P.S. Pinpoint CAS-002 interactive bootcamp are available on Google Drive, GET MORE: https://drive.google.com/open?id=1i-DSDDbU7Ij9pDq-9iid94VozRUrxe72
Q2. A company Chief Information Officer (CIO) is unsure which set of standards should govern
the companyu2021s IT policy. The CIO has hired consultants to develop use cases to test against various government and industry security standards. The CIO is convinced that there is large overlap between the configuration checks and security controls governing each set of standards. Which of the following selections represent the BEST option for the CIO?
A. Issue a RFQ for vendors to quote a complete vulnerability and risk management solution to the company.
B. Issue a policy that requires only the most stringent security standards be implemented throughout the company.
C. Issue a policy specifying best practice security standards and a baseline to be implemented across the company.
D. Issue a RFI for vendors to determine which set of security standards is best for the company.
Answer: C
Q3. Company ABCu2021s SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new SAN?
A. Enable multipath to increase availability
B. Enable deduplication on the storage pools
C. Implement snapshots to reduce virtual disk size
D. Implement replication to offsite datacenter
Answer: B
Q4. A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?
A. Isolate the system on a secure network to limit its contact with other systems
B. Implement an application layer firewall to protect the payroll system interface
C. Monitor the systemu2021s security log for unauthorized access to the payroll application
D. Perform reconciliation of all payroll transactions on a daily basis
Answer: A
Q5. Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at Company XYZu2021s headquarters. Which of the following BEST prevents Company XYZ representatives from gaining access to unauthorized Company ABC systems?
A. Require each Company XYZ employee to use an IPSec connection to the required systems
B. Require Company XYZ employees to establish an encrypted VDI session to the required systems
C. Require Company ABC employees to use two-factor authentication on the required systems
A. D. Require a site-to-site VPN for intercompany communications
Answer: B
Q6. An administrator is implementing a new network-based storage device. In selecting a storage protocol, the administrator would like the data in transit's integrity to be the most important concern. Which of the following protocols meets these needs by implementing either AES-CMAC or HMAC-SHA256 to sign data?
A. SMB
B. NFS
C. FCoE
D. iSCSI
Answer: A
Q7. A security administrator is shown the following log excerpt from a Unix system:
2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port
37914 ssh2
2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port
37915 ssh2
2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port
37916 ssh2
2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port
37918 ssh2
2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port
37920 ssh2
2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port
37924 ssh2
Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).
A. An authorized administrator has logged into the root account remotely.
B. The administrator should disable remote root logins.
C. Isolate the system immediately and begin forensic analysis on the host.
D. A remote attacker has compromised the root account using a buffer overflow in sshd.
E. A remote attacker has guessed the root password using a dictionary attack.
F. Use iptables to immediately DROP connections from the IP 198.51.100.23.
G. A remote attacker has compromised the private key of the root account.
H. Change the root password immediately to a password not found in a dictionary.
Answer: C,E
Q8. After reviewing a companyu2021s NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS export. The security administrator decides to remove the no_root_squash directive from the export and add the nosuid directive. Which of the following is true about the security controls implemented by the security administrator?
A. The newly implemented security controls are in place to ensure that NFS encryption can only be controlled by the root user.
B. Removing the no_root_squash directive grants the root user remote NFS read/write access to important files owned by root on the NAS.
C. Users with root access on remote NFS client computers can always use the SU command to modify other useru2021s files on the NAS.
D. Adding the nosuid directive disables regular users from accessing files owned by the root user over NFS even after using the SU command.
Answer: C
Q9. Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components of the proprietary web application before launch. Which of the following is the
penetration tester MOST likely to use while performing black box testing of the security of the companyu2021s purchased application? (Select TWO).
A. Code review
B. Sandbox
C. Local proxy
D. Fuzzer
E. Port scanner
Answer: C,D
Q10. A company has a difficult time communicating between the security engineers, application developers, and sales staff. The sales staff tends to overpromise the application deliverables. The security engineers and application developers are falling behind schedule. Which of the following should be done to solve this?
A. Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliverables.
B. Allow the security engineering team to do application development so they understand why it takes so long.
C. Allow the application developers to attend a sales conference so they understand how business is done.
D. Allow the sales staff to learn application programming and security engineering so they understand the whole lifecycle.
Answer: A
Q11. ABC Corporation has introduced token-based authentication to system administrators due to the risk of password compromise. The tokens have a set of HMAC counter-based codes and are valid until they are used. Which of the following types of authentication mechanisms does this statement describe?
A. TOTP
B. PAP
C. CHAP
D. HOTP
Answer: D
100% Leading CompTIA CAS-002 Questions & Answers shared by Certleader, Get HERE: https://www.certleader.com/CAS-002-dumps.html (New 532 Q&As)