[May 2018] CAS-002 Exam Dumps Free Download In Lead2pass 100% CAS-002 Exam Questions 900q

Lead2pass CAS-002 Exam Dumps New Updated By CompTIA Official Exam Center:

https://www.lead2pass.com/cas-002.html

QUESTION 31
The Chief Executive Officer (CEO) of a corporation decided to move all email to a cloud computing environment.
The Chief Information Security Officer (CISO) was told to research the risk involved in this environment.
Which of the following measures should be implemented to minimize the risk of hosting email in the cloud?

A.    Remind users that all emails with sensitive information need be encrypted and physically
inspect the cloud computing.
B.    Ensure logins are over an encrypted channel and obtain an NDA and an SLA from the
cloud provider.
C.    Ensure logins are over an encrypted channel and remind users to encrypt all emails that
contain sensitive information.
D.    Obtain an NDA from the cloud provider and remind users that all emails with sensitive
information need be encrypted.

Answer: B

QUESTION 32
Due to a new regulation, a company has to increase active monitoring of security-related events to 24 hours a day.
The security staff only has three full time employees that work during normal business hours. Instead of hiring new security analysts to cover the remaining shifts necessary to meet the monitoring requirement, the Chief Information Officer (CIO) has hired a Managed Security Service (MSS) to monitor events.
Which of the following should the company do to ensure that the chosen MSS meets expectations?

A.    Develop a memorandum of understanding on what the MSS is responsible to provide.
B.    Create internal metrics to track MSS performance.
C.    Establish a mutually agreed upon service level agreement.
D.    Issue a RFP to ensure the MSS follows guidelines.

Answer: C

QUESTION 33
A system administrator needs to develop a policy for when an application server is no longer needed.
Which of the following policies would need to be developed?

A.    Backup policy
B.    De-provisioning policy
C.    Data retention policy
D.    Provisioning policy

Answer: C

QUESTION 34
After a security incident, an administrator revokes the SSL certificate for their web server www.company.com.
Later, users begin to inform the help desk that a few other servers are generating certificate errors: ftp.company.com, mail.company.com, and partners.company.com.
Which of the following is MOST likely the reason for this?

A.    Each of the servers used the same EV certificate.
B.    The servers used a wildcard certificate.
C.    The web server was the CA for the domain.
D.    Revoking a certificate can only be done at the domain level.

Answer: B

QUESTION 35
A wholesaler has decided to increase revenue streams by selling direct to the public through an on-line system.
Initially this will be run as a short term trial and if profitable, will be expanded and form part of the day to day business.
The risk manager has raised two main business risks for the initial trial:

1. IT staff has no experience with establishing and managing secure on-line credit card processing.
2. An internal credit card processing system will expose the business to additional compliance requirements.

Which of the following is the BEST risk mitigation strategy?

A.    Transfer the risks to another internal department, who have more resources to accept the
risk.
B.    Accept the risks and log acceptance in the risk register.
Once the risks have been accepted close them out.
C.    Transfer the initial risks by outsourcing payment processing to a third party service provider.
D.    Mitigate the risks by hiring additional IT staff with the appropriate experience and
certifications.

Answer: C

QUESTION 36
An administrator notices the following file in the Linux server’s /tmp directory.

-rwsr-xr-x. 4 root root 234223 Jun 6 22:52 bash*

Which of the following should be done to prevent further attacks of this nature?

A.    Never mount the /tmp directory over NFS
B.    Stop the rpcidmapd service from running
C.    Mount all tmp directories nosuid, noexec
D.    Restrict access to the /tmp directory

Answer: C

QUESTION 37
Company GHI consolidated their network distribution so twelve network VLANs would be available over dual fiber links to a modular L2 switch in each of the company’s six IDFs.
The IDF modular switches have redundant switch fabrics and power supplies.
Which of the following threats will have the GREATEST impact on the network and what is the appropriate remediation step?

