[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 131-140

Ensurepass

QUESTION 131

A security administrator is performing VDI traffic data collection on a virtual server which migrates from one host to another. While reviewing the data collected by the protocol analyzer, the security administrator notices that sensitive data is present in the packet capture. Which of the following should the security administrator recommend to ensure the confidentiality of sensitive information during live VM migration, while minimizing latency issues?

 

A.

A separate physical interface placed on a private VLAN should be configured for live host operations.

B.

Database record encryption should be used when storing sensitive information on virtual servers.

C.

Full disk encryption should be enabled across the enterprise to ensure the confidentiality of sensitive data.

D.

Sensitive data should be stored on a backend SAN which uses an isolated fiber channel network.

 

Correct Answer: A

 

 

QUESTION 132

ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE).

 

A.

Establish a list of users that must work with each regulation

B.

Establish a list of devices that must meet each regulation

C.

Centralize management of all devices on the network

D.

Compartmentalize the network

E.

Establish a company framework

F.

Apply technical controls to meet compliance with the regulation

 

Correct Answer: BDF

 

 

QUESTION 133

A security administrator is tasked with increasing the availability of the storage networks while enhancing the performance of existing applications. Which of the following technologies should the administrator implement to meet these goals? (Select TWO).

 

A.

LUN masking

B.

Snapshots

C.

vSAN

D.

Dynamic disk pools

E.

Multipath

F.

Deduplication

 

Correct Answer: DE

 

 

QUESTION 134

An employee is performing a review of the organization’s security functions and noticed that there is some cross over responsibility between the IT security team and the financial fraud team. Which of the following security documents should be used to clarify the roles and responsibilities between the teams?

 

A.

BPA

B.

BIA

C.

MOU

D.

OLA

 

Correct Answer: C

 

 

QUESTION 135

Customers have recently reported incomplete purchase history and other anomalies while accessing their account history on the web server farm. Upon investigation, it has been determined that there are version mismatches of key e-commerce applications on the production web servers. The development team has direct access to the production servers and is most likely the cause of the different release versions. Which of the following process level solutions would address this problem?

 

A.

Implement change control practices at the organization level.

B.

Adjust the firewall ACL to prohibit development from directly accessing the production server farm.

C.

Update the vulnerability management plan to address data discrepancy issues.

D.

Change development methodology from strict waterfall to agile.

 

Correct Answer: A

 

 

QUESTION 136

A bank has decided to outsource some existing IT functions and systems to a third party service provider. The third party service provider will manage the outsourced systems on their own premises and will continue to directly interface with the bank’s other systems through dedicated encrypted links. Which of the following is critical to ensure the successful management of system security concerns between the two organizations?

 

A.

ISA

B.

BIA

C.

MOU

D.

SOA

E.

BPA

 

Correct Answer: A

 

 

QUESTION 137

Joe is a security architect who is tasked with choosing a new NIPS platform that has the ability to perform SSL inspection, analyze up to 10Gbps of traffic, can be centrally managed and only reveals inspected application payload data to specified internal security employees. Which of the following steps should Joe take to reach the desired outcome?

 

A.

Research new technology vendors to look for potential products. Contribute to an RFP and then evaluate RFP responses to ensure that the vendor product meets all mandatory requirements. Test the product and make a product recommendation.

B.

Evaluate relevant RFC and ISO standards to choose an appropriate vendor product. Research industry surveys, interview existing customers of the product and then recommend that the product be purchased.

C.

Consider outsourcing the product evaluation and ongoing management to an outsourced provider on the basis that each of the requirements are met and a lower total cost of ownership (TCO) is achieved.

D.

Choose a popular NIPS product and then consider outsourcing the ongoing device management to a cloud provider. Give access to internal security employees so that they can inspect the application payload data.

E.

Ensure that the NIPS platform can also deal with recent technological advancements, such as threats emerging from social media, BYOD and cloud storage prior to purchasing the product.

 

Correct Answer: A

 

 

QUESTION 138

A company has adopted a BYOD program. The company would like to protect confidential information. However, it has been decided that when an employee leaves, the company will not completely wipe the personal device. Which of the following would MOST likely help the company maintain security when employees leave?

 

A.

Require cloud storage on corporate servers and disable access upon termination

B.

Whitelist access to only non-confidential information

C.

Utilize an MDM solution with containerization

D.

Require that devices not have local storage

 

Correct Answer: C

 

 

QUESTION 139

Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a result, password replication and shared accounts are not acceptable. Which of the following implementations addresses the distributed login with centralized authentication and has wide compatibility among SaaS vendors?

 

A.

Establish a cloud-based authentication service that supports SAML.

B.

Implement a new Diameter authentication server with read-only attestation.

C.

Install a read-only Active Directory server in the corporate DMZ for federation.

D.

Allow external connections to the existing corporate RADIUS server.

 

Correct Answer: A

 

 

QUESTION 140

An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BEST represents the remaining order of volatility that the investigator should follow?

 

A.

File system information, swap files, network processes, system processes and raw disk blocks.

B.

Raw disk blocks, network processes, system processes, swap files and file system information.

C.

System processes, network processes, file system information, swap files and raw disk blocks.

D.

Raw disk blocks, swap files, network processes, system processes, and file system information.

 

Correct Answer: C

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …