Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
CAS-002 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 231-240

September 15, 2017

EnsurePass
2017 Sep CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/CAS-002.html

CompTIA Advanced Security Practitioner (CASP)

Question No: 231 – (Topic 2)

A security services company is scoping a proposal with a client. They want to perform a general security audit of their environment within a two week period and consequently have the following requirements:

Requirement 1 – Ensure their server infrastructure operating systems are at their latest patch levels

Requirement 2 – Test the behavior between the application and database Requirement 3 – Ensure that customer data can not be exfiltrated

Which of the following is the BEST solution to meet the above requirements?

  1. Penetration test, perform social engineering and run a vulnerability scanner

  2. Perform dynamic code analysis, penetration test and run a vulnerability scanner

  3. Conduct network analysis, dynamic code analysis, and static code analysis

  4. Run a protocol analyzer perform static code analysis and vulnerability assessment

Answer: B

Question No: 232 – (Topic 2)

A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various security devices compiled from a report through the company’s security information and event management server.

Logs: Log 1:

Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 10.2.5.81 3 packets

Log 2:

HTTP://www.company.com/index.php?user=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Log 3:

Security Error Alert

Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client

Log 4:

Encoder oe = new OracleEncoder ();

String query = “Select user_id FROM user_data WHERE user_name = ‘ “

oe.encode ( req.getParameter(“userID”) ) ” ‘ and user_password = ‘ “

oe.encode ( req.getParameter(“pwd”) ) ” ‘ “;

Vulnerabilities Buffer overflow SQL injection ACL

XSS

Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select TWO).

  1. Log 1

  2. Log 2

  3. Log 3

  4. Log 4

  5. Buffer overflow

  6. ACL

  7. XSS

  8. SQL injection

Answer: B,E

Question No: 233 – (Topic 2)

A security tester is testing a website and performs the following manual query: https://www.comptia.com/cookies.jsp?products=5 and 1=1

The following response is received in the payload: “ORA-000001: SQL command not properly ended”

Which of the following is the response an example of?

  1. Fingerprinting

  2. Cross-site scripting

  3. SQL injection

  4. Privilege escalation

Answer: A

Question No: 234 – (Topic 2)

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

  1. Review the flow data against each server’s baseline communications profile.

  2. Configure the server logs to collect unusual activity including failed logins and restarted services.

  3. Correlate data loss prevention logs for anomalous communications from the server.

  4. Setup a packet capture on the firewall to collect all of the server communications.

Answer: A

Question No: 235 – (Topic 2)

A system administrator has just installed a new Linux distribution. The distribution is configured to be “secure out of the box”. The system administrator cannot make updates to certain system files and services. Each time changes are attempted, they are denied and a system error is generated. Which of the following troubleshooting steps should the security administrator suggest?

  1. Review settings in the SELinux configuration files

  2. Reset root permissions on systemd files

  3. Perform all administrative actions while logged in as root

  4. Disable any firewall software before making changes

Answer: A

Question No: 236 CORRECT TEXT – (Topic 2)

Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range.

Instructions: Click on the simulation button to refer to the Network Diagram for Company A. Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.

Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.

Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.

Ensurepass 2017 PDF and VCE

Ensurepass 2017 PDF and VCE

Ensurepass 2017 PDF and VCE

Ensurepass 2017 PDF and VCE

Answer: Please check the explanation part for the solution.

Explanation:

We need to select the exactly the same to configure and then click on Save as shown below image.

Ensurepass 2017 PDF and VCE

Question No: 237 – (Topic 2)

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

  1. Check log files for logins from unauthorized IPs.

  2. Check /proc/kmem for fragmented memory segments.

  3. Check for unencrypted passwords in /etc/shadow.

  4. Check timestamps for files modified around time of compromise.

  5. Use lsof to determine files with future timestamps.

  6. Use gpg to encrypt compromised data files.

  7. Verify the MD5 checksum of system binaries.

  8. Use vmstat to look for excessive disk I/O.

Answer: A,D,G

Question No: 238 – (Topic 2)

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?

  1. Isolate the system on a secure network to limit its contact with other systems

  2. Implement an application layer firewall to protect the payroll system interface

  3. Monitor the system’s security log for unauthorized access to the payroll application

  4. Perform reconciliation of all payroll transactions on a daily basis

Answer: A

Question No: 239 – (Topic 2)

An administrator believes that the web servers are being flooded with excessive traffic from time to time. The administrator suspects that these traffic floods correspond to when a competitor makes major announcements. Which of the following should the administrator do to prove this theory?

  1. Implement data analytics to try and correlate the occurrence times.

  2. Implement a honey pot to capture traffic during the next attack.

  3. Configure the servers for high availability to handle the additional bandwidth.

  4. Log all traffic coming from the competitor#39;s public IP addresses.

Answer: A

Topic 3, Volume C

Question No: 240 – (Topic 3)

An organization has had component integration related vulnerabilities exploited in consecutive releases of the software it hosts. The only reason the company was able to identify the compromises was because of a correlation of slow server performance and an attentive security analyst noticing unusual outbound network activity from the application servers. End-to-end management of the development process is the responsibility of the applications development manager and testing is done by various teams of programmers. Which of the following will MOST likely reduce the likelihood of similar incidents?

  1. Conduct monthly audits to verify that application modifications do not introduce new vulnerabilities.

  2. Implement a peer code review requirement prior to releasing code into production.

  3. Follow secure coding practices to minimize the likelihood of creating vulnerable applications.

  4. Establish cross-functional planning and testing requirements for software development activities.

Answer: D

100% Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass CAS-002 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE