CompTIA CAS-002 Online Practice Questions and Exam Preparation

CompTIA CAS-002 Online Questions & Answers

• Question 531:

  A medical device manufacturer has decided to work with another international organization to develop the software for a new robotic surgical platform to be introduced into hospitals within the next 12 months. In order to ensure a competitor does not become aware, management at the medical device manufacturer has decided to keep it secret until formal contracts are signed. Which of the following documents is MOST likely to contain a description of the initial terms and arrangement and is not legally enforceable?

  A. OLA
  B. BPA
  C. SLA
  D. SOA
  E. MOU
  E. MOU

• Question 532:

  Noticing latency issues at its connection to the Internet, a company suspects that it is being targeted in a Distributed Denial of Service attack. A security analyst discovers numerous inbound monlist requests coming to the company's NTP servers. Which of the following mitigates this activity with the LEAST impact to existing operations?

  A. Block in-bound connections to the company's NTP servers.
  B. Block IPs making monlist requests.
  C. Disable the company's NTP servers.
  D. Disable monlist on the company's NTP servers.
  D. Disable monlist on the company's NTP servers.

• Question 533:

  A company has been purchased by another agency and the new security architect has identified new security goals for the organization. The current location has video surveillance throughout the building and entryways. The following requirements must be met:

  1.

  Ability to log entry of all employees in and out of specific areas

  2.

  Access control into and out of all sensitive areas

  3.

  Two-factor authentication

  Which of the following would MOST likely be implemented to meet the above requirements and provide a secure solution? (Select TWO).

  A. Proximity readers
  B. Visitor logs
  C. Biometric readers
  D. Motion detection sensors
  E. Mantrap
  A. Proximity readers
  C. Biometric readers

• Question 534:

  A company is preparing to upgrade its NIPS at five locations around the world. The three platforms the team plans to test, claims to have the most advanced features and lucrative pricing. Assuming all platforms meet the functionality requirements, which of the following methods should be used to select the BEST platform?

  A. Establish return on investment as the main criteria for selection.
  B. Run a cost/benefit analysis based on the data received from the RFP.
  C. Evaluate each platform based on the total cost of ownership.
  D. Develop a service level agreement to ensure the selected NIPS meets all performance requirements.
  C. Evaluate each platform based on the total cost of ownership.

• Question 535:

  A company has a difficult time communicating between the security engineers, application developers, and sales staff. The sales staff tends to overpromise the application deliverables. The security engineers and application developers are falling behind schedule. Which of the following should be done to solve this?

  A. Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliverables.
  B. Allow the security engineering team to do application development so they understand why it takes so long.
  C. Allow the application developers to attend a sales conference so they understand how business is done.
  D. Allow the sales staff to learn application programming and security engineering so they understand the whole lifecycle.
  A. Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliverables.

• Question 536:

  An IT administrator wants to restrict DNS zone transfers between two geographically dispersed, external company DNS name servers, and has decided to use TSIG. Which of the following are critical when using TSIG? (Select TWO).

  A. Periodic key changes once the initial keys are established between the DNS name servers.
  B. Secure exchange of the key values between the two DNS name servers.
  C. A secure NTP source used by both DNS name servers to avoid message rejection.
  D. DNS configuration files on both DNS name servers must be identically encrypted.
  E. AES encryption with a SHA1 hash must be used to encrypt the configuration files on both DNS name servers.
  B. Secure exchange of the key values between the two DNS name servers.
  C. A secure NTP source used by both DNS name servers to avoid message rejection.

• Question 537:

  Company XYZ has just purchased Company ABC through a new acquisition. A business decision has been made to integrate the two company's networks, application, and several basic services.

  The initial integration of the two companies has specified the following requirements:

  Company XYZ requires access to the web intranet, file, print, secure FTP server, and authentication domain resources Company XYZ is being on boarded into Company ABC's authentication domain Company XYZ is considered partially

  trusted Company XYZ does not want performance issues when accessing ABC's systems

  Which of the following network security solutions will BEST meet the above requirements?

  A. Place a Company ABC managed firewall in Company XYZ's hub site; then place Company ABC's file, print, authentication, and secure FTP servers in a zone off the firewall. Ensure that Company ABC's business partner firewalls are opened up for web intranet access and other required services.
  B. Require Company XYZ to manage the router ACLs, controlling access to Company ABC resources, but with Company ABC approving the change control to the ACLs. Open up Company ABC's business partner firewall to permit access to Company ABC's file, print, secure FTP server, authentication servers and web intranet access.
  C. Place no restrictions on internal network connectivity between Company XYZ and Company ABC. Open up Company ABC's business partner firewall to permit access to Company ABC's file, print, secure FTP server, authentication servers and web intranet access.
  D. Place file, print, secure FTP server and authentication domain servers at Company XYZ's hub site. Open up Company ABC's business partner firewall to permit access to ABC's web intranet access and other required services.
  A. Place a Company ABC managed firewall in Company XYZ's hub site; then place Company ABC's file, print, authentication, and secure FTP servers in a zone off the firewall. Ensure that Company ABC's business partner firewalls are opened up for web intranet access and other required services.

• Question 538:

  A legacy system is not scheduled to be decommissioned for two years and requires the use of the standard Telnet protocol. Which of the following should be used to mitigate the security risks of this system?

  A. Migrate the system to IPv6.
  B. Migrate the system to RSH.
  C. Move the system to a secure VLAN.
  D. Use LDAPs for authentication.
  C. Move the system to a secure VLAN.

• Question 539:

  A corporation relies on a server running a trusted operating system to broker data transactions between different security zones on their network. Each zone is a separate domain and the only connection between the networks is via the

  trusted server.

  The three zones at the corporation are as followeD.

  Zone A connects to a network, which is also connected to the Internet through a router.

  

  Zone B to a closed research and development network.

  

  Zone C to an intermediary switch supporting a SAN, dedicated to long- term audit log and file storage, so the corporation meets compliance requirements.

  

  A firewall is deployed on the inside edge of the Internet connected router. Which of the following is the BEST location to place other security equipment?

  A. HIPS on all hosts in Zone A and B, and an antivirus and patch server in Zone C.
  B. A WAF on the switch in Zone C, an additional firewall in Zone A, and an antivirus server in Zone B.
  C. A NIPS on the switch in Zone C, an antivirus server in Zone A, and a patch server in Zone B.
  D. A NIDS on the switch in Zone C, a WAF in Zone A, and a firewall in Zone B.
  C. A NIPS on the switch in Zone C, an antivirus server in Zone A, and a patch server in Zone B.

• Question 540:

  A security officer is leading a lessons learned meeting. Which of the following should be components of that meeting? (Select TWO).

  A. Demonstration of IPS system
  B. Review vendor selection process
  C. Calculate the ALE for the event
  D. Discussion of event timeline
  E. Assigning of follow up items
  D. Discussion of event timeline
  E. Assigning of follow up items