♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/CAS-002-exam-dumps.html

Q1. - (Topic 1) 

Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZ’s hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal. Which of the following BEST describes the core concerns of the security architect? 

A. Most of company XYZ’s customers are willing to accept the risks of unauthorized disclosure and access to information by outside users. 

B. The availability requirements in SLAs with each hosted customer would have to be re-written to account for the transfer of virtual machines between physical platforms for regular maintenance. 

C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer. 

D. Not all of company XYZ’s customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings. 

Answer:


Q2. - (Topic 4) 

Company ABC’s SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new SAN? 

A. Enable multipath to increase availability 

B. Enable deduplication on the storage pools 

C. Implement snapshots to reduce virtual disk size 

D. Implement replication to offsite datacenter 

Answer:


Q3. - (Topic 4) 

Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test? 

A. Test password complexity of all login fields and input validation of form fields 

B. Reverse engineering any thick client software that has been provided for the test 

C. Undertaking network-based denial of service attacks in production environment 

D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks 

E. Running a vulnerability scanning tool to assess network and host weaknesses 

Answer:


Q4. - (Topic 3) 

New zero-day attacks are announced on a regular basis against a broad range of technology systems. Which of the following best practices should a security manager do to manage the risks of these attack vectors? (Select TWO). 

A. Establish an emergency response call tree. 

B. Create an inventory of applications. 

C. Backup the router and firewall configurations. 

D. Maintain a list of critical systems. 

E. Update all network diagrams. 

Answer: B,D 


Q5. - (Topic 2) 

An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are: 

1. Each lab must be on a separate network segment. 

2. Labs must have access to the Internet, but not other lab networks. 

3. Student devices must have network access, not simple access to hosts on the lab networks. 

4. Students must have a private certificate installed before gaining access. 

5. Servers must have a private certificate installed locally to provide assurance to the students. 

6. All students must use the same VPN connection profile. 

Which of the following components should be used to achieve the design in conjunction with directory services? 

A. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment 

B. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment 

C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment 

D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment 

Answer:


Q6. - (Topic 1) 

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position? 

A. Least privilege 

B. Job rotation 

C. Mandatory vacation 

D. Separation of duties 

Answer:


Q7. - (Topic 2) 

A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various security devices compiled from a report through the company’s security information and event management server. 

Logs: 

Log 1: 

Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 10.2.5.81 3 packets 

Log 2: 

HTTP://www.company.com/index.php?user=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 

Log 3: Security Error Alert Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream 

and has disconnected the client 

Log 4: 

Encoder oe = new OracleEncoder (); 

String query = “Select user_id FROM user_data WHERE user_name = ‘ ” 

+ oe.encode ( req.getParameter(“userID”) ) + “ ‘ and user_password = ‘ “ 

+ oe.encode ( req.getParameter(“pwd”) ) +” ‘ “; 

Vulnerabilities 

Buffer overflow 

SQL injection 

ACL 

XSS 

Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select TWO). 

A. Log 1 

B. Log 2 

C. Log 3 

D. Log 4 

E. Buffer overflow 

F. ACL 

G. XSS 

H. SQL injection 

Answer: B,E 


Q8. - (Topic 4) 

Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption. Which of the following solutions minimizes the performance impact on the router? 

A. Deploy inline network encryption devices 

B. Install an SSL acceleration appliance 

C. Require all core business applications to use encryption 

D. Add an encryption module to the router and configure IPSec 

Answer:


Q9. - (Topic 2) 

Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows: 

Delivered-To: customer@example.com 

Received: by 10.14.120.205 

Mon, 1 Nov 2010 11:15:24 -0700 (PDT) 

Received: by 10.231.31.193 

Mon, 01 Nov 2010 11:15:23 -0700 (PDT) 

Return-Path: <IT@company.com> 

Received: from 127.0.0.1 for <customer@example.com>; Mon, 1 Nov 2010 13:15:14 -0500 

(envelope-from <IT@company.com>) 

Received: by smtpex.example.com (SMTP READY) 

with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500 Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500 From: Company <IT@Company.com> To: "customer@example.com" <customer@example.com> Date: Mon, 1 Nov 2010 13:15:11 -0500 Subject: New Insurance Application Thread-Topic: New Insurance Application 

Please download and install software from the site below to maintain full access to your account. 

www.examplesite.com 

Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11. 

The network’s subnet is 192.168.2.0/25. 

Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO). 

A. Identify the origination point for malicious activity on the unauthorized mail server. 

B. Block port 25 on the firewall for all unauthorized mail servers. 

C. Disable open relay functionality. 

D. Shut down the SMTP service on the unauthorized mail server. 

E. Enable STARTTLS on the spam filter. 

Answer: B,D 


Q10. - (Topic 2) 

A security auditor suspects two employees of having devised a scheme to steal money from the company. While one employee submits purchase orders for personal items, the other employee approves these purchase orders. The auditor has contacted the human resources director with suggestions on how to detect such illegal activities. Which of the following should the human resource director implement to identify the employees involved in these activities and reduce the risk of this activity occurring in the future? 

A. Background checks 

B. Job rotation 

C. Least privilege 

D. Employee termination procedures 

Answer: