Warehouse users are reporting performance issues at the end of each month when trying to access cloud applications to complete their end of the month financial reports. They have no problem accessing those applications at the beginning
of the month.
Network information:
DMZ network ?192.168.5.0/24
VPN network ?192.168.1.0/24
Datacenter ?192.168.2.0/24
User network - 192.168.3.0/24
HR network ?192.168.4.0/24
Warehouse network ?192.168.6.0/24
Finance network 192.168.7.0/24
Traffic shaper configuration:
VLAN Bandwidth limit (Mbps)
VPN50
User175
HR220
Finance230
Warehouse75
Guest50
External firewall allows all networks to access the Internet.
Internal Firewall Rules:
ActionSourceDestination
Permit192.168.1.0/24192.168.2.0/24
Permit192.168.1.0/24192.168.3.0/24
Permit192.168.1.0/24192.168.5.0/24
Permit192.168.2.0/24192.168.1.0/24
Permit192.168.3.0/24192.168.1.0/24
Permit192.168.5.0/24192.168.1.0/24
Permit192.168.4.0/24192.168.7.0/24
Permit192.168.7.0/24192.168.4.0/24
Permit192.168.7.0/24any
Deny192.168.4.0/24any
Deny192.168.1.0/24192.168.4.0/24
Denyanyany
Which of the following restrictions is the MOST likely cause?
A. Bandwidth limit on the traffic shaper for the finance departmentA bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/ JSON calls. The bank wants to ensure that the communication is stateless between the mobile application and the web services gateway. Which of the following controls MUST be implemented to enable stateless communication?
A. Generate a one-time key as part of the device registration process.After three vendors submit their requested documentation, the CPO and the SPM can better understand what each vendor does and what solutions that they can provide. But now they want to see the intricacies of how these solutions can adequately match the requirements needed by the firm. Upon the directive of the CPO, the CISO should submit which of the following to the three submitting firms?
A. A TandM contractA small company has recently placed a newly installed DNS server on the DMZ and wants to secure it by allowing Internet hosts to query the DNS server. Since the company deploys an internal DNS server, all DNS queries to that server coming from the company network should be blocked. An IT administrator has placed the following ACL on the company firewall:
Testing shows that the DNS server in the DMZ is not working. Which of the following should the administrator do to resolve the problem?
A. Modify the SRC and DST ports of ACL 1A port in a fibre channel switch failed, causing a costly downtime on the company's primary website. Which of the following is the MOST likely cause of the downtime?
A. The web server iSCSI initiator was down.An architect has been engaged to write the security viewpoint of a new initiative. Which of the following BEST describes a repeatable process that can be used for establishing the security architecture?
A. Inspect a previous architectural document. Based on the historical decisions made, consult the architectural control and pattern library within the organization and select the controls that appear to best fit this new architectural need.Wireless users are reporting issues with the company's video conferencing and VoIP systems. The security administrator notices DOS attacks on the network that are affecting the company's VoIP system (i.e. premature call drops and garbled call signals). The security administrator also notices that the SIP servers are unavailable during these attacks. Which of the following security controls will MOST likely mitigate the VoIP DOS attacks on the network? (Select TWO).
A. Configure 802.11b on the networkThe network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?
A. Review the flow data against each server's baseline communications profile.A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organization's configuration management process using?
A. AgileWhich of the following attacks does Unicast Reverse Path Forwarding prevent?
A. Man in the MiddleNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.