CompTIA CAS-002 Online Practice Questions and Exam Preparation

CompTIA CAS-002 Online Questions & Answers

• Question 661:

  A system architect has the following constraints from the customer: Confidentiality, Integrity, and Availability (CIA) are all of equal importance.

  

  Average availability must be at least 6 nines (99.9999%).

  

  All devices must support collaboration with every other user device.

  

  All devices must be VoIP and teleconference ready.

  

  Which of the following security controls is the BEST to apply to this architecture?

  A. Deployment of multiple standard images based on individual hardware configurations, employee choice of hardware and software requirements, triple redundancy of all processing equipment.
  B. Enforcement of strict network access controls and bandwidth minimization techniques, a single standard software image, high speed processing, and distributed backups of all equipment in the datacenter.
  C. Deployment of a unified VDI across all devices, SSD RAID in all servers, multiple identical hot sites, granting administrative rights to all users, backup of system critical data.
  D. Enforcement of security policies on mobile/remote devices, standard images and device hardware configurations, multiple layers of redundancy, and backup on all storage devices.
  D. Enforcement of security policies on mobile/remote devices, standard images and device hardware configurations, multiple layers of redundancy, and backup on all storage devices.

• Question 662:

  A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important?

  A. Insecure direct object references, CSRF, Smurf
  B. Privilege escalation, Application DoS, Buffer overflow
  C. SQL injection, Resource exhaustion, Privilege escalation
  D. CSRF, Fault injection, Memory leaks
  A. Insecure direct object references, CSRF, Smurf

• Question 663:

  The Chief Risk Officer (CRO) has requested that the MTD, RTO and RPO for key business applications be identified and documented. Which of the following business documents would MOST likely contain the required values?

  A. MOU
  B. BPA
  C. RA
  D. SLA
  E. BIA
  E. BIA

• Question 664:

  Company XYZ plans to donate 1,000 used computers to a local school. The company has a large research and development section and some of the computers were previously used to store proprietary research.

  The security administrator is concerned about data remnants on the donated machines, but the company does not have a device sanitization section in the data handling policy.

  Which of the following is the BEST course of action for the security administrator to take?

  A. Delay the donation until a new policy is approved by the Chief Information Officer (CIO), and then donate the machines.
  B. Delay the donation until all storage media on the computers can be sanitized.
  C. Reload the machines with an open source operating system and then donate the machines.
  D. Move forward with the donation, but remove all software license keys from the machines.
  B. Delay the donation until all storage media on the computers can be sanitized.

• Question 665:

  A sensitive database needs its cryptographic integrity upheld. Which of the following controls meets this goal? (Select TWO).

  A. Data signing
  B. Encryption
  C. Perfect forward secrecy
  D. Steganography
  E. Data vaulting
  F. RBAC
  G. Lock and key
  A. Data signing
  F. RBAC

• Question 666:

  A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various security devices compiled from a report through the company's

  security information and event management server.

  Logs:

  Log 1:

  Feb 5 23:55:37.743: %SEC-6-IPACCESSLOGS: list 10 denied 10.2.5.81 3 packets

  Log 2:

  HTTP://www.company.com/index.php?user=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

  Log 3:

  Security Error Alert

  Event ID 50: The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client

  Log 4:

  Encoder oe = new OracleEncoder ();

  String query = "Select user_id FROM user_data WHERE user_name = ` "

  + oe.encode ( req.getParameter("userID") ) + " ` and user_password = ` "

  + oe.encode ( req.getParameter("pwd") ) +" ` ";

  Vulnerabilities

  Buffer overflow

  SQL injection ACL XSS

  Which of the following logs and vulnerabilities would MOST likely be related to the security breach? (Select TWO).

  A. Log 1
  B. Log 2
  C. Log 3
  D. Log 4
  E. Buffer overflow
  F. ACL
  G. XSS
  H. SQL injection
  B. Log 2
  E. Buffer overflow

• Question 667:

  The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage; and realizes this is a risk to the company. In response, the CISO implements a mandatory training course in which all employees are instructed on the proper use of cloud-based storage. Which of the following risk strategies did the CISO implement?

  A. Avoid
  B. Accept
  C. Mitigate
  D. Transfer
  C. Mitigate

• Question 668:

  The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate data and result in regulatory fines as well as poor

  corporate publicity. The network is mostly flat, with split staff/guest wireless functionality.

  Which of the following equipment MUST be deployed to guard against unknown threats?

  A. Cloud-based antivirus solution, running as local admin, with push technology for definition updates.
  B. Implementation of an offsite data center hosting all company data, as well as deployment of VDI for all client computing needs.
  C. Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter firewall ACLs.
  D. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.
  D. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.

• Question 669:

  The Chief Information Security Officer (CISO) of a small bank wants to embed a monthly testing regiment into the security management plan specifically for the development area. The CISO's requirements are that testing must have a low risk of impacting system stability, can be scripted, and is very thorough. The development team claims that this will lead to a higher degree of test script maintenance and that it would be preferable if the testing was outsourced to a third party. The CISO still maintains that third-party testing would not be as thorough as the third party lacks the introspection of the development team. Which of the following will satisfy the CISO requirements?

  A. Grey box testing performed by a major external consulting firm who have signed a NDA.
  B. Black box testing performed by a major external consulting firm who have signed a NDA.
  C. White box testing performed by the development and security assurance teams.
  D. Grey box testing performed by the development and security assurance teams.
  C. White box testing performed by the development and security assurance teams.

• Question 670:

  CORRECT TEXT An administrator wants to install a patch to an application. Given the scenario, download, verify and install the patch in the most secure manner. Instructions The last install that is completed will be the final submission

  You need to check the hash value of download software with md5 utility.