[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 71-80

Ensurepass

QUESTION 71

An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the following practices satisfy continuous monitoring of authorized information systems?

 

A.

Independent verification and validation

B.

Security test and evaluation

C.

Risk assessment

D.

Ongoing authorization

 

Correct Answer: D

 

 

QUESTION 72

A security administrator was doing a packet capture and noticed a system communicating with an unauthorized address within the 2001::/32 prefix. The network administrator confirms there is no IPv6 routing into or out of the network. Which of the following is the BEST course of action?

 

A.

Investigate the network traffic and block UDP port 3544 at the firewall

B.

Remove the system from the network and disable IPv6 at the router

C.

Locate and remove the unauthorized 6to4 relay from the network

D.

Disable the switch port and block the 2001::/32 traffic at the firewall

 

Correct Answer: A

 

 

QUESTION 73

A small company’s Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company’s security posture quickly with regard to targeted attacks. Which of the following should the CSO conduct FIRST?

 

A.

Survey threat feeds from services inside the same industry.

B.

Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic.

C.

Conduct an internal audit against industry best practices to perform a qualitative analysis.

D.

Deploy a UTM solution that receives frequent updates from a trusted industry vendor.

 

Correct Answer: A

 

 

QUESTION 74

A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this information and why would it be valuable?

 

A.

This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection.

B.

This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network.

C.

This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections.

D.

This information can be found by querying the network’s DNS servers, and is valuable because backup DNS servers typically allow recursive queries from Internet hosts.

 

Correct Answer: A

 

 

 

 

 

 

 

 

QUESTION 75

A university requires a significant increase in web and database server resources for one week, twice a year, to handle student registration. The web servers remain idle for the rest of the year. Which of the following is the MOST cost effective way for the university to securely handle student registration?

 

A.

Virtualize the web servers locally to add capacity during registration.

B.

Move the database servers to an elastic private cloud while keeping the web servers local.

C.

Move the database servers and web servers to an elastic private cloud.

D.

Move the web servers to an elastic public cloud while keeping the database servers local.

 

Correct Answer: D

 

 

QUESTION 76

A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO’s requirement?

 

A.

GRC

B.

IPS

C.

CMDB

D.

Syslog-ng

E.

IDS

 

Correct Answer: A

 

 

QUESTION 77

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

 

A.

Implement an IPS to block the application on the network

B.

Implement the remote application out to the rest of the servers

C.

Implement SSL VPN with SAML standards for federation

D.

Implement an ACL on the firewall with NAT for remote access

 

Correct Answer: C

 

 

QUESTION 78

A network administrator with a company’s NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the company’s physical security, which of the following can the network administrator use to detect the presence of a malicious actor physically accessing the company’s network or information systems from within? (Select TWO).

 

A.

RAS

B.

Vulnerability scanner

C.

HTTP intercept

D.

HIDS

E.

Port scanner

F.

Protocol analyzer

 

Correct Answer: DF

 

 

QUESTION 79

A company is deploying a new iSCSI-based SAN. The requirements are as follows:

 

clip_image002SAN nodes must authenticate each other.

clip_image002[1]Shared keys must NOT be used.

clip_image002[2]Do NOT use encryption in order to gain performance.

 

Which of the following design specifications meet all the requirements? (Select TWO).

 

A.

Targets use CHAP authentication

B.

IPSec using AH with PKI certificates for authentication

C.

Fiber channel should be used with AES

D.

Initiators and targets use CHAP authentication

E.

Fiber channel over Ethernet should be used

F.

IPSec using AH with PSK authentication and 3DES

G.

Targets have SCSI IDs for authentication

 

Correct Answer: BD

 

 

QUESTION 80

An analyst connects to a company web conference hosted on www.webconference.com/meetingID#01234 and observes that numerous guests have been allowed to join, without providing identifying information. The topics covered during the web conference are considered proprietary to the company. Which of the following security concerns does the analyst present to management?

 

A.

Guest users could present a risk to the integrity of the company’s information

B.

Authenticated users could sponsor guest access that was previously approved by management

C.

Unauthenticated users could present a risk to the confidentiality of the company’s information

D.

Meeting owners could sponsor guest access if they have passed a background check

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in Uncategorized. Bookmark the permalink.