Most up-to-date CAS-002 testing engine Guide

Ucertify CAS-002 Questions are updated and all CAS-002 answers are verified by experts. Once you have completely prepared with our CAS-002 exam prep kits you will be ready for the real CAS-002 exam without a problem. We have Abreast of the times CompTIA CAS-002 dumps study guide. PASSED CAS-002 First attempt! Here What I Did.

Q191. - (Topic 3) 

Company A has a remote work force that often includes independent contractors and out of state full time employees. 

Company A's security engineer has been asked to implement a solution allowing these users to collaborate on projects with the following goals: 

Which of the following solutions should the security engineer recommend to meet the MOST goals? 

A. Create an SSL reverse proxy to a collaboration workspace. Use remote installation service to maintain application version. Have users use full desktop encryption. Schedule server downtime from 12:00 to 1:00 PM. 

B. Install an SSL VPN to Company A's datacenter, have users connect to a standard virtual workstation image, set workstation time of day restrictions. 

C. Create an extranet web portal using third party web based office applications. Ensure that Company A maintains the administrative access. 

D. Schedule server downtime from 12:00 to 1:00 PM, implement a Terminal Server 

Gateway, use remote installation services to standardize application on user’s laptops. 

Answer: B 

Q192. - (Topic 2) 

ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE). 

A. Establish a list of users that must work with each regulation 

B. Establish a list of devices that must meet each regulation 

C. Centralize management of all devices on the network 

D. Compartmentalize the network 

E. Establish a company framework 

F. Apply technical controls to meet compliance with the regulation 

Answer: B,D,F 

Q193. - (Topic 3) 

Due to cost and implementation time pressures, a security architect has allowed a NAS to be used instead of a SAN for a non-critical, low volume database. Which of the following would make a NAS unsuitable for a business critical, high volume database application that required a high degree of data confidentiality and data availability? (Select THREE). 

A. File level transfer of data 

B. Zoning and LUN security 

C. Block level transfer of data 

D. Multipath 

E. Broadcast storms 

F. File level encryption 

G. Latency 

Answer: A,E,G 

Q194. - (Topic 3) 

Company A is purchasing Company B. Company A uses a change management system for all IT processes while Company B does not have one in place. Company B’s IT staff needs to purchase a third party product to enhance production. Which of the following NEXT steps should be implemented to address the security impacts this product may cause? 

A. Purchase the product and test it in a lab environment before installing it on any live system. 

B. Allow Company A and B’s IT staff to evaluate the new product prior to purchasing it. 

C. Purchase the product and test it on a few systems before installing it throughout the entire company. 

D. Use Company A’s change management process during the evaluation of the new product. 

Answer: D 

Q195. - (Topic 2) 

An organization has implemented an Agile development process for front end web application development. A new security architect has just joined the company and wants to integrate security activities into the SDLC. 

Which of the following activities MUST be mandated to ensure code quality from a security perspective? (Select TWO). 

A. Static and dynamic analysis is run as part of integration 

B. Security standards and training is performed as part of the project 

C. Daily stand-up meetings are held to ensure security requirements are understood 

D. For each major iteration penetration testing is performed 

E. Security requirements are story boarded and make it into the build 

F. A security design is performed at the end of the requirements phase 

Answer: A,D 

Q196. - (Topic 2) 

After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system was restored on a newer revision of the same brand and model device. After the restore, the specialized application no longer works. Which of the following is the MOST likely cause of the problem? 

A. The binary files used by the application have been modified by malware. 

B. The application is unable to perform remote attestation due to blocked ports. 

C. The restored image backup was encrypted with the wrong key. 

D. The hash key summary of hardware and installed software no longer match. 

Answer: D 

Q197. CORRECT TEXT - (Topic 3) 

The IDS has detected abnormal behavior on this network Click on the network devices to view device information Based on this information, the following tasks need to be completed: 

1. Select the server that is a victim of a SQL injection attack. 

2 Select the source of the buffer overflow attack. 

3. Modify the access control list (ACL) on the router(s) to ONLY block the buffer overflow attack. 

Instructions: Simulations can be reset at any time to the initial state: however, all selections will be deleted. 

Answer: Follow the Steps as 

Q198. - (Topic 1) 

A company is facing penalties for failing to effectively comply with e-discovery requests. Which of the following could reduce the overall risk to the company from this issue? 

A. Establish a policy that only allows filesystem encryption and disallows the use of individual file encryption. 

B. Require each user to log passwords used for file encryption to a decentralized repository. 

C. Permit users to only encrypt individual files using their domain password and archive all old user passwords. 

D. Allow encryption only by tools that use public keys from the existing escrowed corporate PKI. 

Answer: D 

Q199. - (Topic 2) 

A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the BEST description of why this is true? 

A. Commercially available software packages are typically well known and widely available. Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid lawsuits. 

B. Commercially available software packages are often widely available. Information concerning vulnerabilities is often kept internal to the company that developed the software. 

C. Commercially available software packages are not widespread and are only available in limited areas. Information concerning vulnerabilities is often ignored by business managers. 

D. Commercially available software packages are well known and widely available. Information concerning vulnerabilities and viable attack patterns are always shared within the IT community. 

Answer: B 

Q200. - (Topic 4) 

An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendor’s RFP responses is in-line with the security and other requirements. Which of the following should the security administrator do to ensure the firewall platform is appropriate for the Association? 

A. Correlate current industry research with the RFP responses to ensure validity. 

B. Create a lab environment to evaluate each of the three firewall platforms. 

C. Benchmark each firewall platform’s capabilities and experiences with similar sized companies. 

D. Develop criteria and rate each firewall platform based on information in the RFP responses. 

Answer: B