Latest Certified Success Dumps Download

CAS-002 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 181-190

September 15, 2017

2017 Sep CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 181 – (Topic 2)

A network engineer wants to deploy user-based authentication across the company’s wired and wireless infrastructure at layer 2 of the OSI model. Company policies require that users be centrally managed and authenticated and that each user’s network access be controlled based on the user’s role within the company. Additionally, the central authentication system must support hierarchical trust and the ability to natively authenticate mobile devices and workstations. Which of the following are needed to implement these requirements? (Select TWO).

  1. SAML

  2. WAYF

  3. LDAP


  5. Shibboleth

  6. PKI

Answer: C,D

Question No: 182 – (Topic 2)

A port in a fibre channel switch failed, causing a costly downtime on the company’s primary website. Which of the following is the MOST likely cause of the downtime?

  1. The web server iSCSI initiator was down.

  2. The web server was not multipathed.

  3. The SAN snapshots were not up-to-date.

  4. The SAN replication to the backup site failed.

Answer: B

Question No: 183 – (Topic 2)

An organization has several production critical SCADA supervisory systems that cannot follow the normal 30-day patching policy. Which of the following BEST maximizes the protection of these systems from malicious software?

  1. Configure a firewall with deep packet inspection that restricts traffic to the systems

  2. Configure a separate zone for the systems and restrict access to known ports

  3. Configure the systems to ensure only necessary applications are able to run

  4. Configure the host firewall to ensure only the necessary applications have listening ports

Answer: C

Question No: 184 – (Topic 2)

A recently hired security administrator is advising developers about the secure integration of a legacy in-house application with a new cloud based processing system. The systems must exchange large amounts of fixed format data such as names, addresses, and phone numbers, as well as occasional chunks of data in unpredictable formats. The developers want to construct a new data format and create custom tools to parse and process the data. The security administrator instead suggests that the developers:

  1. Create a custom standard to define the data.

  2. Use well formed standard compliant XML and strict schemas.

  3. Only document the data format in the parsing application code.

  4. Implement a de facto corporate standard for all analyzed data.

Answer: B

Question No: 185 – (Topic 2)

The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15% per year in each of the last four years, but that this year’s growth has slowed to around 7%. Over the same time period, the number of attacks against applications has decreased or stayed flat each year. At the start of the measure period, the incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago, the growth in the number of PC boot loader attacks has grown exponentially. Analysis of these trends would seem to suggest which of the following strategies should be employed?

  1. Spending on SCADA protections should stay steady; application control spending should increase substantially and spending on PC boot loader controls should increase substantially.

  2. Spending on SCADA security controls should stay steady; application control spending should decrease slightly and spending on PC boot loader protections should increase substantially.

  3. Spending all controls should increase by 15% to start; spending on application controls should be suspended, and PC boot loader protection research should increase by 100%.

  4. Spending on SCADA security controls should increase by 15%; application control

spending should increase slightly, and spending on PC boot loader protections should remain steady.

Answer: B

Question No: 186 – (Topic 2)

A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the BEST description of why this is true?

  1. Commercially available software packages are typically well known and widely available. Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid lawsuits.

  2. Commercially available software packages are often widely available. Information concerning vulnerabilities is often kept internal to the company that developed the software.

  3. Commercially available software packages are not widespread and are only available in limited areas. Information concerning vulnerabilities is often ignored by business managers.

  4. Commercially available software packages are well known and widely available. Information concerning vulnerabilities and viable attack patterns are always shared within the IT community.

Answer: B

Question No: 187 DRAG DROP – (Topic 2)

IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern. Options may be used once or not at all.

Ensurepass 2017 PDF and VCE


Ensurepass 2017 PDF and VCE

Question No: 188 – (Topic 2)

Wireless users are reporting issues with the company’s video conferencing and VoIP systems. The security administrator notices internal DoS attacks from infected PCs on the network causing the VoIP system to drop calls. The security administrator also notices that the SIP servers are unavailable during these attacks. Which of the following security controls will MOST likely mitigate the VoIP DoS attacks on the network? (Select TWO).

  1. Install a HIPS on the SIP servers

  2. Configure 802.1X on the network

  3. Update the corporate firewall to block attacking addresses

  4. Configure 802.11e on the network

  5. Configure 802.1q on the network

Answer: A,D

Question No: 189 – (Topic 2)

An administrator is implementing a new network-based storage device. In selecting a storage protocol, the administrator would like the data in transit#39;s integrity to be the most important concern. Which of the following protocols meets these needs by implementing either AES-CMAC or HMAC-SHA256 to sign data?

  1. SMB

  2. NFS

  3. FCoE

  4. iSCSI

Answer: A

Question No: 190 – (Topic 2)

A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user continue to operate on the network as normal. However, they would like to have a copy of any communications from the user involving certain key terms. Additionally, the law enforcement agency has requested that the user#39;s ongoing communication be retained in the user#39;s account for future investigations. Which of the following will BEST meet the goals of law enforcement?

  1. Begin a chain-of-custody on for the user#39;s communication. Next, place a legal hold on the user#39;s email account.

  2. Perform an e-discover using the applicable search terms. Next, back up the user#39;s email for a future investigation.

  3. Place a legal hold on the user#39;s email account. Next, perform e-discovery searches to collect applicable emails.

  4. Perform a back up of the user#39;s email account. Next, export the applicable emails that match the search terms.

Answer: C

100% Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass CAS-002 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE