CAS-002 Exam
What Does CAS-002 braindumps Mean?
Our pass rate is high to 98.9% and the similarity percentage between our CAS-002 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA CAS-002 exam in just one try? I am currently studying for the CompTIA CAS-002 exam. Latest CompTIA CAS-002 Test exam practice questions and answers, Try CompTIA CAS-002 Brain Dumps First.
P.S. Practical CAS-002 testing bible are available on Google Drive, GET MORE: https://drive.google.com/open?id=1MWxVvRqKw5P-3mL6Zi7QlXk_26ObOJ_y
New CompTIA CAS-002 Exam Dumps Collection (Question 2 - Question 11)
Q2. An administrator has a system hardening policy to only allow network access to certain services, to always use similar hardware, and to protect from unauthorized application configuration changes.
Which of the following technologies would help meet this policy requirement? (Select TWO).
A. Spam filter
B. Solid state drives
C. Management interface
D. Virtualization
E. Host firewall
Answer: D,E
Q3. Company XYZ recently acquired a manufacturing plant from Company ABC which uses a different manufacturing ICS platform. Company XYZ has strict ICS security regulations while Company ABC does not. Which of the following approaches would the network security administrator for Company XYZ MOST likely proceed with to integrate the new manufacturing plant?
A. Conduct a network vulnerability assessment of acquired plant ICS platform and correct all identified flaws during integration.
B. Convert the acquired plant ICS platform to the Company XYZ standard ICS platform solely to eliminate potential regulatory conflicts.
C. Conduct a risk assessment of the acquired plant ICS platform and implement any necessary or required controls during integration.
D. Require Company ABC to bring their ICS platform into regulatory compliance prior to integrating the new plant into Company XYZu2021s network.
Answer: C
Q4. After three vendors submit their requested documentation, the CPO and the SPM can better understand what each vendor does and what solutions that they can provide. But now they want to see the intricacies of how these solutions can adequately match the
requirements needed by the firm. Upon the directive of the CPO, the CISO should submit which of the following to the three submitting firms?
A. A T&M contract
B. An RFP
C. A FFP agreement
D. A new RFQ
Answer: B
Q5. An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:
1. Each lab must be on a separate network segment.
2. Labs must have access to the Internet, but not other lab networks.
3. Student devices must have network access, not simple access to hosts on the lab networks.
4. Students must have a private certificate installed before gaining access.
5. Servers must have a private certificate installed locally to provide assurance to the students.
6. All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?
A. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
B. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment
Answer: C
Q6. A Chief Information Security Officer (CISO) of a major consulting firm has significantly increased the companyu2021s security posture; however, the company is still plagued by data breaches of misplaced assets. These data breaches as a result have led to the compromise of sensitive corporate and client data on at least 25 occasions. Each employee in the company is provided a laptop to perform company business. Which of the following actions can the CISO take to mitigate the breaches?
A. Reload all user laptops with full disk encryption software immediately.
B. Implement full disk encryption on all storage devices the firm owns.
C. Implement new continuous monitoring procedures.
D. Implement an open source system which allows data to be encrypted while processed.
Answer: B
Q7. Company ABC is planning to outsource its Customer Relationship Management system (CRM) and marketing / leads management to Company XYZ.
Which of the following is the MOST important to be considered before going ahead with the service?
A. Internal auditors have approved the outsourcing arrangement.
B. Penetration testing can be performed on the externally facing web system.
C. Ensure there are security controls within the contract and the right to audit.
D. A physical site audit is performed on Company XYZu2021s management / operation.
Answer: C
Q8. The Chief Information Officer (CIO) is reviewing the IT centric BIA and RA documentation. The documentation shows that a single 24 hours downtime in a critical business function
will cost the business $2.3 million. Additionally, the business unit which depends on the critical business function has determined that there is a high probability that a threat will materialize based on historical data. The CIOu2021s budget does not allow for full system hardware replacement in case of a catastrophic failure, nor does it allow for the purchase of additional compensating controls. Which of the following should the CIO recommend to the finance director to minimize financial loss?
A. The company should mitigate the risk.
B. The company should transfer the risk.
C. The company should avoid the risk.
D. The company should accept the risk.
Answer: B
Q9. Which of the following activities is commonly deemed u201cOUT OF SCOPEu201d when undertaking a penetration test?
A. Test password complexity of all login fields and input validation of form fields
B. Reverse engineering any thick client software that has been provided for the test
C. Undertaking network-based denial of service attacks in production environment
D. Attempting to perform blind SQL injection and reflected cross-site scripting attacks
A. E. Running a vulnerability scanning tool to assess network and host weaknesses
Answer: C
Q10. An organization did not know its internal customer and financial databases were compromised until the attacker published sensitive portions of the database on several popular attacker websites. The organization was unable to determine when, how, or who conducted the attacks but rebuilt, restored, and updated the compromised database server to continue operations.
Which of the following is MOST likely the cause for the organizationu2021s inability to determine what really occurred?
A. Too few layers of protection between the Internet and internal network
B. Lack of a defined security auditing methodology
C. Poor intrusion prevention system placement and maintenance
D. Insufficient logging and mechanisms for review
Answer: D
Q11. The security manager of a company has hired an external consultant to conduct a security assessment of the company network. The contract stipulates that the consultant is not allowed to transmit any data on the company network while performing wired and wireless security assessments. Which of the following technical means can the consultant use to determine the manufacturer and likely operating system of the company wireless and wired network devices, as well as the computers connected to the company network?
A. Social engineering
B. Protocol analyzer
C. Port scanner
D. Grey box testing
Answer: B
P.S. Easily pass CAS-002 Exam with Dumpscollection Practical Dumps & pdf vce, Try Free: http://www.dumpscollection.net/dumps/CAS-002/ (532 New Questions)