Want to Pass CAS-002 Exam In Next HOURS? Download Now →
February 12, 2018

How Does Testking CompTIA CAS-002 dumps Work?


Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certshared.com/exam/CAS-002/


Q301. - (Topic 2) 

An organization has several production critical SCADA supervisory systems that cannot follow the normal 30-day patching policy. Which of the following BEST maximizes the protection of these systems from malicious software? 

A. Configure a firewall with deep packet inspection that restricts traffic to the systems 

B. Configure a separate zone for the systems and restrict access to known ports 

C. Configure the systems to ensure only necessary applications are able to run 

D. Configure the host firewall to ensure only the necessary applications have listening ports 

Answer:


Q302. - (Topic 3) 

Several business units have requested the ability to use collaborative web-based meeting places with third party vendors. Generally these require user registration, installation of client-based ActiveX or Java applets, and also the ability for the user to share their desktop in read-only or read-write mode. In order to ensure that information security is not compromised, which of the following controls is BEST suited to this situation? 

A. Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation. 

B. Hire an outside consultant firm to perform both a quantitative and a qualitative risk-based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur. 

C. Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked. 

D. Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited. 

Answer:


Q303. - (Topic 3) 

A company runs large computing jobs only during the overnight hours. To minimize the amount of capital investment in equipment, the company relies on the elastic computing services of a major cloud computing vendor. Because the virtual resources are created and destroyed on the fly across a large pool of shared resources, the company never knows which specific hardware platforms will be used from night to night. Which of the following presents the MOST risk to confidentiality in this scenario? 

A. Loss of physical control of the servers 

B. Distribution of the job to multiple data centers 

C. Network transmission of cryptographic keys 

D. Data scraped from the hardware platforms 

Answer:


Q304. - (Topic 2) 

A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO wants to know upfront what the projected TCO would be before looking further into this concern. Two vendor proposals have been received: 

Bundled offering expected to be $100,000 per year. 

Operational expenses for the pharmaceutical company to partner with the vendor are expected to be a 0.5 FTE per year. 

Internal employee costs are averaged to be $80,000 per year per FTE. Based on calculating TCO of the two vendor proposals over a 5 year period, which of the following options is MOST accurate? 

A. Based on cost alone, having an outsourced solution appears cheaper. 

B. Based on cost alone, having an outsourced solution appears to be more expensive. 

C. Based on cost alone, both outsourced an in-sourced solutions appear to be the same. 

D. Based on cost alone, having a purchased product solution appears cheaper. 

Answer:


Q305. - (Topic 4) 

A bank now has a major initiative to virtualize as many servers as possible, due to power and rack space capacity at both data centers. The bank has prioritized by virtualizing older servers first as the hardware is nearing end-of-life. 

The two initial migrations include: 

Which of the following should the security consultant recommend based on best practices? 

A. One data center should host virtualized web servers and the second data center should host the virtualized domain controllers. 

B. One virtual environment should be present at each data center, each housing a combination of the converted Windows 2000 and RHEL3 virtual machines. 

C. Each data center should contain one virtual environment for the web servers and another virtual environment for the domain controllers. 

D. Each data center should contain one virtual environment housing converted Windows 2000 virtual machines and converted RHEL3 virtual machines. 

Answer:


Q306. DRAG DROP - (Topic 2) 

An organization is implementing a project to simplify the management of its firewall network flows and implement security controls. The following requirements exist. Drag and drop the BEST security solution to meet the given requirements. Options may be used once or not at all. All placeholders must be filled. 

Answer: 


Q307. - (Topic 3) 

A WAF without customization will protect the infrastructure from which of the following attack combinations? 

A. DDoS, DNS poisoning, Boink, Teardrop 

B. Reflective XSS, HTTP exhaustion, Teardrop 

C. SQL Injection, DOM based XSS, HTTP exhaustion 

D. SQL Injection, CSRF, Clickjacking 

Answer:


Q308. - (Topic 2) 

An enterprise must ensure that all devices that connect to its networks have been previously approved. The solution must support dual factor mutual authentication with strong identity assurance. In order to reduce costs and administrative overhead, the security architect wants to outsource identity proofing and second factor digital delivery to the third party. Which of the following solutions will address the enterprise requirements? 

A. Implementing federated network access with the third party. 

B. Using a HSM at the network perimeter to handle network device access. 

C. Using a VPN concentrator which supports dual factor via hardware tokens. 

D. Implementing 802.1x with EAP-TTLS across the infrastructure. 

Answer:


Q309. - (Topic 1) 

The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the router’s external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the company’s external router’s IP which is 128.20.176.19: 

11:16:22.110343 IP 90.237.31.27.19 > 128.20.176.19.19: UDP, length 1400 

11:16:22.110351 IP 23.27.112.200.19 > 128.20.176.19.19: UDP, length 1400 

11:16:22.110358 IP 192.200.132.213.19 > 128.20.176.19.19: UDP, length 1400 

11:16:22.110402 IP 70.192.2.55.19 > 128.20.176.19.19: UDP, length 1400 

11:16:22.110406 IP 112.201.7.39.19 > 128.20.176.19.19: UDP, length 1400 

Which of the following describes the findings the senior security engineer should report to the ISO and the BEST solution for service restoration? 

A. After the senior engineer used a network analyzer to identify an active Fraggle attack, the company’s ISP should be contacted and instructed to block the malicious packets. 

B. After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication. 

C. After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks. 

D. After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company’s external router to block incoming UDP port 19 traffic. 

Answer:


Q310. - (Topic 1) 

At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO). 

A. Add guests with more memory to increase capacity of the infrastructure. 

B. A backup is running on the thin clients at 9am every morning. 

C. Install more memory in the thin clients to handle the increased load while booting. 

D. Booting all the lab desktops at the same time is creating excessive I/O. 

E. Install 10-Gb uplinks between the hosts and the lab to increase network capacity. 

F. Install faster SSD drives in the storage system used in the infrastructure. 

G. The lab desktops are saturating the network while booting. 

H. The lab desktops are using more memory than is available to the host systems. 

Answer: D,F