CompTIA CAS-002 Online Practice Questions and Exam Preparation

CompTIA CAS-002 Online Questions & Answers

• Question 591:

  Which of the following is true about an unauthenticated SAMLv2 transaction?

  A. The browser asks the SP for a resource. The SP provides the browser with an XHTML format. The browser asks the IdP to validate the user, and then provides the XHTML back to the SP for access.
  B. The browser asks the IdP for a resource. The IdP provides the browser with an XHTML format. The browser asks the SP to validate the user, and then provides the XHTML to the IdP for access.
  C. The browser asks the IdP to validate the user. The IdP sends an XHTML form to the SP and a cookie to the browser. The browser asks for a resource to the SP, which verifies the cookie and XHTML format for access.
  D. The browser asks the SP to validate the user. The SP sends an XHTML form to the IdP. The IdP provides the XHTML form back to the SP, and then the browser asks the SP for a resource.
  A. The browser asks the SP for a resource. The SP provides the browser with an XHTML format. The browser asks the IdP to validate the user, and then provides the XHTML back to the SP for access.

• Question 592:

  Company A is trying to implement controls to reduce costs and time spent on litigation.

  To accomplish this, Company A has established several goals: Prevent data breaches from lost/stolen assets

  

  Reduce time to fulfill e-discovery requests Prevent PII from leaving the network

  

  

  Lessen the network perimeter attack surface

  

  Reduce internal fraud

  

  Which of the following solutions accomplishes the MOST of these goals?

  A. Implement separation of duties; enable full encryption on USB devices and cell phones, allow cell phones to remotely connect to e-mail and network VPN, enforce a 90 day data retention policy.
  B. Eliminate VPN access from remote devices. Restrict junior administrators to read-only shell access on network devices. Install virus scanning and SPAM filtering. Harden all servers with trusted OS extensions.
  C. Create a change control process with stakeholder review board, implement separation of duties and mandatory vacation, create regular SAN snapshots, enable GPS tracking on all cell phones and laptops, and fully encrypt all email in transport.
  D. Implement outgoing mail sanitation and incoming SPAM filtering. Allow VPN for mobile devices; cross train managers in multiple disciplines, ensure all corporate USB drives are provided by Company A and de-duplicate all server storage.
  A. Implement separation of duties; enable full encryption on USB devices and cell phones, allow cell phones to remotely connect to e-mail and network VPN, enforce a 90 day data retention policy.

• Question 593:

  The Chief Executive Officer (CEO) of a small start-up company wants to set up offices around the country for the sales staff to generate business. The company needs an effective communication solution to remain in constant contact with each other, while maintaining a secure business environment. A junior- level administrator suggests that the company and the sales staff stay connected via free social media. Which of the following decisions is BEST for the CEO to make?

  A. Social media is an effective solution because it is easily adaptable to new situations.
  B. Social media is an ineffective solution because the policy may not align with the business.
  C. Social media is an effective solution because it implements SSL encryption.
  D. Social media is an ineffective solution because it is not primarily intended for business applications.
  B. Social media is an ineffective solution because the policy may not align with the business.

• Question 594:

  Company A is purchasing Company B. Company A uses a change management system for all IT processes while Company B does not have one in place. Company B's IT staff needs to purchase a third party product to enhance production. Which of the following NEXT steps should be implemented to address the security impacts this product may cause?

  A. Purchase the product and test it in a lab environment before installing it on any live system.
  B. Allow Company A and B's IT staff to evaluate the new product prior to purchasing it.
  C. Purchase the product and test it on a few systems before installing it throughout the entire company.
  D. Use Company A's change management process during the evaluation of the new product.
  D. Use Company A's change management process during the evaluation of the new product.

• Question 595:

  Which of the following is the MOST appropriate control measure for lost mobile devices?

  A. Disable unnecessary wireless interfaces such as Bluetooth.
  B. Reduce the amount of sensitive data stored on the device.
  C. Require authentication before access is given to the device.
  D. Require that the compromised devices be remotely wiped.
  D. Require that the compromised devices be remotely wiped.

• Question 596:

  A security manager is concerned about performance and patch management, and, as a result, wants to implement a virtualization strategy to avoid potential future OS vulnerabilities in the host system. The IT manager wants a strategy that would provide the hypervisor with direct communications with the underlying physical hardware allowing the hardware resources to be paravirtualized and delivered to the guest machines. Which of the following recommendations from the server administrator BEST meets the IT and security managers' requirements? (Select TWO).

  A. Nested virtualized hypervisors
  B. Type 1 hypervisor
  C. Hosted hypervisor with a three layer software stack
  D. Type 2 hypervisor
  E. Bare metal hypervisor with a software stack of two layers
  B. Type 1 hypervisor
  E. Bare metal hypervisor with a software stack of two layers

• Question 597:

  The sales staff at a software development company has received the following requirements from a customer: "We need the system to notify us in advance of all software errors and report all outages". Which of the following BEST conveys these customer requirements to the software development team to understand and implement?

  A. The system shall send a status message to a network monitoring console every five seconds while in an error state and the system should email the administrator when the number of input errors exceeds five.
  B. The system shall alert the administrator upon the loss of network communications and when error flags are thrown.
  C. The system shall email the administrator when processing deviates from expected conditions and the system shall send a heartbeat message to a monitoring console every second while in normal operations.
  D. The system shall email the administrator when an error condition is detected and a flag is thrown and the system shall send an email to the administrator when network communications are disrupted.
  C. The system shall email the administrator when processing deviates from expected conditions and the system shall send a heartbeat message to a monitoring console every second while in normal operations.

• Question 598:

  The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15% per year in each of the last four years, but that this year's growth has slowed to around 7%. Over the same time period, the number of attacks against applications has decreased or stayed flat each year. At the start of the measure period, the incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago, the growth in the number of PC boot loader attacks has grown exponentially. Analysis of these trends would seem to suggest which of the following strategies should be employed?

  A. Spending on SCADA protections should stay steady; application control spending should increase substantially and spending on PC boot loader controls should increase substantially.
  B. Spending on SCADA security controls should stay steady; application control spending should decrease slightly and spending on PC boot loader protections should increase substantially.
  C. Spending all controls should increase by 15% to start; spending on application controls should be suspended, and PC boot loader protection research should increase by 100%.
  D. Spending on SCADA security controls should increase by 15%; application control spending should increase slightly, and spending on PC boot loader protections should remain steady.
  B. Spending on SCADA security controls should stay steady; application control spending should decrease slightly and spending on PC boot loader protections should increase substantially.

• Question 599:

  An administrator is unable to connect to a server via VNC.

  Upon investigating the host firewall configuration, the administrator sees the following lines: A INPUT -m state --state NEW -m tcp -p tcp --dport 3389 -j DENY

  

  A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j DENY

  

  A INPUT -m state --state NEW -m tcp -p tcp --dport 10000 -j ACCEPT

  

  A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j DENY

  

  A INPUT -m state --state NEW -m tcp -p tcp --sport 3389 -j ACCEPT

  

  Which of the following should occur to allow VNC access to the server?

  A. DENY needs to be changed to ACCEPT on one line.
  B. A line needs to be added.
  C. A line needs to be removed.
  D. Fix the typo in one line.
  B. A line needs to be added.

• Question 600:

  Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome?

  A. Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements. Test the product and make a product recommendation.
  B. Evaluate relevant RFC and ISO standards to choose an appropriate vendor product. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased.
  C. Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved.
  D. Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provider. Give access to internal security employees so that they can inspect the application payload data.
  E. Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product.
  A. Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements. Test the product and make a product recommendation.