This page was exported from Braindump2go Free PDF Dumps and VCE Dumps Collection [ ] Export date:Sat Feb 22 15:22:02 2020 / +0000 GMT ___________________________________________________ Title: [2018-June-New]Valid Braindump2go CAS-002 VCE and PDF Dumps 900Q Offer[34-44] --------------------------------------------------- 2018 June New CompTIA CAS-002 Exam Dumps with PDF and VCE Just Updated Today! Following are some new CAS-002 Real Exam Questions: 1.|2018 Latest CAS-002 Exam Dumps (PDF & VCE) 900Q&As Download:|2018 Latest CAS-002 Exam Questions & Answers Download: 34After a security incident, an administrator revokes the SSL certificate for their web server, users begin to inform the help desk that a few other servers are generating certificate errors:,, and Which of the following is MOST likely the reason for this?A. Each of the servers used the same EV certificate.B. The servers used a wildcard certificate.C. The web server was the CA for the domain.D. Revoking a certificate can only be done at the domain level.Answer: BQUESTION 35A wholesaler has decided to increase revenue streams by selling direct to the public through an on-line system. Initially this will be run as a short term trial and if profitable, will be expanded and form part of the day to day business. The risk manager has raised two main business risks for the initial trial:1. IT staff has no experience with establishing and managing secure on-line credit card processing.2. An internal credit card processing system will expose the business to additional compliance requirements.Which of the following is the BEST risk mitigation strategy?A. Transfer the risks to another internal department, who have more resources to accept the risk.B. Accept the risks and log acceptance in the risk register. Once the risks have been accepted close them out.C. Transfer the initial risks by outsourcing payment processing to a third party service provider.D. Mitigate the risks by hiring additional IT staff with the appropriate experience and certifications.Answer: CQUESTION 36An administrator notices the following file in the Linux server's /tmp directory.-rwsr-xr-x. 4 root root 234223 Jun 6 22:52 bash*Which of the following should be done to prevent further attacks of this nature?A. Never mount the /tmp directory over NFSB. Stop the rpcidmapd service from runningC. Mount all tmp directories nosuid, noexecD. Restrict access to the /tmp directoryAnswer: CQUESTION 37Company GHI consolidated their network distribution so twelve network VLANs would be available over dual fiber links to a modular L2 switch in each of the company's six IDFs. The IDF modular switches have redundant switch fabrics and power supplies.Which of the following threats will have the GREATEST impact on the network and what is the appropriate remediation step?A. Threat: 802.1q trunking attackRemediation: Enable only necessary VLANs for each portB. Threat: Bridge loopRemediation: Enable spanning treeC. Threat: VLAN hoppingRemediation: Enable only necessary VLANs for each portD. Threat: VLAN hoppingRemediation: Enable ACLs on the IDF switchAnswer: BQUESTION 38Within an organization, there is a known lack of governance for solution designs. As a result there are inconsistencies and varying levels of quality for the artifacts that are produced. Which of the following will help BEST improve this situation?A. Ensure that those producing solution artifacts are reminded at the next team meeting that quality is important.B. Introduce a peer review process that is mandatory before a document can be officially made final.C. Introduce a peer review and presentation process that includes a review board with representation from relevant disciplines.D. Ensure that appropriate representation from each relevant discipline approves of the solution documents before official approval.Answer: CQUESTION 39An administrator of a secure web server has several clients with top security clearance and prefers security over performance. By default, which of the following cipher suites would provide strong security, but at the same time the worst performance?A. 3DES-SHAB. DES-MD5C. Camellia-SHAD. RC4-MD5Answer: AQUESTION 40Corporate policy states that the systems administrator should not be present during system audits. The security policy that states this is:A. Separation of duties.B. Mandatory vacation.C. Non-disclosure agreement.D. Least privilege.Answer: AQUESTION 41A user on a virtual machine downloads a large file using a popular peer-to-peer torrent program. The user is unable to execute the program on their VM. A security administrator scans the VM and detects a virus in the program. The administrator reviews the hypervisor logs and correlates several access attempts to the time of execution of the virus. Which of the following is the MOST likely explanation for this behavior?A. The hypervisor host does not have hardware acceleration enabled and does not allow DEP.B. The virus scanner on the VM changes file extensions of all programs downloaded via P2P to prevent execution.C. The virtual machine is configured to require administrator rights to execute all programs.D. The virus is trying to access a virtual device which the hypervisor is configured to restrict.Answer: DQUESTION 42The new security policy states that only authorized software will be allowed on the corporate network and all personally owned equipment needs to be configured by the IT security staff before being allowed on the network. The security administrator creates standard images with all the required software and proper security controls. These images are required to be loaded on all personally owned equipment prior to connecting to the corporate network. These measures ensure compliance with the new security policy. Which of the following security risks still needs to be addressed in this scenario?A. An employee copying gigabytes of personal video files from the employee's personal laptop to their company desktop to share files.B. An employee connecting their personal laptop to use a non-company endorsed accounting application that the employee used at a previous company.C. An employee using a corporate FTP application to transfer customer lists and other proprietary files to an external computer and selling them to a competitor.D. An employee accidentally infecting the network with a virus by connecting a USB drive to the employee's personal laptop.Answer: CQUESTION 43The database team has suggested deploying a SOA based system across the enterprise.The Chief Information Officer (CIO) has decided to consult the security manager about the risk implications for adopting this architecture. Which of the following are concerns that the security manager should present to the CIO concerning the SOA system? (Select TWO).A. Users and services are centralized and only available within the enterprise.B. Users and services are distributed, often times over the InternetC. SOA centrally manages legacy systems, and opens the internal network to vulnerabilities.D. SOA abstracts legacy systems as a virtual device and is susceptible to VMEscape.E. SOA abstracts legacy systems as web services, which are often exposed to outside threats.Answer: BEQUESTION 44A healthcare company recently purchased the building next door located on the same campus. The building previously did not have any IT infrastructure. The building manager has selected four potential locations to place IT equipment consisting of a half height open server rack with five switches, a router, a firewall, and two servers. Given the descriptions below, where would the security engineer MOST likely recommend placing the rack?The Boiler Room: The rack can be placed 5 feet (1.5 meters) up on the wall, between the second and third boiler. The room is locked and only maintenance has access to it.The Reception AreA. The reception area is an open area right as customers enter. There is a closet 5 feet by 5 feet (1.5 meters by 1.5 meters) that the rack will be placed in with floor mounts. There is a 3 digit PIN lock that the receptionist sets.The Rehabilitation AreA. The rack needs to be out of the way from patients using the whirlpool bath, so it will be wall mounted 8 feet (2.4 meters) up as the area has high ceilings. The rehab area is staffed full time and admittance is by key card only.The Finance AreA. There is an unused office in the corner of the area that can be used for the server rack. The rack will be floor mounted. The finance area is locked and alarmed at night.A. The Rehabilitation AreaB. The Reception AreaC. The Boiler RoomD. The Finance AreaAnswer: D!!!RECOMMEND!!! 1.|2018 Latest CAS-002 Exam Dumps (PDF & VCE) 900Q&As Download:|2018 Latest CAS-002 Study Guide Video: YouTube Video: --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2018-06-15 08:29:01 Post date GMT: 2018-06-15 08:29:01 Post modified date: 2018-06-15 08:29:01 Post modified date GMT: 2018-06-15 08:29:01 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from