A Review Of Breathing CAS-002 questions
P.S. Practical CAS-002 guidance are available on Google Drive, GET MORE: https://drive.google.com/open?id=1i-DSDDbU7Ij9pDq-9iid94VozRUrxe72
New CompTIA CAS-002 Exam Dumps Collection (Question 15 - Question 24)
Question No: 15
An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?
A. File system information, swap files, network processes, system processes and raw disk blocks.
A. B. Raw disk blocks, network processes, system processes, swap files and file system information.
C. System processes, network processes, file system information, swap files and raw disk blocks.
D. Raw disk blocks, swap files, network processes, system processes, and file system information.
Question No: 16
Two universities are making their 802.11n wireless networks available to the other universityu2019s students. The infrastructure will pass the studentu2019s credentials back to the home school for authentication via the Internet.
The requirements are:
The following design was implemented:
WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security RADIUS proxy servers will be used to forward authentication requests to the home school The RADIUS servers will have certificates from a common public certificate authority
A strong shared secret will be used for RADIUS server authentication
Which of the following security considerations should be added to the design?
A. The transport layer between the RADIUS servers should be secured
B. WPA Enterprise should be used to decrease the network overhead
C. The RADIUS servers should have local accounts for the visiting students
D. Students should be given certificates to use for authentication to the network
Question No: 17
A systems administrator establishes a CIFS share on a UNIX device to share data to
Windows systems. The security authentication on the Windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the UNIX share. Which of the following settings on the UNIX server would correct this problem?
A. Refuse LM and only accept NTLMv2
B. Accept only LM
C. Refuse NTLMv2 and accept LM
D. Accept only NTLM
Question No: 18
A security administrator notices a recent increase in workstations becoming compromised by malware. Often, the malware is delivered via drive-by downloads, from malware hosting websites, and is not being detected by the corporate antivirus. Which of the following solutions would provide the BEST protection for the company?
A. Increase the frequency of antivirus downloads and install updates to all workstations.
B. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections.
C. Deploy a WAF to inspect and block all web traffic which may contain malware and exploits.
D. Deploy a web based gateway antivirus server to intercept viruses before they enter the network.
Question No: 19
A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organizationu2019s configuration management process using?
D. Joint application development
Question No: 20
VPN users cannot access the active FTP server through the router but can access any
server in the data center.
Additional network information:
DMZ network u2013 192.168.5.0/24 (FTP server is 192.168.5.11) VPN network u2013 192.168.1.0/24
Datacenter u2013 192.168.2.0/24 User network - 192.168.3.0/24 HR network u2013 192.168.4.0/24\\
Traffic shaper configuration: VLAN Bandwidth Limit (Mbps) VPN50
Router ACL: ActionSourceDestination Permit192.168.1.0/24192.168.2.0/24 Permit192.168.1.0/24192.168.3.0/24 Permit192.168.1.0/24192.168.5.0/24 Permit192.168.2.0/24192.168.1.0/24 Permit192.168.3.0/24192.168.1.0/24 Permit192.168.5.1/32192.168.1.0/24 Deny192.168.4.0/24192.168.1.0/24 Deny192.168.1.0/24192.168.4.0/24
Which of the following solutions would allow the users to access the active FTP server?
A. Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network
B. Add a permit statement to allow traffic to 192.168.5.1 from the VPN network
C. IPS is blocking traffic and needs to be reconfigured
D. Configure the traffic shaper to limit DMZ traffic
E. Increase bandwidth limit on the VPN network
Question No: 21
Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victimu2019s privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?
A. Integer overflow
C. Race condition
D. SQL injection
E. Use after free
F. Input validation
Question No: 22
A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this information and why would it be valuable?
A. This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection.
B. This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network.
C. This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections.
D. This information can be found by querying the networku2019s DNS servers, and is valuable because backup DNS servers typically allow recursive queries from Internet hosts.
Question No: 23
In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).
A. Provide free email software for personal devices.
B. Encrypt data in transit for remote access.
C. Require smart card authentication for all devices.
D. Implement NAC to limit insecure devices access.
E. Enable time of day restrictions for personal devices.
Question No: 24
A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:
Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).
A. Secure storage and transmission of API keys
B. Secure protocols for transmission of log files and search results
C. At least two years retention of log files in case of e-discovery requests
D. Multi-tenancy with RBAC support
E. Sanitizing filters to prevent upload of sensitive log file contents
F. Encryption of logical volumes on which the customers' log files reside
Answer: : A,B,D
100% Regenerate CompTIA CAS-002 Questions & Answers shared by Examcollectionplus, Get HERE: https://www.examcollectionplus.net/vce-CAS-002/ (New 532 Q&As)