The merchandise connected with CompTIA enterprise widely-used through numerous people for many people a new years. The particular CompTIA qualifications are called the actual image connected with legitimateness and also agreement. The assumption is this to be able to verify all by yourself around, you need no less than one official certifications on the Pass4sure CAS-002. To get a CompTIA, you should devote time and also complete hard work. One of the biggest obstructions connected with moving past the actual CompTIA Advanced Security Practitioner (CASP) CAS-002 assessment is how you can get started. Normally, preparing for the actual CompTIA CAS-002 official certifications assessment must come up with a detailed plans. Plan for this official certifications will give you the correct beginning point which method will allow you to eliminate the problem conveniently.
2021 Mar CAS-002 braindumps
Q211. - (Topic 2)
ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone?
A. Ensure hypervisor layer firewalling between all VM hosts regardless of security zone.
B. Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s).
C. Organize VM hosts into containers based on security zone and restrict access using an ACL.
D. Require multi-factor authentication when accessing the console at the physical VM host.
Answer: C
Q212. - (Topic 4)
A general insurance company wants to set up a new online business. The requirements are that the solution needs to be:
The conceptual solution architecture has specified that the application will consist of a traditional three tiered architecture for the front end components, an ESB to provide services, data transformation capability and legacy system integration and a web services gateway.
Which of the following security components will BEST meet the above requirements and fit into the solution architecture? (Select TWO).
A. Implement WS-Security for services authentication and XACML for service authorization.
B. Use end-to-end application level encryption to encrypt all fields and store them encrypted in the database.
C. Implement a certificate based solution on a smart card in combination with a PIN to provide authentication and authorization of users.
D. Implement WS-Security as a federated single sign-on solution for authentication authorization of users.
E. Implement SSL encryption for all sensitive data flows and encryption of passwords of the data at rest.
F. Use application level encryption to encrypt sensitive fields, SSL encryption on sensitive flows, and database encryption for sensitive data storage.
Answer: A,F
Q213. - (Topic 1)
The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the company’s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE).
A. Business or technical justification for not implementing the requirements.
B. Risks associated with the inability to implement the requirements.
C. Industry best practices with respect to the technical implementation of the current controls.
D. All sections of the policy that may justify non-implementation of the requirements.
E. A revised DRP and COOP plan to the exception form.
F. Internal procedures that may justify a budget submission to implement the new requirement.
G. Current and planned controls to mitigate the risks.
Answer: A,B,G
Q214. - (Topic 1)
A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:
Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).
A. Secure storage and transmission of API keys
B. Secure protocols for transmission of log files and search results
C. At least two years retention of log files in case of e-discovery requests
D. Multi-tenancy with RBAC support
E. Sanitizing filters to prevent upload of sensitive log file contents
F. Encryption of logical volumes on which the customers' log files reside
Answer: A,B,D
Q215. - (Topic 2)
An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?
A. File system information, swap files, network processes, system processes and raw disk blocks.
B. Raw disk blocks, network processes, system processes, swap files and file system information.
C. System processes, network processes, file system information, swap files and raw disk blocks.
D. Raw disk blocks, swap files, network processes, system processes, and file system information.
Answer: C
Most up-to-date CAS-002 exam cram:
Q216. - (Topic 3)
An administrator at a small company replaces servers whenever budget money becomes available. Over the past several years the company has acquired and still uses 20 servers and 50 desktops from five different computer manufacturers. Which of the following are management challenges and risks associated with this style of technology lifecycle management?
A. Decreased security posture, decommission of outdated hardware, inability to centrally manage, and performance bottlenecks on old hardware.
B. Increased mean time to failure rate of legacy servers, OS variances, patch availability, and ability to restore to dissimilar hardware.
C. OS end-of-support issues, ability to backup data, hardware parts availability, and firmware update availability and management.
D. Inability to use virtualization, trusted OS complexities, and multiple patch versions based on OS dependency.
Answer: B
Q217. - (Topic 2)
A medical device manufacturer has decided to work with another international organization to develop the software for a new robotic surgical platform to be introduced into hospitals within the next 12 months. In order to ensure a competitor does not become aware, management at the medical device manufacturer has decided to keep it secret until formal contracts are signed. Which of the following documents is MOST likely to contain a description of the initial terms and arrangement and is not legally enforceable?
A. OLA
B. BPA
C. SLA
D. SOA
E. MOU
Answer: E
Q218. - (Topic 2)
A company has adopted a BYOD program. The company would like to protect confidential information. However, it has been decided that when an employee leaves, the company will not completely wipe the personal device. Which of the following would MOST likely help the company maintain security when employees leave?
A. Require cloud storage on corporate servers and disable access upon termination
B. Whitelist access to only non-confidential information
C. Utilize an MDM solution with containerization
D. Require that devices not have local storage
Answer: C
Q219. - (Topic 3)
Company A has a remote work force that often includes independent contractors and out of state full time employees.
Company A's security engineer has been asked to implement a solution allowing these users to collaborate on projects with the following goals:
Which of the following solutions should the security engineer recommend to meet the MOST goals?
A. Create an SSL reverse proxy to a collaboration workspace. Use remote installation service to maintain application version. Have users use full desktop encryption. Schedule server downtime from 12:00 to 1:00 PM.
B. Install an SSL VPN to Company A's datacenter, have users connect to a standard virtual workstation image, set workstation time of day restrictions.
C. Create an extranet web portal using third party web based office applications. Ensure that Company A maintains the administrative access.
D. Schedule server downtime from 12:00 to 1:00 PM, implement a Terminal Server
Gateway, use remote installation services to standardize application on user’s laptops.
Answer: B
Q220. - (Topic 5)
A large organization that builds and configures every data center against distinct requirements loses efficiency, which results in slow response time to resolve issues. However, total uniformity presents other problems. Which of the following presents the GREATEST risk when consolidating to a single vendor or design solution?
A. Competitors gain an advantage by increasing their service offerings.
B. Vendor lock in may prevent negotiation of lower rates or prices.
C. Design constraints violate the principle of open design.
D. Lack of diversity increases the impact of specific events or attacks.
Answer: D