A.    Threat: 802.1q trunking attack
Remediation: Enable only necessary VLANs for each port
B.    Threat: Bridge loop
Remediation: Enable spanning tree
C.    Threat: VLAN hopping
Remediation: Enable only necessary VLANs for each port
D.    Threat: VLAN hopping
Remediation: Enable ACLs on the IDF switch

Answer: B

QUESTION 38
Within an organization, there is a known lack of governance for solution designs.
As a result there are inconsistencies and varying levels of quality for the artifacts that are produced.
Which of the following will help BEST improve this situation?

A.    Ensure that those producing solution artifacts are reminded at the next team meeting that
quality is important.
B.    Introduce a peer review process that is mandatory before a document can be officially
made final.
C.    Introduce a peer review and presentation process that includes a review board with representation from relevant disciplines.
D.    Ensure that appropriate representation from each relevant discipline approves of the solution documents before official approval.

Answer: C

QUESTION 39
An administrator of a secure web server has several clients with top security clearance and prefers security over performance.
By default, which of the following cipher suites would provide strong security, but at the same time the worst performance?

A.    3DES-SHA
B.    DES-MD5
C.    Camellia-SHA
D.    RC4-MD5

Answer: A

QUESTION 40
Corporate policy states that the systems administrator should not be present during system audits.
The security policy that states this is:

A.    Separation of duties.
B.    Mandatory vacation.
C.    Non-disclosure agreement.
D.    Least privilege.

Answer: A

CAS-002 dumps full version (PDF&VCE): https://www.lead2pass.com/cas-002.html

Large amount of free CAS-002 exam questions on Google Drive: https://drive.google.com/open?id=13j5iOL_XYuK24xlefcIzTQtqmeQfLY7K

Continue Reading

[April 2018] 100% Free Lead2pass CAS-002 New Questions Download 900q

100% New Updated CAS-002 New Questions Lead2pass Helps Pass CAS-002 Exam Successfully:

https://www.lead2pass.com/cas-002.html

QUESTION 21
A company is developing a new web application for its Internet users and is following a secure coding methodology.
Which of the following methods would BEST assist the developers in determining if any unknown vulnerabilities are present?

A.    Conduct web server load tests.
B.    Conduct static code analysis.
C.    Conduct fuzzing attacks.
D.    Conduct SQL injection and XSS attacks.

Continue Reading

[March 2018] Free Sharing Of Updated CAS-002 VCE And PDF Dumps From Lead2pass 900q

Free Updated Lead2pass CAS-002 Exam Dumps Download:

https://www.lead2pass.com/cas-002.html

QUESTION 11
Driven mainly by cost, many companies outsource computing jobs which require a large amount of processor cycles over a short duration to cloud providers.
This allows the company to avoid a large investment in computing resources which will only be used for a short time.
Assuming the provisioned resources are dedicated to a single company, which of the following is the MAIN vulnerability associated with on-demand provisioning?

A.    Traces of proprietary data which can remain on the virtual machine and be exploited
B.    Remnants of network data from prior customers on the physical servers during a compute
job
C.    Exposure of proprietary data when in-transit to the cloud provider through IPSec tunnels
D.    Failure of the de-provisioning mechanism resulting in excessive charges for the resources

Continue Reading

[January 2018] Lead2pass CAS-002 Exam Questions Free Download 900q

Lead2pass CAS-002 New Questions Free Download:

https://www.lead2pass.com/cas-002.html

QUESTION 1
A telecommunication company has recently upgraded their teleconference systems to multicast. Additionally, the security team has instituted a new policy which requires VPN to access the company’s video conference.
All parties must be issued a VPN account and must connect to the company’s VPN concentrator to participate in the remote meetings.
Which of the following settings will increase bandwidth utilization on the VPN concentrator during the remote meetings?

A.    IPSec transport mode is enabled
B.    ICMP is disabled
C.    Split tunneling is disabled
D.    NAT-traversal is enabled

Continue Reading