CompTIA CAS-002 Online Practice Questions and Exam Preparation

CompTIA CAS-002 Online Questions & Answers

• Question 91:

  The Linux server at Company A hosts a graphical application widely used by the company designers. One designer regularly connects to the server from a Mac laptop in the designer's office down the hall. When the security engineer learns of this it is discovered the connection is not secured and the password can easily be obtained via network sniffing. Which of the following would the security engineer MOST likely implement to secure this connection?

  Linux Server: 192.168.10.10/24 Mac Laptop: 192.168.10.200/24

  A. From the server, establish an SSH tunnel to the Mac and VPN to 192.168.10.200.
  B. From the Mac, establish a remote desktop connection to 192.168.10.10 using Network Layer Authentication and the CredSSP security provider.
  C. From the Mac, establish a VPN to the Linux server and connect the VNC to 127.0.0.1.
  D. From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to 127.0.0.1.
  D. From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to 127.0.0.1.

• Question 92:

  A security administrator must implement a SCADA style network overlay to ensure secure remote management of all network management and infrastructure devices. Which of the following BEST describes the rationale behind this architecture?

  A. A physically isolated network that allows for secure metric collection.
  B. A physically isolated network with inband management that uses two factor authentication.
  C. A logically isolated network with inband management that uses secure two factor authentication.
  D. An isolated network that provides secure out-of-band remote management.
  D. An isolated network that provides secure out-of-band remote management.

• Question 93:

  Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets.

  The information security team has been a part of the department meetings and come away with the following notes:

  -Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application. -Sales is asking for easy

  order tracking to facilitate feedback to customers.

  -Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction.

  -Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy.

  -Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining.

  The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and

  data encryption.

  Which of the following departments' request is in contrast to the favored solution?

  A. Manufacturing
  B. Legal
  C. Sales
  D. Quality assurance
  E. Human resources
  E. Human resources

• Question 94:

  The security administrator of a large enterprise is tasked with installing and configuring a solution that will allow the company to inspect HTTPS traffic for signs of hidden malware and to detect data exfiltration over encrypted channels. After installing a transparent proxy server, the administrator is ready to configure the HTTPS traffic inspection engine and related network equipment. Which of the following should the security administrator implement as part of the network and proxy design to ensure the browser will not display any certificate errors when browsing HTTPS sites? (Select THREE).

  A. Install a self-signed Root CA certificate on the proxy server.
  B. The proxy configuration of all users' browsers must point to the proxy IP.
  C. TCP port 443 requests must be redirected to TCP port 80 on the web server.
  D. All users' personal certificates' public key must be installed on the proxy.
  E. Implement policy-based routing on a router between the hosts and the Internet.
  F. The proxy certificate must be installed on all users' browsers.
  A. Install a self-signed Root CA certificate on the proxy server.
  E. Implement policy-based routing on a router between the hosts and the Internet.
  F. The proxy certificate must be installed on all users' browsers.

• Question 95:

  A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect? (Select TWO).

  A. Perform penetration testing over the HR solution to identify technical vulnerabilities
  B. Perform a security risk assessment with recommended solutions to close off high-rated risks
  C. Secure code review of the HR solution to identify security gaps that could be exploited
  D. Perform access control testing to ensure that privileges have been configured correctly
  E. Determine if the information security standards have been complied with by the project
  B. Perform a security risk assessment with recommended solutions to close off high-rated risks
  E. Determine if the information security standards have been complied with by the project

• Question 96:

  Company A needs to export sensitive data from its financial system to company B's database, using company B's API in an automated manner. Company A's policy prohibits the use of any intermediary external systems to transfer or store its sensitive data, therefore the transfer must occur directly between company A's financial system and company B's destination server using the supplied API. Additionally, company A's legacy financial software does not support encryption, while company B's API supports encryption. Which of the following will provide end-to-end encryption for the data transfer while adhering to these requirements?

  A. Company A must install an SSL tunneling software on the financial system.
  B. Company A's security administrator should use an HTTPS capable browser to transfer the data.
  C. Company A should use a dedicated MPLS circuit to transfer the sensitive data to company B.
  D. Company A and B must create a site-to-site IPSec VPN on their respective firewalls.
  A. Company A must install an SSL tunneling software on the financial system.

• Question 97:

  A security administrator notices a recent increase in workstations becoming compromised by malware. Often, the malware is delivered via drive-by downloads, from malware hosting websites, and is not being detected by the corporate antivirus. Which of the following solutions would provide the BEST protection for the company?

  A. Increase the frequency of antivirus downloads and install updates to all workstations.
  B. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections.
  C. Deploy a WAF to inspect and block all web traffic which may contain malware and exploits.
  D. Deploy a web based gateway antivirus server to intercept viruses before they enter the network.
  B. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections.

• Question 98:

  Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components of the proprietary web application before launch. Which of the following is the penetration tester MOST likely to use while performing black box testing of the security of the company's purchased application? (Select TWO).

  A. Code review
  B. Sandbox
  C. Local proxy
  D. Fuzzer
  E. Port scanner
  C. Local proxy
  D. Fuzzer

• Question 99:

  A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO's requirement?

  A. GRC
  B. IPS
  C. CMDB
  D. Syslog-ng
  E. IDS
  A. GRC

• Question 100:

  A security administrator wants to perform an audit of the company password file to ensure users are not using personal information such as addresses and birthdays as part of their password. The company employs 200,000 users, has virtualized environments with cluster and cloud-based computing resources, and enforces a minimum password length of 14 characters. Which of the following options is BEST suited to run the password auditing software and produce a report in the SHORTEST amount of time?

  A. The system administrator should take advantage of the company's cluster based computing resources, upload the password file to the cluster, and run the password cracker on that platform.
  B. The system administrator should upload the password file to a virtualized de-duplicated storage system to reduce the password entries and run a password cracker on that file.
  C. The system administrator should build a virtual machine on the administrator's desktop, transfer the password file to it, and run the a password cracker on the virtual machine.
  D. The system administrator should upload the password file to cloud storage and use on- demand provisioning to build a purpose based virtual machine to run a password cracker on all the users.
  A. The system administrator should take advantage of the company's cluster based computing resources, upload the password file to the cluster, and run the password cracker on that platform.