Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
CAS-002 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 151-160

September 15, 2017

EnsurePass
2017 Sep CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/CAS-002.html

CompTIA Advanced Security Practitioner (CASP)

Question No: 151 – (Topic 2)

A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is concerned about the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a downside of using presence technology?

  1. Insider threat

  2. Network reconnaissance

  3. Physical security

  4. Industrial espionage

Answer: C

Question No: 152 – (Topic 2)

A security administrator is assessing a new application. The application uses an API that is supposed to encrypt text strings that are stored in memory. How might the administrator test that the strings are indeed encrypted in memory?

  1. Use fuzzing techniques to examine application inputs

  2. Run nmap to attach to application memory

  3. Use a packet analyzer to inspect the strings

  4. Initiate a core dump of the application

  5. Use an HTTP interceptor to capture the text strings

Answer: D

Question No: 153 – (Topic 2)

A security administrator is performing VDI traffic data collection on a virtual server which migrates from one host to another. While reviewing the data collected by the protocol

analyzer, the security administrator notices that sensitive data is present in the packet capture. Which of the following should the security administrator recommend to ensure the confidentiality of sensitive information during live VM migration, while minimizing latency issues?

  1. A separate physical interface placed on a private VLAN should be configured for live host operations.

  2. Database record encryption should be used when storing sensitive information on virtual servers.

  3. Full disk encryption should be enabled across the enterprise to ensure the confidentiality of sensitive data.

  4. Sensitive data should be stored on a backend SAN which uses an isolated fiber channel network.

Answer: A

Question No: 154 – (Topic 2)

Company policy requires that all company laptops meet the following baseline requirements:

Software requirements:

Antivirus Anti-malware Anti-spyware

Log monitoring

Full-disk encryption

Terminal services enabled for RDP Administrative access for local users

Hardware restrictions: Bluetooth disabled FireWire disabled WiFi adapter disabled

Ann, a web developer, reports performance issues with her laptop and is not able to access any network resources. After further investigation, a bootkit was discovered and it was trying to access external websites. Which of the following hardening techniques should be applied to mitigate this specific issue from reoccurring? (Select TWO).

  1. Group policy to limit web access

  2. Restrict VPN access for all mobile users

  3. Remove full-disk encryption

  4. Remove administrative access to local users

  5. Restrict/disable TELNET access to network resources

  6. Perform vulnerability scanning on a daily basis

  7. Restrict/disable USB access

Answer: D,G

Question No: 155 – (Topic 2)

A company has a difficult time communicating between the security engineers, application developers, and sales staff. The sales staff tends to overpromise the application deliverables. The security engineers and application developers are falling behind schedule. Which of the following should be done to solve this?

  1. Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliverables.

  2. Allow the security engineering team to do application development so they understand why it takes so long.

  3. Allow the application developers to attend a sales conference so they understand how business is done.

  4. Allow the sales staff to learn application programming and security engineering so they understand the whole lifecycle.

Answer: A

Question No: 156 – (Topic 2)

A security solutions architect has argued consistently to implement the most secure method of encrypting corporate messages. The solution has been derided as not being cost effective by other members of the IT department. The proposed solution uses symmetric keys to encrypt all messages and is very resistant to unauthorized decryption. The method also requires special handling and security for all key material that goes above

and beyond most encryption systems.

Which of the following is the solutions architect MOST likely trying to implement?

  1. One time pads

  2. PKI

  3. Quantum cryptography

  4. Digital rights management

Answer: A

Question No: 157 – (Topic 2)

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability?

  1. Source code vulnerability scanning

  2. Time-based access control lists

  3. ISP to ISP network jitter

  4. File-size validation

  5. End to end network encryption

Answer: B

Question No: 158 – (Topic 2)

The finance department for an online shopping website has discovered that a number of customers were able to purchase goods and services without any payments. Further analysis conducted by the security investigations team indicated that the website allowed customers to update a payment amount for shipping. A specially crafted value could be entered and cause a roll over, resulting in the shipping cost being subtracted from the balance and in some instances resulted in a negative balance. As a result, the system processed the negative balance as zero dollars. Which of the following BEST describes the application issue?

  1. Race condition

  2. Click-jacking

  3. Integer overflow

  4. Use after free

  5. SQL injection

Answer: C

Question No: 159 – (Topic 2)

A company Chief Information Officer (CIO) is unsure which set of standards should govern the company’s IT policy. The CIO has hired consultants to develop use cases to test against various government and industry security standards. The CIO is convinced that there is large overlap between the configuration checks and security controls governing each set of standards. Which of the following selections represent the BEST option for the CIO?

  1. Issue a RFQ for vendors to quote a complete vulnerability and risk management solution to the company.

  2. Issue a policy that requires only the most stringent security standards be implemented throughout the company.

  3. Issue a policy specifying best practice security standards and a baseline to be implemented across the company.

  4. Issue a RFI for vendors to determine which set of security standards is best for the company.

Answer: C

Question No: 160 – (Topic 2)

A senior network security engineer has been tasked to decrease the attack surface of the corporate network. Which of the following actions would protect the external network interfaces from external attackers performing network scanning?

  1. Remove contact details from the domain name registrar to prevent social engineering attacks.

  2. Test external interfaces to see how they function when they process fragmented IP packets.

  3. Enable a honeynet to capture and facilitate future analysis of malicious attack vectors.

  4. Filter all internal ICMP message traffic, forcing attackers to use full-blown TCP port scans against external network interfaces.

Answer: B

100% Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass CAS-002 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE