Should the CAS-002 job hopefuls happen to be consumed straight from this CompTIA University or college workout, they have to understand another thing, they may with the experts/senior experts schooling. CompTIA University or college is a multinational company institutions, in working with CompTIA CAS-002 along with CompTIA computer software schooling middle is around the world, so all necessary sites while in the items numerous years of expertise, job hopefuls can potentially uncover their very own schooling middle around CompTIA.
2021 Dec CAS-002 book
Q121. - (Topic 5)
An asset manager is struggling with the best way to reduce the time required to perform asset location activities in a large warehouse. A project manager indicated that RFID might be a valid solution if the asset manager’s requirements were supported by current RFID capabilities. Which of the following requirements would be MOST difficult for the asset manager to implement?
A. The ability to encrypt RFID data in transmission
B. The ability to integrate environmental sensors into the RFID tag
C. The ability to track assets in real time as they move throughout the facility
D. The ability to assign RFID tags a unique identifier
Answer: A
Q122. - (Topic 3)
A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention. Which of the following recommendations should the consultant provide to the security administrator?
A. Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.
B. Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.
C. Disable AH. Enable ESP on the internal network, and use NIPS on both networks.
D. Enable ESP on the internal network, and place NIPS on both networks.
Answer: A
Q123. - (Topic 2)
An employee is performing a review of the organization’s security functions and noticed that there is some cross over responsibility between the IT security team and the financial fraud team. Which of the following security documents should be used to clarify the roles and responsibilities between the teams?
A. BPA
B. BIA
C. MOU
D. OLA
Answer: C
Q124. - (Topic 4)
An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendor’s RFP responses is in-line with the security and other requirements. Which of the following should the security administrator do to ensure the firewall platform is appropriate for the Association?
A. Correlate current industry research with the RFP responses to ensure validity.
B. Create a lab environment to evaluate each of the three firewall platforms.
C. Benchmark each firewall platform’s capabilities and experiences with similar sized companies.
D. Develop criteria and rate each firewall platform based on information in the RFP responses.
Answer: B
Q125. - (Topic 2)
An administrator wishes to replace a legacy clinical software product as it has become a security risk. The legacy product generates $10,000 in revenue a month. The new software product has an initial cost of $180,000 and a yearly maintenance of $2,000 after the first year. However, it will generate $15,000 in revenue per month and be more secure. How many years until there is a return on investment for this new package?
A. 1
B. 2
C. 3
D. 4
Answer: D
Up to the immediate present CAS-002 torrent:
Q126. - (Topic 2)
A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into global collaboration tools by individuals and teams. As a result of the dispersed employees and frequent international travel, the company is concerned about the safety of employees and their families when moving in and out of certain countries. Which of the following could the company view as a downside of using presence technology?
A. Insider threat
B. Network reconnaissance
C. Physical security
D. Industrial espionage
Answer: C
Q127. - (Topic 2)
An administrator is implementing a new network-based storage device. In selecting a storage protocol, the administrator would like the data in transit's integrity to be the most important concern. Which of the following protocols meets these needs by implementing either AES-CMAC or HMAC-SHA256 to sign data?
A. SMB
B. NFS
C. FCoE
D. iSCSI
Answer: A
Q128. - (Topic 3)
New zero-day attacks are announced on a regular basis against a broad range of technology systems. Which of the following best practices should a security manager do to manage the risks of these attack vectors? (Select TWO).
A. Establish an emergency response call tree.
B. Create an inventory of applications.
C. Backup the router and firewall configurations.
D. Maintain a list of critical systems.
E. Update all network diagrams.
Answer: B,D
Q129. - (Topic 4)
A system administrator is troubleshooting a possible denial of service on a sensitive system. The system seems to run properly for a few hours after it is restarted, but then it suddenly stops processing transactions. The system administrator suspects an internal DoS caused by a disgruntled developer who is currently seeking a new job while still working for the company. After looking into various system logs, the system administrator looks at the following output from the main system service responsible for processing incoming transactions.
DATE/TIMEPIDCOMMAND%CPUMEM
031020141030002055com.proc10.2920K
031020141100002055com.proc12.35.2M 031020141230002055com.proc22.022M 031020141300002055com.proc33.01.6G 031020141330002055com.proc30.28.0G
Which of the following is the MOST likely cause for the DoS?
A. The system does not implement proper garbage collection.
B. The system is susceptible to integer overflow.
C. The system does not implement input validation.
D. The system does not protect against buffer overflows properly.
Answer: A
Q130. - (Topic 5)
The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage; and realizes this is a risk to the company. In response, the CISO implements a mandatory training course in which all employees are instructed on the proper use of cloud-based storage. Which of the following risk strategies did the CISO implement?
A. Avoid
B. Accept
C. Mitigate
D. Transfer
Answer: C