[Free] 2018(Jan) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 61-70

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 61 – (Topic 1)

A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organization’s configuration management process using?

  1. Agile

  2. SDL

  3. Waterfall

  4. Joint application development

Answer: A

Question No: 62 – (Topic 1)

A company is facing penalties for failing to effectively comply with e-discovery requests. Which of the following could reduce the overall risk to the company from this issue?

  1. Establish a policy that only allows filesystem encryption and disallows the use of individual file encryption.

  2. Require each user to log passwords used for file encryption to a decentralized repository.

  3. Permit users to only encrypt individual files using their domain password and archive all old user passwords.

  4. Allow encryption only by tools that use public keys from the existing escrowed corporate PKI.

Answer: D

Question No: 63 – (Topic 1)

Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZ’s hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal. Which of the following BEST describes the core concerns of the security architect?

  1. Most of company XYZ’s customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.

  2. The availability requirements in SLAs with each hosted customer would have to be re- written to account for the transfer of virtual machines between physical platforms for regular maintenance.

  3. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.

  4. Not all of company XYZ’s customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.

Answer: C

Question No: 64 – (Topic 1)

A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization’s customer database. The database will be accessed by both the company’s users and its customers. The procurement department has asked what security activities must be performed for the deal to proceed. Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO).

  1. Physical penetration test of the datacenter to ensure there are appropriate controls.

  2. Penetration testing of the solution to ensure that the customer data is well protected.

  3. Security clauses are implemented into the contract such as the right to audit.

  4. Review of the organizations security policies, procedures and relevant hosting certifications.

  5. Code review of the solution to ensure that there are no back doors located in the software.

Answer: C,D

Question No: 65 – (Topic 1)

The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53?

  1. PING



  4. NMAP

Answer: D

Question No: 66 – (Topic 1)

A security administrator wants to deploy a dedicated storage solution which is inexpensive,

can natively integrate with AD, allows files to be selectively encrypted and is suitable for a small number of users at a satellite office. Which of the following would BEST meet the requirement?

  1. SAN

  2. NAS

  3. Virtual SAN

  4. Virtual storage

Answer: B

Question No: 67 – (Topic 1)

A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO’s requirement?

  1. GRC

  2. IPS

  3. CMDB

  4. Syslog-ng

  5. IDS

Answer: A

Question No: 68 – (Topic 1)

Company ABC’s SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new SAN?

  1. Enable multipath to increase availability

  2. Enable deduplication on the storage pools

  3. Implement snapshots to reduce virtual disk size

  4. Implement replication to offsite datacenter

Answer: B

Question No: 69 – (Topic 1)

An external penetration tester compromised one of the client organization’s authentication servers and retrieved the password database. Which of the following methods allows the penetration tester to MOST efficiently use any obtained administrative credentials on the client organization’s other systems, without impacting the integrity of any of the systems?

  1. Use the pass the hash technique

  2. Use rainbow tables to crack the passwords

  3. Use the existing access to change the password

  4. Use social engineering to obtain the actual password

Answer: A

Question No: 70 – (Topic 1)

An organization is concerned with potential data loss in the event of a disaster, and created a backup datacenter as a mitigation strategy. The current storage method is a single NAS used by all servers in both datacenters. Which of the following options increases data availability in the event of a datacenter failure?

  1. Replicate NAS changes to the tape backups at the other datacenter.

  2. Ensure each server has two HBAs connected through two routes to the NAS.

  3. Establish deduplication across diverse storage paths.

  4. Establish a SAN that replicates between datacenters.

Answer: D

100% Ensurepass Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Ensurepass Free Guaranteed!
CAS-002 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.