CompTIA CAS-002 Free Practice Questions

Question No: 13

A corporation has Research and Development (R&D) and IT support teams, each requiring separate networks with independent control of their security boundaries to support department objectives. The corporationu2021s Information Security Officer (ISO) is responsible for providing firewall services to both departments, but does not want to increase the hardware footprint within the datacenter. Which of the following should the ISO consider to provide the independent functionality required by each departmentu2021s IT teams?

A. Put both departments behind the firewall and assign administrative control for each department to the corporate firewall.

B. Provide each department with a virtual firewall and assign administrative control to the physical firewall.

C. Put both departments behind the firewall and incorporate restrictive controls on each departmentu2021s network.

A. D. Provide each department with a virtual firewall and assign appropriate levels of management for the virtual device.

View Answer

Question No: 14

After being informed that the company DNS is unresponsive, the system administrator issues the following command from a Linux workstation:

Once at the command prompt, the administrator issues the below commanD. Which of the following is true about the above situation?

A. The administrator must use the sudo command in order to restart the service.

B. The administrator used the wrong SSH port to restart the DNS server.

C. The service was restarted correctly, but it failed to bind to the network interface.

D. The service did not restart because the bind command is privileged.

View Answer

Question No: 15

Company XYZ has had repeated vulnerability exploits of a critical nature released to the companyu2021s flagship product. The product is used by a number of large customers. At the Chief Information Security Officeru2021s (CISOu2021s) request, the product manager now has to budget for a team of security consultants to introduce major product security improvements.

Here is a list of improvements in order of priority:

1. A noticeable improvement in security posture immediately.

2. Fundamental changes to resolve systemic issues as an ongoing process

3. Improvements should be strategic as opposed to tactical

4. Customer impact should be minimized

Which of the following recommendations is BEST for the CISO to put forward to the product manager?

A. Patch the known issues and provide the patch to customers. Make a company announcement to customers on the main website to reduce the perceived exposure of the application to alleviate customer concerns. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that any defects have been resolved.

B. Patch the known issues and provide the patch to customers. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that the defects have been resolved. Introduce periodic code review and penetration testing of the product in question and consider including all relevant future projects going forward.

A. C. Patch the known issues and provide the patch to customers. Implement an SSDLC / SDL overlay on top of the SDLC. Train architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. Use the product as the primary focal point to close out issues and consider using the SSDLC / SDL overlay for all relevant future projects.

D. Stop active support of the product. Bring forward end-of-life dates for the product so that it can be decommissioned. Start a new project to develop a replacement product and ensure that an SSDLC / SDL overlay on top of the SDLC is formed. Train BAs, architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases.

View Answer

Question No: 16

An enterprise must ensure that all devices that connect to its networks have been previously approved. The solution must support dual factor mutual authentication with strong identity assurance. In order to reduce costs and administrative overhead, the security architect wants to outsource identity proofing and second factor digital delivery to the third party. Which of the following solutions will address the enterprise requirements?

A. Implementing federated network access with the third party.

B. Using a HSM at the network perimeter to handle network device access.

C. Using a VPN concentrator which supports dual factor via hardware tokens.

D. Implementing 802.1x with EAP-TTLS across the infrastructure.

View Answer

Question No: 17

A data processing server uses a Linux based file system to remotely mount physical disks on a shared SAN. The server administrator reports problems related to processing of files where the file appears to be incompletely written to the disk. The network administration team has conducted a thorough review of all network infrastructure and devices and found everything running at optimal performance. Other SAN customers are unaffected. The data being processed consists of millions of small files being written to disk from a network source one file at a time. These files are then accessed by a local Java program for processing before being transferred over the network to a SE Linux host for processing. Which of the following is the MOST likely cause of the processing problem?

A. The administrator has a PERL script running which disrupts the NIC by restarting the CRON process every 65 seconds.

B. The Java developers accounted for network latency only for the read portion of the processing and not the write process.

C. The virtual file system on the SAN is experiencing a race condition between the reads and writes of network files.

D. The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors.

View Answer

Question No: 18

An organization has had six security incidents over the past year against their main web application. Each time the organization was able to determine the cause of the incident and restore operations within a few hours to a few days. Which of the following provides the MOST comprehensive method for reducing the time to recover?

A. Create security metrics that provide information on response times and requirements to determine the best place to focus time and money.

B. Conduct a loss analysis to determine which systems to focus time and money towards increasing security.

C. Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation.

D. Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics.

View Answer

Question No: 19

In an effort to reduce internal email administration costs, a company is determining whether to outsource its email to a managed service provider that provides email, spam, and malware protection. The security manager is asked to provide input regarding any security implications of this change.

Which of the following BEST addresses risks associated with disclosure of intellectual property?

A. Require the managed service provider to implement additional data separation.

B. Require encrypted communications when accessing email.

C. Enable data loss protection to minimize emailing PII and confidential data.

D. Establish an acceptable use policy and incident response policy.

View Answer

Question No: 20

A large financial company has a team of security-focused architects and designers that contribute into broader IT architecture and design solutions. Concerns have been raised due to the security contributions having varying levels of quality and consistency. It has been agreed that a more formalized methodology is needed that can take business drivers, capabilities, baselines, and re-usable patterns into account. Which of the following would BEST help to achieve these objectives?

A. Construct a library of re-usable security patterns

B. Construct a security control library

C. Introduce an ESA framework

A. D. Include SRTM in the SDLC

View Answer

Question No: 21

A security consultant is called into a small advertising business to recommend which security policies and procedures would be most helpful to the business. The business is comprised of 20 employees, operating off of two shared servers. One server houses employee data and the other houses client data. All machines are on the same local network. Often these employees must work remotely from client sites, but do not access either of the servers remotely. Assuming no security policies or procedures are in place right now, which of the following would be the MOST applicable for implementation? (Select TWO).

A. Password Policy

B. Data Classification Policy

C. Wireless Access Procedure

D. VPN Policy

E. Database Administrative Procedure

View Answer

Question No: 22

In a SPML exchange, which of the following BEST describes the three primary roles?

A. The Provisioning Service Target (PST) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the PST requests, and the Provisioning Service Target (PST) performs the provisioning.

B. The Provisioning Service Provider (PSP) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the PSP requests, and the Provisioning Service Provider (PSP) performs the provisioning.

C. The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the RA requests, and the Provisioning Service Provider (PSP) performs the provisioning.

D. The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the RA requests, and the Provisioning Service Target (PST) performs the provisioning.

View Answer