A manufacturing company is having issues with unauthorized access and modification of the controls operating the production equipment. A communication requirement is to allow the free flow of data between all network segments at the site.
Which of the following BEST remediates the issue?
A. Implement SCADA security measures.A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplify the underlying complexity.
Which of the following is the MOST suitable integration platform to provide event-driven and standards-based secure software architecture?
A. Service oriented architecture (SOA)A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention.
Which of the following recommendations should the consultant provide to the security administrator?
A. Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction.
Which of the following designs BEST supports the given requirements?
A. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator.Which of the following should be used with caution because of its ability to provide access to block level data instead of file level data?
A. CIFSThe Chief Information Security Officer (CISO) regularly receives reports of a single department repeatedly violating the corporate security policy. The head of the department in question informs the CISO that the offending behaviors are a result of necessary business activities. The CISO assigns a junior security administrator to solve the issue.
Which of the following is the BEST course of action for the junior security administrator to take?
A. Work with the department head to find an acceptable way to change the business needs so the department no longer violates the corporate security policy.A company has asked their network engineer to list the major advantages for implementing a virtual environment in regards to cost. Which of the following would MOST likely be selected?
A. Ease of patch testingThe organization has an IT driver on cloud computing to improve delivery times for IT solution provisioning. Separate to this initiative, a business case has been approved for replacing the existing banking platform for credit card processing with a newer offering. It is the security practitioner's responsibility to evaluate whether the new credit card processing platform can be hosted within a cloud environment.
Which of the following BEST balances the security risk and IT drivers for cloud computing?
A. A third-party cloud computing platform makes sense for new IT solutions. This should be endorsed going forward so as to align with the IT strategy. However, the security practitioner will need to ensure that the third-party cloud provider does regular penetration tests to ensure that all data is secure.A corporation relies on a server running a trusted operating system to broker data transactions between different security zones on their network. Each zone is a separate domain and the only connection between the networks is via the
trusted server.
The three zones at the corporation are as followeD.

Zone A connects to a network, which is also connected to the Internet through a router.

Zone B to a closed research and development network.

Zone C to an intermediary switch supporting a SAN, dedicated to long- term audit log and file storage, so the corporation meets compliance requirements.
A firewall is deployed on the inside edge of the Internet connected router.
Which of the following is the BEST location to place other security equipment?
A. HIPS on all hosts in Zone A and B, and an antivirus and patch server in Zone C.Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology. Which of the following would be the advantage of conducting this kind of penetration test?
A. The risk of unplanned server outages is reduced.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.