[Free] 2018(Jan) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 41-50

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 41 – (Topic 1)

Company A needs to export sensitive data from its financial system to company B’s database, using company B’s API in an automated manner. Company A’s policy prohibits the use of any intermediary external systems to transfer or store its sensitive data, therefore the transfer must occur directly between company A’s financial system and company B’s destination server using the supplied API. Additionally, company A’s legacy financial software does not support encryption, while company B’s API supports encryption. Which of the following will provide end-to-end encryption for the data transfer while adhering to these requirements?

  1. Company A must install an SSL tunneling software on the financial system.

  2. Company A’s security administrator should use an HTTPS capable browser to transfer the data.

  3. Company A should use a dedicated MPLS circuit to transfer the sensitive data to company B.

  4. Company A and B must create a site-to-site IPSec VPN on their respective firewalls.

Answer: A

Question No: 42 – (Topic 1)

The technology steering committee is struggling with increased requirements stemming from an increase in telecommuting. The organization has not addressed telecommuting in the past. The implementation of a new SSL-VPN and a VOIP phone solution enables personnel to work from remote locations with corporate assets. Which of the following steps must the committee take FIRST to outline senior management’s directives?

  1. Develop an information classification scheme that will properly secure data on corporate systems.

  2. Implement database views and constrained interfaces so remote users will be unable to access PII from personal equipment.

  3. Publish a policy that addresses the security requirements for working remotely with company equipment.

  4. Work with mid-level managers to identify and document the proper procedures for telecommuting.

Answer: C

Question No: 43 – (Topic 1)

A network administrator with a company’s NSP has received a CERT alert for targeted adversarial behavior at the company. In addition to the company’s physical security, which of the following can the network administrator use to detect the presence of a malicious actor physically accessing the company’s network or information systems from within? (Select TWO).

  1. RAS

  2. Vulnerability scanner

  3. HTTP intercept

  4. HIDS

  5. Port scanner

  6. Protocol analyzer

Answer: D,F

Question No: 44 – (Topic 1)

A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware file, which of the following helps to determine when the system became infected?

  1. The malware file’s modify, access, change time properties.

  2. The timeline analysis of the file system.

  3. The time stamp of the malware in the swap file.

  4. The date/time stamp of the malware detection in the antivirus logs.

Answer: B

Question No: 45 – (Topic 1)

A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this policy. One system will be upgraded in six months, and two are not expected to be upgraded or removed from the network. Which of the following processes should be


  1. Establish a risk matrix

  2. Inherit the risk for six months

  3. Provide a business justification to avoid the risk

  4. Provide a business justification for a risk exception

Answer: D

Question No: 46 – (Topic 1)

An intruder was recently discovered inside the data center, a highly sensitive area. To gain access, the intruder circumvented numerous layers of physical and electronic security measures. Company leadership has asked for a thorough review of physical security controls to prevent this from happening again. Which of the following departments are the MOST heavily invested in rectifying the problem? (Select THREE).

  1. Facilities management

  2. Human resources

  3. Research and development

  4. Programming

  5. Data center operations

  6. Marketing

  7. Information technology

Answer: A,E,G

Question No: 47 – (Topic 1)

A security administrator wants to calculate the ROI of a security design which includes the purchase of new equipment. The equipment costs $50,000 and it will take 50 hours to install and configure the equipment. The administrator plans to hire a contractor at a rate of

$100/hour to do the installation. Given that the new design and equipment will allow the company to increase revenue and make an additional $100,000 on the first year, which of the following is the ROI expressed as a percentage for the first year?

  1. -45 percent

  2. 5.5 percent

  3. 45 percent

  4. 82 percent

Answer: D

Question No: 48 – (Topic 1)

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete?

  1. They should logon to the system using the username concatenated with the 6-digit code and their original password.

  2. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code.

  3. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed.

  4. They should use the username format: first.lastname@company.com, together with a password and their 6-digit code.

Answer: D

Question No: 49 – (Topic 1)

The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company’s contribution to worldwide Distributed Denial of Service (DDoS) attacks.

Which of the following should the ISP implement? (Select TWO).

  1. Block traffic from the ISP’s networks destined for blacklisted IPs.

  2. Prevent the ISP’s customers from querying DNS servers other than those hosted by the ISP.

  3. Scan the ISP’s customer networks using an up-to-date vulnerability scanner.

  4. Notify customers when services they run are involved in an attack.

  5. Block traffic with an IP source not allocated to customers from exiting the ISP#39;s network.

Answer: D,E

Question No: 50 – (Topic 1)

A Chief Financial Officer (CFO) has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently funded a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation?

  1. The CFO is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.

  2. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.

  3. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the CFO.

  4. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.

Answer: D

100% Ensurepass Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Ensurepass Free Guaranteed!
CAS-002 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.