Top Highest Quality CAS-002 dump Tips!
Highest Quality of CAS-002 exam answers materials and testing material for CompTIA certification for IT professionals, Real Success Guaranteed with Updated CAS-002 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP) exam Today!
P.S. Highest Quality CAS-002 testing material are available on Google Drive, GET MORE: https://drive.google.com/open?id=1i-DSDDbU7Ij9pDq-9iid94VozRUrxe72
New CompTIA CAS-002 Exam Dumps Collection (Question 5 - Question 14)
Question No: 5
Which of the following provides the HIGHEST level of security for an integrated network providing services to authenticated corporate users?
A. Point to point VPN tunnels for external users, three-factor authentication, a cold site, physical security guards, cloud based servers, and IPv6 networking.
B. IPv6 networking, port security, full disk encryption, three-factor authentication, cloud based servers, and a cold site.
C. Port security on switches, point to point VPN tunnels for user server connections, two- factor cryptographic authentication, physical locks, and a standby hot site.
D. Port security on all switches, point to point VPN tunnels for user connections to servers, two-factor authentication, a sign-in roster, and a warm site.
Answer: : C
Question No: 6
A security consultant is called into a small advertising business to recommend which security policies and procedures would be most helpful to the business. The business is comprised of 20 employees, operating off of two shared servers. One server houses employee data and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not access either of the servers remotely. Assuming no security policies or procedures are in place right now, which of the following would be the MOST applicable for implementation? (Select TWO).
A. Password Policy
B. Data Classification Policy
C. Wireless Access Procedure
D. VPN Policy
E. Database Administrative Procedure
Question No: 7
A business owner has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently implemented a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation?
A. The business owner is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.
B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.
C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the business owner.
D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.
Question No: 8
A small company hosting multiple virtualized client servers on a single host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage solution. Which of the following is the hosting company MOST likely trying to achieve?
A. Increased customer data availability
B. Increased customer data confidentiality
C. Increased security through provisioning
D. Increased security through data integrity
Question No: 9
A security manager is developing new policies and procedures. Which of the following is a best practice in end user security?
A. Employee identity badges and physical access controls to ensure only staff are allowed onsite.
B. A training program that is consistent, ongoing, and relevant.
C. Access controls to prevent end users from gaining access to confidential data.
D. Access controls for computer systems and networks with two-factor authentication.
Question No: 10
u201cWe need the system to produce a series of numbers with no discernible mathematical progression for use by our Java based, PKI-enabled, customer facing website.u201d
Which of the following BEST restates the customer need?
A. The system shall use a pseudo-random number generator seeded the same every time.
B. The system shall generate a pseudo-random number upon invocation by the existing Java program.
C. The system shall generate a truly random number based upon user PKI certificates.
D. The system shall implement a pseudo-random number generator for use by corporate customers.
Answer: : B
Question No: 11
The internal audit department is investigating a possible breach of security. One of the auditors is sent to interview the following employees:
Employee A. Works in the accounts receivable office and is in charge of entering data into the finance system.
Employee B. Works in the accounts payable office and is in charge of approving purchase orders.
Employee C. Is the manager of the finance department, supervises Employee A and Employee B, and can perform the functions of both Employee A and Employee B.
Which of the following should the auditor suggest be done to avoid future security breaches?
A. All employees should have the same access level to be able to check on each others.
B. The manager should only be able to review the data and approve purchase orders.
C. Employee A and Employee B should rotate jobs at a set interval and cross-train.
D. The manager should be able to both enter and approve information.
Question No: 12
A company runs large computing jobs only during the overnight hours. To minimize the amount of capital investment in equipment, the company relies on the elastic computing services of a major cloud computing vendor. Because the virtual resources are created and destroyed on the fly across a large pool of shared resources, the company never knows which specific hardware platforms will be used from night to night. Which of the following presents the MOST risk to confidentiality in this scenario?
A. Loss of physical control of the servers
B. Distribution of the job to multiple data centers
C. Network transmission of cryptographic keys
D. Data scraped from the hardware platforms
Question No: 13
Company A needs to export sensitive data from its financial system to company Bu2019s database, using company Bu2019s API in an automated manner. Company Au2019s policy prohibits the use of any intermediary external systems to transfer or store its sensitive data, therefore the transfer must occur directly between company Au2019s financial system and company Bu2019s destination server using the supplied API. Additionally, company Au2019s legacy financial software does not support encryption, while company Bu2019s API supports encryption. Which of the following will provide end-to-end encryption for the data transfer while adhering to these requirements?
A. Company A must install an SSL tunneling service on the financial system.
B. Company Au2019s security administrator should use an HTTPS capable browser to transfer the data.
C. Company A should use a dedicated MPLS circuit to transfer the sensitive data to company B.
A. D. Company A and B must create a site-to-site IPSec VPN on their respective firewalls.
Question No: 14
A new internal network segmentation solution will be implemented into the enterprise that consists of 200 internal firewalls. As part of running a pilot exercise, it was determined that it takes three changes to deploy a new application onto the network before it is operational. Security now has a significant affect on overall availability. Which of the following would be the FIRST process to perform as a result of these findings?
A. Lower the SLA to a more tolerable level and perform a risk assessment to see if the solution could be met by another solution. Reuse the firewall infrastructure on other projects.
B. Perform a cost benefit analysis and implement the solution as it stands as long as the risks are understood by the business owners around the availability issues. Decrease the current SLA expectations to match the new solution.
C. Engage internal auditors to perform a review of the project to determine why and how the project did not meet the security requirements. As part of the review ask them to review the control effectiveness.
D. Review to determine if control effectiveness is in line with the complexity of the solution. Determine if the requirements can be met with a simpler solution.
see more free CAS-002 exam dumps
Recommend!! Get the Highest Quality CAS-002 dumps in VCE and PDF From Thedumpscentre, Welcome to download: http://www.thedumpscentre.com/CAS-002-dumps/ (New 532 Q&As Version)