Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
CAS-002 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 131-140

September 15, 2017

EnsurePass
2017 Sep CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/CAS-002.html

CompTIA Advanced Security Practitioner (CASP)

Question No: 131 – (Topic 2)

Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows:

Delivered-To: customer@example.com Received: by 10.14.120.205

Mon, 1 Nov 2010 11:15:24 -0700 (PDT)

Received: by 10.231.31.193

Mon, 01 Nov 2010 11:15:23 -0700 (PDT)

Return-Path: lt;IT@company.comgt;

Received: from 127.0.0.1 for lt;customer@example.comgt;; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from lt;IT@company.comgt;)

Received: by smtpex.example.com (SMTP READY) with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500

Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500

From: Company lt;IT@Company.comgt;

To: quot;customer@example.comquot; lt;customer@example.comgt; Date: Mon, 1 Nov 2010 13:15:11 -0500

Subject: New Insurance Application Thread-Topic: New Insurance Application

Please download and install software from the site below to maintain full access to your account.

www.examplesite.com

Ensurepass 2017 PDF and VCE

Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11. The network’s subnet is 192.168.2.0/25.

Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).

  1. Identify the origination point for malicious activity on the unauthorized mail server.

  2. Block port 25 on the firewall for all unauthorized mail servers.

  3. Disable open relay functionality.

  4. Shut down the SMTP service on the unauthorized mail server.

  5. Enable STARTTLS on the spam filter.

Answer: B,D

Question No: 132 – (Topic 2)

Which of the following represents important technical controls for securing a SAN storage infrastructure? (Select TWO).

  1. Synchronous copy of data

  2. RAID configuration

  3. Data de-duplication

  4. Storage pool space allocation

  5. Port scanning

  6. LUN masking/mapping

  7. Port mapping

Answer: F,G

Question No: 133 – (Topic 2)

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled:

Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0

Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0

Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0

All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router interface’s MAC is 00-01-42-32-ab-1a

A packet capture shows the following:

09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)

09:08:10.937590 IP 172.16.35.1 gt; 172.16.35.255: ICMP echo request, id 2305, seq 1,

length 65534

09:08:10.937591 IP 172.16.35.1 gt; 172.16.35.255: ICMP echo request, id 2306, seq 2,

length 65534

09:08:10.937592 IP 172.16.35.1 gt; 172.16.35.255: ICMP echo request, id 2307, seq 3,

length 65534

Which of the following is occurring on the network?

  1. A man-in-the-middle attack is underway on the network.

  2. An ARP flood attack is targeting at the router.

  3. The default gateway is being spoofed on the network.

  4. A denial of service attack is targeting at the router.

Answer: D

Question No: 134 – (Topic 2)

VPN users cannot access the active FTP server through the router but can access any server in the data center.

Additional network information:

DMZ network – 192.168.5.0/24 (FTP server is 192.168.5.11) VPN network – 192.168.1.0/24

Datacenter – 192.168.2.0/24 User network – 192.168.3.0/24 HR network – 192.168.4.0/24\

Traffic shaper configuration: VLAN Bandwidth Limit (Mbps) VPN50

User175 HR250

Finance250 Guest0

Router ACL: ActionSourceDestination Permit192.168.1.0/24192.168.2.0/24 Permit192.168.1.0/24192.168.3.0/24 Permit192.168.1.0/24192.168.5.0/24 Permit192.168.2.0/24192.168.1.0/24 Permit192.168.3.0/24192.168.1.0/24

Permit192.168.5.1/32192.168.1.0/24 Deny192.168.4.0/24192.168.1.0/24 Deny192.168.1.0/24192.168.4.0/24

Denyanyany

Which of the following solutions would allow the users to access the active FTP server?

  1. Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network

  2. Add a permit statement to allow traffic to 192.168.5.1 from the VPN network

  3. IPS is blocking traffic and needs to be reconfigured

  4. Configure the traffic shaper to limit DMZ traffic

  5. Increase bandwidth limit on the VPN network

Answer: A

Question No: 135 – (Topic 2)

A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect? (Select TWO).

  1. Perform penetration testing over the HR solution to identify technical vulnerabilities

  2. Perform a security risk assessment with recommended solutions to close off high-rated risks

  3. Secure code review of the HR solution to identify security gaps that could be exploited

  4. Perform access control testing to ensure that privileges have been configured correctly

  5. Determine if the information security standards have been complied with by the project

Answer: B,E

Question No: 136 – (Topic 2)

A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two- factor authentication for customer access to the administrative website. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data

from customer A was found on a hidden directory within the VM of company B. Company B is not in the same industry as company A and the two are not competitors. Which of the following has MOST likely occurred?

  1. Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.

  2. A stolen two factor token was used to move data from one virtual guest to another host on the same network segment.

  3. A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access.

  4. An employee with administrative access to the virtual guests was able to dump the guest memory onto a mapped disk.

Answer: A

Question No: 137 – (Topic 2)

Customers have recently reported incomplete purchase history and other anomalies while accessing their account history on the web server farm. Upon investigation, it has been determined that there are version mismatches of key e-commerce applications on the production web servers. The development team has direct access to the production servers and is most likely the cause of the different release versions. Which of the following process level solutions would address this problem?

  1. Implement change control practices at the organization level.

  2. Adjust the firewall ACL to prohibit development from directly accessing the production server farm.

  3. Update the vulnerability management plan to address data discrepancy issues.

  4. Change development methodology from strict waterfall to agile.

Answer: A

Question No: 138 – (Topic 2)

A new IT company has hired a security consultant to implement a remote access system, which will enable employees to telecommute from home using both company issued as well as personal computing devices, including mobile devices. The company wants a flexible system to provide confidentiality and integrity for data in transit to the company’s internally developed application GUI. Company policy prohibits employees from having administrative rights to company issued devices. Which of the following remote access

solutions has the lowest technical complexity?

  1. RDP server

  2. Client-based VPN

  3. IPSec

  4. Jump box

  5. SSL VPN

Answer: A

Question No: 139 – (Topic 2)

A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following figures is the system’s SLE?

A. $2,000 B. $8,000 C. $12,000 D. $32,000

Answer: B

Question No: 140 – (Topic 2)

Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a result, password replication and shared accounts are not acceptable. Which of the following implementations addresses the distributed login with centralized authentication and has wide compatibility among SaaS vendors?

  1. Establish a cloud-based authentication service that supports SAML.

  2. Implement a new Diameter authentication server with read-only attestation.

  3. Install a read-only Active Directory server in the corporate DMZ for federation.

  4. Allow external connections to the existing corporate RADIUS server.

Answer: A

100% Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass CAS-002 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE