Within an organization, there is a known lack of governance for solution designs. As a result there are inconsistencies and varying levels of quality for the artifacts that are produced. Which of the following will help BEST improve this situation?
A. Ensure that those producing solution artifacts are reminded at the next team meeting that quality is important.
B. Introduce a peer review process that is mandatory before a document can be officially made final.
C. Introduce a peer review and presentation process that includes a review board with representation from relevant disciplines.
D. Ensure that appropriate representation from each relevant discipline approves of the solution documents before official approval.
A new vendor product has been acquired to replace a legacy perimeter security product. There are significant time constraints due to the existing solution nearing end-of-life with no options for extended support. It has been emphasized that only essential activities be performed. Which of the following sequences BEST describes the order of activities when balancing security posture and time constraints?
A. Install the new solution, migrate to the new solution, and test the new solution.
B. Purchase the new solution, test the new solution, and migrate to the new solution.
C. Decommission the old solution, install the new solution, and test the new solution.
D. Test the new solution, migrate to the new solution, and decommission the old solution.
A software vendor has had several zero-day attacks against its software, due to previously unknown security defects being exploited by attackers. The attackers have been able to perform operations at the same security level as the trusted application. The vendor product management team has decided to re- design the application with security as a priority. Which of the following is a design principle that should be used to BEST prevent these types of attacks?
A. Application sandboxing
B. Input validation
C. Penetration testing
D. Code reviews
Which of the following is the MOST secure way to ensure third party applications and introduce only acceptable risk?
A. Line by line code review and simu-lation; uncovers hidden vulnerabilities and allows for behavior to be observed with minimal risk.
B. Technical exchange meetings with the application's vendor; vendors have more in depth knowledge of the product.
C. Pilot trial; minimizes the impact to the enterprise while still providing services to enterprise users.
D. Full deployment with crippled features; allows for large scale testing and observation of the applications security profile.
The Chief Executive Officer (CEO) has asked a security project manager to provide recommendations on the breakout of tasks for the development of a new product. The CEO thinks that by assigning areas of work appropriately the overall
security of the product will be increased, because staff will focus on their areas of expertise. Given the below groups and tasks select the BEST list of assignments.
Groups: Networks, Development, Project Management, Security, Systems Engineering, Testing Tasks:
Decomposing requirements, Secure coding standards, Code stability, Functional validation, Stakeholder engagement, Secure transport
A. Systems Engineering. Decomposing requirements Development: Secure coding standards Testing. Code stability Project Management: Stakeholder engagement Security: Secure transport Networks: Functional validation
B. Systems Engineering. Decomposing requirements Development: Code stability Testing. Functional validation Project Management: Stakeholder engagement Security: Secure coding standards Networks: Secure transport
C. Systems Engineering. Functional validation Development: Stakeholder engagement Testing. Code stability Project Management: Decomposing requirements Security: Secure coding standards Networks: Secure transport
D. Systems Engineering. Decomposing requirements Development: Stakeholder engagement Testing. Code stability Project Management: Functional validation Security: Secure coding standards Networks: Secure transport
A systems security consultant is hired by Corporation X to analyze the current enterprise network environment and make recommendations for increasing network security. It is the consultant's first day on the job. Which of the following network design considerations should the consultant consider? (Select THREE).
A. What hardware and software would work best for securing the network?
B. What corporate assets need to be protected?
C. What are the business needs of the organization?
D. What outside threats are most likely to compromise network security?
E. What is the budget for this project?
F. What time and resources are needed to carry out the security plan?
An administrator wants to integrate the Credential Security Support Provider (CredSSP) protocol network level authentication (NLA) into the remote desktop terminal services environment. Which of the following are supported authentication or encryption methods to use while implementing this? (Select THREE).
A. Kerberos
B. NTLM
C. RADIUS
D. TACACS+
E. TLS
F. HMAC
G. Camellia
An administrator of a secure web server has several clients with top security clearance and prefers security over performance. By default, which of the following cipher suites would provide strong security, but at the same time the worst performance?
A. 3DES - SHA
B. DES - MD5
C. Camellia - SHA
D. RC4 - MD5
An employee of a company files a complaint with a security administrator. While sniffing network traffic, the employee discovers that financially confidential emails were passing between two warehouse users. The two users deny sending confidential emails to each other. Which of the following security practices would allow for non-repudiation and prevent network sniffers from reading the confidential mail? (Select TWO).
A. Transport encryption
B. Authentication hashing
C. Digital signature
D. Legal mail hold
E. TSIG code signing
A company has a primary DNS server at address 192.168.10.53 and a secondary server at 192.168.20.53. An administrator wants to secure a company by only allowing secure zone transfers to the secondary server. Which of the following should appear in the primary DNS configuration file to accomplish this?
A. key company-key.{ algorithm hmac-rc4; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.20.53; }
B. key company-key.{ algorithm hmac-md5; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.10.53; }
C. key company-key.{ algorithm hmac-md5; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.20.53; }
D. key company-key.{ algorithm hmac-rc4; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.10.53; }
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.