Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
CAS-002 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader CompTIA CAS-002 Dumps with VCE and PDF 291-300

September 15, 2017

EnsurePass
2017 Sep CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/CAS-002.html

CompTIA Advanced Security Practitioner (CASP)

Question No: 291 – (Topic 3)

An organization did not know its internal customer and financial databases were compromised until the attacker published sensitive portions of the database on several popular attacker websites. The organization was unable to determine when, how, or who conducted the attacks but rebuilt, restored, and updated the compromised database server to continue operations.

Which of the following is MOST likely the cause for the organization’s inability to determine what really occurred?

  1. Too few layers of protection between the Internet and internal network

  2. Lack of a defined security auditing methodology

  3. Poor intrusion prevention system placement and maintenance

  4. Insufficient logging and mechanisms for review

Answer: D

Question No: 292 – (Topic 3)

A business wants to start using social media to promote the corporation and to ensure that customers have a good experience with their products. Which of the following security items should the company have in place before implementation? (Select TWO).

  1. The company must dedicate specific staff to act as social media representatives of the company.

  2. All staff needs to be instructed in the proper use of social media in the work environment.

  3. Senior staff blogs should be ghost written by marketing professionals.

  4. The finance department must provide a cost benefit analysis for social media.

  5. The security policy needs to be reviewed to ensure that social media policy is properly implemented.

  6. The company should ensure that the company has sufficient bandwidth to allow for social media traffic.

Answer: A,E

Question No: 293 – (Topic 3)

The risk committee has endorsed the adoption of a security system development life cycle (SSDLC) designed to ensure compliance with PCI-DSS, HIPAA, and meet the organization’s mission. Which of the following BEST describes the correct order of implementing a five phase SSDLC?

  1. Initiation, assessment/acquisition, development/implementation, operations/maintenance and sunset.

  2. Initiation, acquisition/development, implementation/assessment, operations/maintenance and sunset.

  3. Assessment, initiation/development, implementation/assessment, operations/maintenance and disposal.

  4. Acquisition, initiation/development, implementation/assessment,

operations/maintenance and disposal.

Answer: B

Question No: 294 – (Topic 3)

An IT administrator wants to restrict DNS zone transfers between two geographically dispersed, external company DNS name servers, and has decided to use TSIG. Which of the following are critical when using TSIG? (Select TWO).

  1. Periodic key changes once the initial keys are established between the DNS name servers.

  2. Secure exchange of the key values between the two DNS name servers.

  3. A secure NTP source used by both DNS name servers to avoid message rejection.

  4. DNS configuration files on both DNS name servers must be identically encrypted.

  5. AES encryption with a SHA1 hash must be used to encrypt the configuration files on both DNS name servers.

Answer: B,C

Question No: 295 – (Topic 3)

The security administrator is responsible for the confidentiality of all corporate data. The company’s servers are located in a datacenter run by a different vendor. The vendor datacenter hosts servers for many different clients, all of whom have access to the datacenter. None of the racks are physically secured. Recently, the company has been the victim of several attacks involving data injection and exfiltatration. The security administrator suspects these attacks are due to several new network based attacks facilitated by having physical access to a system. Which of the following BEST describes how to adapt to the threat?

  1. Apply port security to all switches, switch to SCP, and implement IPSec tunnels between devices.

  2. Apply two factor authentication, require point to point VPNs, and enable log auditing on all devices.

  3. Apply port security to all routers, switch to telnet, and implement point to point VPNs on all servers.

  4. Apply three factor authentication, implement IPSec, and enable SNMP.

Answer: A

Question No: 296 – (Topic 3)

A financial institution wants to reduce the costs associated with managing and troubleshooting employees’ desktops and applications, while keeping employees from copying data onto external storage. The Chief Information Officer (CIO) has asked the security team to evaluate four solutions submitted by the change management group. Which of the following BEST accomplishes this task?

  1. Implement desktop virtualization and encrypt all sensitive data at rest and in transit.

  2. Implement server virtualization and move the application from the desktop to the server.

  3. Implement VDI and disable hardware and storage mapping from the thin client.

  4. Move the critical applications to a private cloud and disable VPN and tunneling.

Answer: C

Question No: 297 – (Topic 3)

A startup company offering software on demand has hired a security consultant to provide expertise on data security. The company’s clients are concerned about data confidentiality. The security consultant must design an environment with data confidentiality as the top priority, over availability and integrity. Which of the following designs is BEST suited for this purpose?

  1. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment to access the virtualized applications. A secret key kept by the startup encrypts the application virtual memory and data store.

  2. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment and to access the virtualized applications. Each client has a common shared key, which encrypts the application virtual memory and data store.

  3. Each client is assigned a set of virtual hosts running shared hardware. Physical storage is partitioned into LUNS and assigned to each client. MPLS technology is used to segment and encrypt each of the client’s networks. PKI based remote desktop with hardware tokens is used by the client to connect to the application.

  4. Each client is assigned a set of virtual hosts running shared hardware. Virtual storage is partitioned and assigned to each client. VLAN technology is used to segment each of the client’s networks. PKI based remote desktop access is used by the client to connect to the application.

Answer: C

Question No: 298 – (Topic 3)

A small customer focused bank with implemented least privilege principles, is concerned about the possibility of branch staff unintentionally aiding fraud in their day to day interactions with customers. Bank staff has been encouraged to build friendships with customers to make the banking experience feel more personal. The security and risk team have decided that a policy needs to be implemented across all branches to address the risk. Which of the following BEST addresses the security and risk team’s concerns?

  1. Information disclosure policy

  2. Awareness training

  3. Job rotation

  4. Separation of duties

Answer: B

Question No: 299 – (Topic 3)

A new web application system was purchased from a vendor and configured by the internal development team. Before the web application system was moved into production, a vulnerability assessment was conducted. A review of the vulnerability assessment report indicated that the testing team discovered a minor security issue with the configuration of the web application. The security issue should be reported to:

  1. CISO immediately in an exception report.

  2. Users of the new web application system.

  3. The vendor who supplied the web application system.

  4. Team lead in a weekly report.

Answer: D

Question No: 300 – (Topic 3)

A security consultant is called into a small advertising business to recommend which security policies and procedures would be most helpful to the business. The business is

comprised of 20 employees, operating off of two shared servers. One server houses employee data and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not access either of the servers remotely. Assuming no security policies or procedures are in place right now, which of the following would be the MOST applicable for implementation? (Select TWO).

  1. Password Policy

  2. Data Classification Policy

  3. Wireless Access Procedure

  4. VPN Policy

  5. Database Administrative Procedure

Answer: A,B

100% Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass CAS-002 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE