CAS-002 Latest Exam (Mar 2018)

[Free] 2018(Mar) EnsurePass Testinsides CompTIA CAS-002 Dumps with VCE and PDF 191-200

April 14, 2018 : Ensure you pass the IT Exams
2018 Mar CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 191 – (Topic 2)

An organization has implemented an Agile development process for front end web application development. A new security architect has just joined the company and wants to integrate security activities into the SDLC.

Which of the following activities MUST be mandated to ensure code quality from a security perspective? (Select TWO).

  1. Static and dynamic analysis is run as part of integration

  2. Security standards and training is performed as part of the project

  3. Daily stand-up meetings are held to ensure security requirements are understood

  4. For each major iteration penetration testing is performed

  5. Security requirements are story boarded and make it into the build

  6. A security design is performed at the end of the requirements phase

Answer: A,D

Question No: 192 – (Topic 2)

ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone?

  1. Ensure hypervisor layer firewalling between all VM hosts regardless of security zone.

  2. Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s).

  3. Organize VM hosts into containers based on security zone and restrict access using an ACL.

  4. Require multi-factor authentication when accessing the console at the physical VM host.

Answer: C

Question No: 193 – (Topic 2)

The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missing OS level patches. Upon further investigation, a technician notices that there are a

few unidentified processes running on a number of the servers. What would be a key FIRST step for the data security team to undertake at this point?

  1. Capture process ID data and submit to anti-virus vendor for review.

  2. Reboot the Linux servers, check running processes, and install needed patches.

  3. Remove a single Linux server from production and place in quarantine.

  4. Notify upper management of a security breach.

  5. Conduct a bit level image, including RAM, of one or more of the Linux servers.

Answer: E

Question No: 194 – (Topic 2)

A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the following would BEST help the executives meet this goal?

  1. Install GSM tracking on each product for end-to-end delivery visibility.

  2. Implement geo-fencing to track products.

  3. Require drivers to geo-tag documentation at each delivery location.

  4. Equip each truck with an RFID tag for location services.

Answer: B

Question No: 195 – (Topic 2)

A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The programmers are not on good terms with the security team and do not want to be distracted with security issues while they are working on a major project. Which of the following is the BEST time to make them address security issues in the project?

  1. In the middle of the project

  2. At the end of the project

  3. At the inception of the project

  4. At the time they request

Answer: C

Question No: 196 – (Topic 2)

A facilities manager has observed varying electric use on the company’s metered service lines. The facility management rarely interacts with the IT department unless new equipment is being delivered. However, the facility manager thinks that there is a correlation between spikes in electric use and IT department activity. Which of the following business processes and/or practices would provide better management of organizational resources with the IT department’s needs? (Select TWO).

  1. Deploying a radio frequency identification tagging asset management system

  2. Designing a business resource monitoring system

  3. Hiring a property custodian

  4. Purchasing software asset management software

  5. Facility management participation on a change control board

  6. Rewriting the change board charter

  7. Implementation of change management best practices

Answer: E,G

Question No: 197 – (Topic 2)

A company has decided to change its current business direction and refocus on core business. Consequently, several company sub-businesses are in the process of being sold-off. A security consultant has been engaged to advise on residual information security concerns with a de-merger. From a high-level perspective, which of the following BEST provides the procedure that the consultant should follow?

  1. Perform a penetration test for the current state of the company. Perform another penetration test after the de-merger. Identify the gaps between the two tests.

  2. Duplicate security-based assets should be sold off for commercial gain to ensure that the security posture of the company does not decline.

  3. Explain that security consultants are not trained to offer advice on company acquisitions or demergers. This needs to be handled by legal representatives well versed in corporate law.

  4. Identify the current state from a security viewpoint. Based on the demerger, assess what the security gaps will be from a physical, technical, DR, and policy/awareness perspective.

Answer: D

Question No: 198 – (Topic 2)

Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome?

  1. Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements. Test the product and make a product recommendation.

  2. Evaluate relevant RFC and ISO standards to choose an appropriate vendor product. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased.

  3. Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved.

  4. Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provider. Give access to internal security employees so that they can inspect the application payload data.

  5. Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product.

Answer: A

Question No: 199 – (Topic 2)

A company is trying to decide how to manage hosts in a branch location connected via a slow WAN link. The company desires to provide the same level of performance and functionality to the branch office as it provides to the main campus. The company uses Active Directory for its directory service and host configuration management. The branch location does not have a datacenter, and the physical security posture of the building is weak. Which of the following designs is MOST appropriate for this scenario?

  1. Deploy a branch location Read-Only Domain Controller in the DMZ at the main campus with a two-way trust.

  2. Deploy a corporate Read-Only Domain Controller to the branch location.

  3. Deploy a corporate Domain Controller in the DMZ at the main campus.

  4. Deploy a branch location Read-Only Domain Controller to the branch office location with a one-way trust.

  5. Deploy a corporate Domain Controller to the branch location.

  6. Deploy a branch location Domain Controller to the branch location with a one-way trust.

Answer: B

Question No: 200 – (Topic 2)

An administrator has enabled salting for users#39; passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain passwords on the system? (Select TWO).

  1. /etc/passwd

  2. /etc/shadow

  3. /etc/security

  4. /etc/password

  5. /sbin/logon

  6. /bin/bash

Answer: A,B

100% Ensurepass Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Ensurepass Free Guaranteed!
CAS-002 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No