The security team for Company XYZ has determined that someone from outside the organization has obtained sensitive information about the internal organization by querying the external DNS server of the company. The security manager is tasked with making sure this problem does not occur in the future.
How would the security manager address this problem?
A. Implement a split DNS, only allowing the external DNS server to contain information about domains that only the outside world should be aware, and an internal DNS server to maintain authoritative records for internal systems.A company has a primary DNS server at address 192.168.10.53 and a secondary server at 192.168.20.53. An administrator wants to secure a company by only allowing secure zone transfers to the secondary server. Which of the following should appear in the primary DNS configuration file to accomplish this?
A. key company-key.{ algorithm hmac-rc4; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.20.53; }A large enterprise is expanding through the acquisition of a second corporation.
Which of the following should be undertaken FIRST before connecting the networks of the newly formed entity?
A. A system and network scan to determine if all of the systems are secure.A software vendor has had several zero-day attacks against its software, due to previously unknown security defects being exploited by attackers. The attackers have been able to perform operations at the same security level as the trusted application. The vendor product management team has decided to re-design the application with security as a priority.
Which of the following is a design principle that should be used to BEST prevent these types of attacks?
A. Application sandboxingEmployees have recently requested remote access to corporate email and shared drives. Remote access has never been offered; however, the need to improve productivity and rapidly responding to customer demands means staff now requires remote access.
Which of the following controls will BEST protect the corporate network?
A. Develop a security policy that defines remote access requirements. Perform regular audits of user accounts and reviews of system logs.A large enterprise introduced a next generation firewall appliance into the Internet facing DMZ. All Internet traffic passes through this appliance. Four hours after implementation the network engineering team discovered that traffic through the DMZ now has un-acceptable latency, and is recommending that the new firewall be taken offline.
At what point in the implementation process should this problem have been discovered?
A. During the product selection phaseA production server has been compromised.
Which of the following is the BEST way to preserve the non-volatile evidence?
A. Shut the server down and image the hard drive.A Physical Security Manager is ready to replace all 50 analog surveillance cameras with IP cameras with built-in web management. The Security Manager has several security guard desks on different networks that must be able to view the cameras without unauthorized people viewing the video as well. The selected IP camera vendor does not have the ability to authenticate users at the camera level.
Which of the following should the Security Manager suggest to BEST secure this environment?
A. Create an IP camera network and deploy NIPS to prevent unauthorized access.An administrator is trying to categorize the security impact of a database server in the case of a security event. There are three databases on the server.
Current Financial Data = High level of damage if data is disclosed. Moderate damage if the system goes offline Archived Financial Data = No need for the database to be online. Low damage for integrity loss Public Website Data = Low damage if the site goes down. Moderate damage if the data is corrupted
Given these security categorizations of each database, which of the following is the aggregate security categorization of the database server?
A. Database server = {(Confidentiality HIGH),(Integrity High),(Availability High)}To support a software security initiative business case, a project manager needs to provide a cost benefit analysis. The project manager has asked the security consultant to perform a return on investment study. It has been estimated that by spending $300,000 on the software security initiative, a 30% savings in cost will be realized for each project.
Based on an average of 8 software projects at a current cost of $50,000 each, how many years will it take to see a positive ROI?
A. Nearly four yearsNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.