining access to confidential data.

D.

Access controls for computer systems and networks with two-factor authentication.

 

Correct Answer: B

 

 

QUESTION 316

An intrusion detection system logged an attack attempt from a remote IP address. One week later, the attacker successfully compromised the network. Which of the following MOST likely occurred?

 

A.

The IDS generated too many false negatives.

B.

The attack occurred after hours.

C.

The IDS generated too many false positives.

D.

No one was reviewing the IDS event logs.

 

Correct Answer: D

 

 

QUESTION 317

A helpdesk manager at a financial company has received multiple reports from employees and customers that their phone calls sound metallic on the voice system. The helpdesk has been using VoIP lines encrypted from the handset to the PBX for several years. Which of the following should be done to address this issue for the future?

 

A.

SIP session tagging and QoS

B.

A dedicated VLAN

C.

Lower encryption setting

D.

Traffic shaping

 

Correct Answer: B

 

 

QUESTION 318

An administrator at a small company replaces servers whenever budget money becomes available. Over the past several years the company has acquired and still uses 20 servers and 50 desktops from five different computer manufacturers. Which of the following are management challenges and risks associated with this style of technology lifecycle management?

 

A.

Decreased security posture, decommission of outdated hardware, inability to centrally manage, and performance bottlenecks on old hardware.

B.

Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware.

C.

OS end-of-support issues, ability to backup data, hardware parts availability, and firmware update availability and management.

D.

Inability to use virtualization, trusted OS complexities, and multiple patch versions based on OS dependency.

 

Correct Answer: B

 

 

QUESTION 319

The security manager of a company has hired an external consultant to conduct a security assessment of the company network. The contract stipulates that the consultant is not allowed to transmit any data on the company network while performing wired and wireless security assessments. Which of the following technical means can the consultant use to determine the manufacturer and likely operating system of the company wireless and wired network devices, as well as the computers connected to the company network?

 

A.

Social engineering

B.

Protocol analyzer

C.

Port scanner

D.

Grey box testing

 

Correct Answer: B

 

 

QUESTION 320

A security engineer is implementing a new solution designed to process e-business transactions and record them in a corporate audit database. The project has multiple technical stakeholders. The database team controls the physical database resources, the internal audit division controls the audit records in the database, the web hosting team is responsible for implementing the website front end and shopping cart application, and the accounting department is responsible for processing the transaction and interfacing with the payment processor. As the solution owner, the security engineer is responsible for ensuring which of the following?

 

A.

Ensure the process functions in a secure manner from customer input to audit review.

B.

Security solutions result in zero additional processing latency.

C.

Ensure the process of storing audit records is in compliance with applicable laws.

D.

Web transactions are conducted in a secure network channel.

 

Correct Answer: A

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CAS-002 Exam Questions (December) and tagged , , , , , , . Bookmark the permalink.