Latest Certified Success Dumps Download

CAS-002 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 21-30

September 15, 2017

2017 Sep CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 21 – (Topic 1)

A security administrator is shown the following log excerpt from a Unix system:

2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from port

37914 ssh2

2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from port

37915 ssh2

2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from port

37916 ssh2

2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from port

37918 ssh2

2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from port

37920 ssh2

2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from port

37924 ssh2

Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).

  1. An authorized administrator has logged into the root account remotely.

  2. The administrator should disable remote root logins.

  3. Isolate the system immediately and begin forensic analysis on the host.

  4. A remote attacker has compromised the root account using a buffer overflow in sshd.

  5. A remote attacker has guessed the root password using a dictionary attack.

  6. Use iptables to immediately DROP connections from the IP

  7. A remote attacker has compromised the private key of the root account.

  8. Change the root password immediately to a password not found in a dictionary.

Answer: C,E

Question No: 22 – (Topic 1)

A popular commercial virtualization platform allows for the creation of virtual hardware. To virtual machines, this virtual hardware is indistinguishable from real hardware. By implementing virtualized TPMs, which of the following trusted system concepts can be implemented?

  1. Software-based root of trust

  2. Continuous chain of trust

  3. Chain of trust with a hardware root of trust

  4. Software-based trust anchor with no root of trust

Answer: C

Question No: 23 – (Topic 1)

At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO).

  1. Add guests with more memory to increase capacity of the infrastructure.

  2. A backup is running on the thin clients at 9am every morning.

  3. Install more memory in the thin clients to handle the increased load while booting.

  4. Booting all the lab desktops at the same time is creating excessive I/O.

  5. Install 10-Gb uplinks between the hosts and the lab to increase network capacity.

  6. Install faster SSD drives in the storage system used in the infrastructure.

  7. The lab desktops are saturating the network while booting.

  8. The lab desktops are using more memory than is available to the host systems.

Answer: D,F

Question No: 24 – (Topic 1)

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string:

user@hostname:~$ sudo nmap -O

Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:

TCP/22 TCP/111 TCP/512-514 TCP/2049 TCP/32778

Based on this information, which of the following operating systems is MOST likely running on the unknown node?

  1. Linux

  2. Windows

  3. Solaris

  4. OSX

Answer: C

Question No: 25 – (Topic 1)

A security consultant is conducting a network assessment and wishes to discover any legacy backup Internet connections the network may have. Where would the consultant find this information and why would it be valuable?

  1. This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection.

  2. This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network.

  3. This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections.

  4. This information can be found by querying the network’s DNS servers, and is valuable because backup DNS servers typically allow recursive queries from Internet hosts.

Answer: A

Question No: 26 – (Topic 1)

The Chief Executive Officer (CEO) of a small start-up company wants to set up offices around the country for the sales staff to generate business. The company needs an effective communication solution to remain in constant contact with each other, while maintaining a secure business environment. A junior-level administrator suggests that the company and the sales staff stay connected via free social media. Which of the following decisions is BEST for the CEO to make?

  1. Social media is an effective solution because it is easily adaptable to new situations.

  2. Social media is an ineffective solution because the policy may not align with the business.

  3. Social media is an effective solution because it implements SSL encryption.

  4. Social media is an ineffective solution because it is not primarily intended for business applications.

Answer: B

Question No: 27 – (Topic 1)

A company sales manager received a memo from the company’s financial department which stated that the company would not be putting its software products through the same security testing as previous years to reduce the research and development cost by 20 percent for the upcoming year. The memo also stated that the marketing material and service level agreement for each product would remain unchanged. The sales manager has reviewed the sales goals for the upcoming year and identified an increased target across the software products that will be affected by the financial department’s change. All software products will continue to go through new development in the coming year. Which of the following should the sales manager do to ensure the company stays out of trouble?

  1. Discuss the issue with the software product#39;s user groups

  2. Consult the company’s legal department on practices and law

  3. Contact senior finance management and provide background information

  4. Seek industry outreach for software practices and law

Answer: B

Question No: 28 – (Topic 1)

An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following controls should be implemented to mitigate the attack in the future?

  1. Use PAP for secondary authentication on each RADIUS server

  2. Disable unused EAP methods on each RADIUS server

  3. Enforce TLS connections between RADIUS servers

  4. Use a shared secret for each pair of RADIUS servers

Answer: C

Question No: 29 – (Topic 1)

The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users#39; workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?

  1. HIPS

  2. UTM

  3. Antivirus

  4. NIPS

  5. DLP

Answer: A

Question No: 30 – (Topic 1)

A user has a laptop configured with multiple operating system installations. The operating systems are all installed on a single SSD, but each has its own partition and logical volume. Which of the following is the BEST way to ensure confidentiality of individual operating system data?

  1. Encryption of each individual partition

  2. Encryption of the SSD at the file level

  3. FDE of each logical volume on the SSD

  4. FDE of the entire SSD as a single disk

Answer: A

100% Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass CAS-002 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE