[Free] 2018(June) Ensurepass CompTIA CAS-002 Dumps with VCE and PDF 281-290

Ensurepass.com : Ensure you pass the IT Exams
2018 May CompTIA Official New Released CAS-002
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP)

Question No: 281 – (Topic 3)

A security engineer is implementing a new solution designed to process e-business transactions and record them in a corporate audit database. The project has multiple technical stakeholders. The database team controls the physical database resources, the internal audit division controls the audit records in the database, the web hosting team is responsible for implementing the website front end and shopping cart application, and the accounting department is responsible for processing the transaction and interfacing with the payment processor. As the solution owner, the security engineer is responsible for ensuring which of the following?

  1. Ensure the process functions in a secure manner from customer input to audit review.

  2. Security solutions result in zero additional processing latency.

  3. Ensure the process of storing audit records is in compliance with applicable laws.

  4. Web transactions are conducted in a secure network channel.

Answer: A

Question No: 282 – (Topic 3)

If a technician must take an employee’s workstation into custody in response to an investigation, which of the following can BEST reduce the likelihood of related legal issues?

  1. A formal letter from the company’s president approving the seizure of the workstation.

  2. A formal training and awareness program on information security for all company managers.

  3. A screen displayed at log in that informs users of the employer’s rights to seize, search, and monitor company devices.

  4. A printout of an activity log, showing that the employee has been spending substantial time on non-work related websites.

Answer: C

Question No: 283 – (Topic 3)

A Chief Information Security Officer (CISO) of a major consulting firm has significantly increased the company’s security posture; however, the company is still plagued by data breaches of misplaced assets. These data breaches as a result have led to the compromise of sensitive corporate and client data on at least 25 occasions. Each employee in the company is provided a laptop to perform company business. Which of the following actions can the CISO take to mitigate the breaches?

  1. Reload all user laptops with full disk encryption software immediately.

  2. Implement full disk encryption on all storage devices the firm owns.

  3. Implement new continuous monitoring procedures.

  4. Implement an open source system which allows data to be encrypted while processed.

Answer: B

Question No: 284 – (Topic 3)

When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.

Which of the following would impact the security of conference’s resources?

  1. Wireless network security may need to be increased to decrease access of mobile devices.

  2. Physical security may need to be increased to deter or prevent theft of mobile devices.

  3. Network security may need to be increased by reducing the number of available physical network jacks.

  4. Wireless network security may need to be decreased to allow for increased access of mobile devices.

Answer: C

Question No: 285 – (Topic 3)

A data processing server uses a Linux based file system to remotely mount physical disks on a shared SAN. The server administrator reports problems related to processing of files where the file appears to be incompletely written to the disk. The network administration

team has conducted a thorough review of all network infrastructure and devices and found everything running at optimal performance. Other SAN customers are unaffected. The data being processed consists of millions of small files being written to disk from a network source one file at a time. These files are then accessed by a local Java program for processing before being transferred over the network to a SE Linux host for processing.

Which of the following is the MOST likely cause of the processing problem?

  1. The administrator has a PERL script running which disrupts the NIC by restarting the CRON process every 65 seconds.

  2. The Java developers accounted for network latency only for the read portion of the processing and not the write process.

  3. The virtual file system on the SAN is experiencing a race condition between the reads and writes of network files.

  4. The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors.

Answer: D

Question No: 286 – (Topic 3)

Which of the following provides the HIGHEST level of security for an integrated network providing services to authenticated corporate users?

  1. Point to point VPN tunnels for external users, three-factor authentication, a cold site, physical security guards, cloud based servers, and IPv6 networking.

  2. IPv6 networking, port security, full disk encryption, three-factor authentication, cloud based servers, and a cold site.

  3. Port security on switches, point to point VPN tunnels for user server connections, two- factor cryptographic authentication, physical locks, and a standby hot site.

  4. Port security on all switches, point to point VPN tunnels for user connections to servers, two-factor authentication, a sign-in roster, and a warm site.

Answer: C

Question No: 287 – (Topic 3)

The Chief Information Security Officer (CISO) of a small bank wants to embed a monthly testing regiment into the security management plan specifically for the development area. The CISO’s requirements are that testing must have a low risk of impacting system stability, can be scripted, and is very thorough. The development team claims that this will

lead to a higher degree of test script maintenance and that it would be preferable if the testing was outsourced to a third party. The CISO still maintains that third-party testing would not be as thorough as the third party lacks the introspection of the development team. Which of the following will satisfy the CISO requirements?

  1. Grey box testing performed by a major external consulting firm who have signed a NDA.

  2. Black box testing performed by a major external consulting firm who have signed a NDA.

  3. White box testing performed by the development and security assurance teams.

  4. Grey box testing performed by the development and security assurance teams.

Answer: C

Question No: 288 – (Topic 3)

A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplify the underlying complexity. Which of the following is the MOST suitable integration platform to provide event-driven and standards-based secure software architecture?

  1. Service oriented architecture (SOA)

  2. Federated identities

  3. Object request broker (ORB)

  4. Enterprise service bus (ESB)

Answer: D

Question No: 289 – (Topic 3)

The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required.

Which of the following BEST describes the risk assurance officer’s concerns?

  1. Co-mingling guest operating system with different security requirements allows guest

    OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.

  2. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.

  3. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.

  4. A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues.

Answer: C

Question No: 290 – (Topic 3)

A large financial company has a team of security-focused architects and designers that contribute into broader IT architecture and design solutions. Concerns have been raised due to the security contributions having varying levels of quality and consistency. It has been agreed that a more formalized methodology is needed that can take business drivers, capabilities, baselines, and re-usable patterns into account. Which of the following would BEST help to achieve these objectives?

  1. Construct a library of re-usable security patterns

  2. Construct a security control library

  3. Introduce an ESA framework

  4. Include SRTM in the SDLC

Answer: C

100% Ensurepass Free Download!
Download Free Demo:CAS-002 Demo PDF
100% Ensurepass Free Guaranteed!
CAS-002 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.