A company has adopted a BYOD program. The company would like to protect confidential information. However, it has been decided that when an employee leaves, the company will not completely wipe the personal device. Which of the following would MOST likely help the company maintain security when employees leave?
A. Require cloud storage on corporate servers and disable access upon terminationTwo separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete?
A. They should logon to the system using the username concatenated with the 6-digit code and their original password.On Monday, the Chief Information Officer (CIO) of a state agency received an e-discovery request for the release of all emails sent and received by the agency board of directors for the past five years. The CIO has contacted the email administrator and asked the administrator to provide the requested information by end of day on Friday. Which of the following has the GREATEST impact on the ability to fulfill the e- discovery request?
A. Data retention policyNews outlets are beginning to report on a number of retail establishments that are experiencing payment card data breaches. The data exfiltration is enabled by malware on a compromised computer. After the initial exploit network mapping and fingerprinting occurs in preparation for further exploitation. Which of the following is the MOST effective solution to protect against unrecognized malware infections, reduce detection time, and minimize any damage that might be done?
A. Remove local admin permissions from all users and change anti-virus to a cloud aware, push technology.A company recently experienced a malware outbreak. It was caused by a vendor using an approved non- company device on the company's corporate network that impacted manufacturing lines, causing a week of downtime to recover from the attack.
Which of the following reduces this threat and minimizes potential impact on the manufacturing lines?
A. Disable remote access capabilities on manufacturing SCADA systems.SDLC is being used for the commissioning of a new platform. To provide an appropriate level of assurance the security requirements that were specified at the project origin need to be carried through to implementation. Which of the following would BEST help to determine if this occurred?
A. Requirements workshopJoe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context of the victim's privilege level. The browser crashes due to an exception error when a heap memory that is unused is accessed. Which of the following BEST describes the application issue?
A. Integer overflowA programming team is deploying a new PHP module to be run on a Solaris 10 server with trusted extensions. The server is configured with three zones, a management zone, a customer zone, and a backend zone. The security model is constructed so that only programs in the management zone can communicate data between the zones. After installation of the new PHP module, which handles on-line customer payments, it is not functioning correctly. Which of the following is the MOST likely cause of this problem?
A. The PHP module is written to transfer data from the customer zone to the management zone, and then from the management zone to the backend zone.A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:
Customers to upload their log files to the "big data" platform Customers to perform remote log search Customers to integrate into the platform using an API so that third party business intelligence tools can be used for the purpose of trending,
insights, and/or discovery
Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).
A. Secure storage and transmission of API keysAn organization recently upgraded its wireless infrastructure to support WPA2 and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only WEP compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the WPA2 requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?
A. Create a separate SSID and WEP key to support the legacy clients and enable detection of rogue APs.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.