[Free] 2018(Jan) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 331-340

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 331 – (Topic 3)

Company ABC was formed by combining numerous companies which all had multiple databases, web portals, and cloud data sets. Each data store had a unique set of custom developed authentication mechanisms and schemas. Which of the following approaches to combining the disparate mechanisms has the LOWEST up front development costs?

  1. Attestation

  2. PKI

  3. Biometrics

  4. Federated IDs

Answer: D

Question No: 332 – (Topic 3)

A process allows a LUN to be available to some hosts and unavailable to others. Which of the following causes such a process to become vulnerable?

  1. LUN masking

  2. Data injection

  3. Data fragmentation

  4. Moving the HBA

Answer: D

Question No: 333 – (Topic 3)

A corporation has expanded for the first time by integrating several newly acquired businesses.

Which of the following are the FIRST tasks that the security team should undertake? (Select TWO).

  1. Remove acquired companies Internet access.

  2. Federate identity management systems.

  3. Install firewalls between the businesses.

  4. Re-image all end user computers to a standard image.

  5. Develop interconnection policy.

  6. Conduct a risk analysis of each acquired company’s networks.

Answer: E,F

Question No: 334 – (Topic 3)

A security consultant is hired by a company to determine if an internally developed web application is vulnerable to attacks. The consultant spent two weeks testing the application, and determines that no vulnerabilities are present. Based on the results of the tools and tests available, which of the following statements BEST reflects the security status of the application?

  1. The company’s software lifecycle management improved the security of the application.

  2. There are no vulnerabilities in the application.

  3. The company should deploy a web application firewall to ensure extra security.

  4. There are no known vulnerabilities at this time.

Answer: D

Question No: 335 – (Topic 3)

About twice a year a switch fails in a company#39;s network center. Under the maintenance contract, the switch would be replaced in two hours losing the business $1,000 per hour. The cost of a spare switch is $3,000 with a 12-hour delivery time and would eliminate downtime costs if purchased ahead of time. The maintenance contract is $1,500 per year.

Which of the following is true in this scenario?

  1. It is more cost-effective to eliminate the maintenance contract and purchase a replacement upon failure.

  2. It is more cost-effective to purchase a spare switch prior to an outage and eliminate the maintenance contract.

  3. It is more cost-effective to keep the maintenance contract instead of purchasing a spare switch prior to an outage.

  4. It is more cost-effective to purchase a spare switch prior to an outage and keep the maintenance contract.

Answer: D

Question No: 336 – (Topic 3)

A small company hosting multiple virtualized client servers on a single host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage solution. Which of the following is the hosting company MOST likely trying to achieve?

  1. Increased customer data availability

  2. Increased customer data confidentiality

  3. Increased security through provisioning

  4. Increased security through data integrity

Answer: A

Question No: 337 – (Topic 3)

A security manager is developing new policies and procedures. Which of the following is a best practice in end user security?

  1. Employee identity badges and physical access controls to ensure only staff are allowed onsite.

  2. A training program that is consistent, ongoing, and relevant.

  3. Access controls to prevent end users from gaining access to confidential data.

  4. Access controls for computer systems and networks with two-factor authentication.

Answer: B

Question No: 338 – (Topic 3)

The VoIP administrator starts receiving reports that users are having problems placing phone calls. The VoIP administrator cannot determine the issue, and asks the security administrator for help. The security administrator reviews the switch interfaces and does

not see an excessive amount of network traffic on the voice network. Using a protocol analyzer, the security administrator does see an excessive number of SIP INVITE packets destined for the SIP proxy. Based on the information given, which of the following types of attacks is underway and how can it be remediated?

  1. Man in the middle attack; install an IPS in front of SIP proxy.

  2. Man in the middle attack; use 802.1x to secure voice VLAN.

  3. Denial of Service; switch to more secure H.323 protocol.

  4. Denial of Service; use rate limiting to limit traffic.

Answer: D

Question No: 339 – (Topic 3)

A new startup company with very limited funds wants to protect the organization from external threats by implementing some type of best practice security controls across a number of hosts located in the application zone, the production zone, and the core network. The 50 hosts in the core network are a mixture of Windows and Linux based systems, used by development staff to develop new applications. The single Windows host in the application zone is used exclusively by the production team to control software deployments into the production zone. There are 10 UNIX web application hosts in the production zone which are publically accessible.

Development staff is required to install and remove various types of software from their hosts on a regular basis while the hosts in the zone rarely require any type of configuration changes.

Which of the following when implemented would provide the BEST level of protection with the LEAST amount of disruption to staff?

  1. NIPS in the production zone, HIPS in the application zone, and anti-virus / anti-malware across all Windows hosts.

  2. NIPS in the production zone, NIDS in the application zone, HIPS in the core network, and anti-virus / anti-malware across all hosts.

  3. HIPS in the production zone, NIPS in the application zone, and HIPS in the core network.

  4. NIDS in the production zone, HIDS in the application zone, and anti-virus / anti-malware across all hosts.

Answer: A

Topic 4, Volume D

Question No: 340 – (Topic 4)

A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO).

  1. The user’s certificate private key must be installed on the VPN concentrator.

  2. The CA’s certificate private key must be installed on the VPN concentrator.

  3. The user certificate private key must be signed by the CA.

  4. The VPN concentrator’s certificate private key must be signed by the CA and installed on the VPN concentrator.

  5. The VPN concentrator’s certificate private key must be installed on the VPN concentrator.

  6. The CA’s certificate public key must be installed on the VPN concentrator.

Answer: E,F

100% Ensurepass Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Ensurepass Free Guaranteed!
CAS-002 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.