CAS-002 | how many questions of CAS-002 examcollection?


P.S. Exact CAS-002 rapidshare are available on Google Drive, GET MORE: https://drive.google.com/open?id=1D1OsvtV6EsmahSAfh5egZO5fZVoFYzmV


New CompTIA CAS-002 Exam Dumps Collection (Question 2 - Question 11)

Question No: 2

A large enterprise introduced a next generation firewall appliance into the Internet facing DMZ. All Internet traffic passes through this appliance. Four hours after implementation the network engineering team discovered that traffic through the DMZ now has un-acceptable

latency, and is recommending that the new firewall be taken offline. At what point in the implementation process should this problem have been discovered?

A. During the product selection phase

B. When testing the appliance

C. When writing the RFP for the purchase process

D. During the network traffic analysis phase

Answer: B

Question No: 3

A general insurance company wants to set up a new online business. The requirements are that the solution needs to be:

The conceptual solution architecture has specified that the application will consist of a traditional three tiered architecture for the front end components, an ESB to provide services, data transformation capability and legacy system integration and a web services gateway.

Which of the following security components will BEST meet the above requirements and fit into the solution architecture? (Select TWO).

A. Implement WS-Security for services authentication and XACML for service authorization.

B. Use end-to-end application level encryption to encrypt all fields and store them encrypted in the database.

C. Implement a certificate based solution on a smart card in combination with a PIN to provide authentication and authorization of users.

D. Implement WS-Security as a federated single sign-on solution for authentication authorization of users.

E. Implement SSL encryption for all sensitive data flows and encryption of passwords of the data at rest.

F. Use application level encryption to encrypt sensitive fields, SSL encryption on sensitive flows, and database encryption for sensitive data storage.

Answer: A,F

Topic 5, Volume E

Question No: 4

Which of the following are components defined within an Enterprise Security Architecture Framework? (Select THREE).

A. Implementation run-sheets

B. Solution designs

C. Business capabilities

D. Solution architectures

E. Business requirements documents

F. Reference models

G. Business cases

H. Business vision and drivers

Answer: C,F,H

Question No: 5

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan

showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

A. Implement an IPS to block the application on the network

B. Implement the remote application out to the rest of the servers

C. Implement SSL VPN with SAML standards for federation

D. Implement an ACL on the firewall with NAT for remote access

Answer: C

Question No: 6

Which of the following protocols only facilitates access control?

A. XACML

B. Kerberos

C. SPML

D. SAML

Answer: A

Question No: 7

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets.

The information security team has been a part of the department meetings and come away with the following notes:

-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application.

-Sales is asking for easy order tracking to facilitate feedback to customers.

-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction.

-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy.

-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining.

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption.

Which of the following departmentsu2021 request is in contrast to the favored solution?

A. Manufacturing

B. Legal

C. Sales

D. Quality assurance

E. Human resources

Answer: E

Question No: 8

A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card details. Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input?

A. Client side input validation

B. Stored procedure

C. Encrypting credit card details

D. Regular expression matching

Answer: D

Question No: 9

A system administrator needs to meet the maximum amount of security goals for a new DNS infrastructure. The administrator deploys DNSSEC extensions to the domain names and infrastructure. Which of the following security goals does this meet? (Select TWO).

A. Availability

B. Authentication

C. Integrity

D. Confidentiality

E. Encryption

Answer: B,C

Question No: 10

The security administrator has just installed an activepassive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients.

Which of the following is MOST likely the cause of this problem?

A. TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped.

B. TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall.

C. Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped.

D. The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.

Answer: A

Question No: 11

The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take?

A. Address the security concerns through the network design and security controls.

B. Implement mitigations to the security risks and address the poor communications on the team with the project manager.

C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.

D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.

Answer: C

100% Refresh CompTIA CAS-002 Questions & Answers shared by Allfreedumps, Get HERE: https://www.allfreedumps.com/CAS-002-dumps.html (New 450 Q&As)