[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 201-210

Ensurepass

QUESTION 201

A small company is developing a new Internet-facing web application. The security requirements are:

 

1. Users of the web application must be uniquely identified and authenticated.

2. Users of the web application will not be added to the company’s directory services.

3. Passwords must not be stored in the code.

 

Which of the following meets these requirements?

 

A.

Use OpenID and allow a third party to authenticate users.

B.

Use TLS with a shared client certificate for all users.

C.

Use SAML with federated directory services.

D.

Use Kerberos and browsers that support SAML.

 

Correct Answer: A

 

 

QUESTION 202

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

 

A.

Review the flow data against each server’s baseline communications profile.

B.

Configure the server logs to collect unusual activity including failed logins and restarted services.

C.

Correlate data loss prevention logs for anomalous communications from the server.

D.

Setup a packet capture on the firewall to collect all of the server communications.

 

Correct Answer: A

 

 

QUESTION 203

A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the following would BEST help the executives meet this goal?

 

A.

Install GSM tracking on each product for end-to-end delivery visibility.

B.

Implement geo-fencing to track products.

C.

Require drivers to geo-tag documentation at each delivery location.

D.

Equip each truck with an RFID tag for location services.

 

Correct Answer: B

 

 

 

 

 

 

 

 

 

 

QUESTION 204

A security services company is scoping a proposal with a client. They want to perform a general security audit of their environment within a two week period and consequently have the following requirements:

 

Requirement 1 – Ensure their server infrastructure operating systems are at their latest patch levels

Requirement 2 – Test the behavior between the application and database

Requirement 3 – Ensure that customer data can not be exfiltrated

 

Which of the following is the BEST solution to meet the above requirements?

 

A.

Penetration test, perform social engineering and run a vulnerability scanner.

B.

Perform dynamic code analysis, penetration test and run a vulnerability scanner.

C.

Conduct network analysis, dynamic code analysis, and static code analysis.

D.

Run a protocol analyzer perform static code analysis and vulnerability assessment.

 

Correct Answer: B

 

 

QUESTION 205

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

 

A.

Check log files for logins from unauthorized IPs.

B.

Check /proc/kmem for fragmented memory segments.

C.

Check for unencrypted passwords in /etc/shadow.

D.

Check timestamps for files modified around time of compromise.

E.

Use lsof to determine files with future timestamps.

F.

Use gpg to encrypt compromised data files.

G.

Verify the MD5 checksum of system binaries.

H.

Use vmstat to look for excessive disk I/O.

 

Correct Answer: ADG

 

 

QUESTION 206

A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO wants to know upfront what the projected TCO would be before looking further into this concern. Two vendor proposals have been received:

 

clip_image002Vendor A: product-based solution which can be purchased by the pharmaceutical company.

clip_image002[1]Capital expenses to cover central log collectors, correlators, storage and management consoles expected to be $150,000. Operational expenses are expected to be a 0.5 full time employee (FTE) to manage the solution, and 1 full time employee to respond to incidents per year.

clip_image002[2]Vendor B: managed service-based solution which can be the outsourcer for the pharmaceutical company’s needs.

 

Bundled offering expected to be $100,000 per year.

 

Operational expenses for the pharmaceutical company to partner with the vendor are expected to be a 0.5 FTE per year.

 

Internal employee costs are averaged to be $80,000 per year per FTE. Based on calculating TCO of the two vendor proposals over a 5 year period, which of the following options is MOST accurate?

 

A.

Based on cost alone, having an outsourced solution appears cheaper.

B.

Based on cost alone, having an outsourced solution appears to be more expensive.

C.

Based on cost alone, both outsourced an in-sourced solutions appear to be the same.

D.

Based on cost alone, having a purchased product solution appears cheaper.

 

Correct Answer: A

 

 

QUESTION 207

A storage as a service company implements both encryption at rest as well as encryption in transit of customers’ data. The security administrator is concerned with the overall security of the encrypted customer data stored by the company servers and wants the development team to implement a solution that will strengthen the customer’s encryption key. Which of the following, if implemented, will MOST increase the time an offline password attack against the customers’ data would take?

 

A.

key = NULL ; for (int i=0; i<5000; i++) { key = sha(key + password) }

B.

password = NULL ; for (int i=0; i<10000; i++) { password = sha256(key) }

C.

password = password + sha(password+salt) + aes256(password+salt)

D.

key = aes128(sha256(password), password))

 

Correct Answer: A

 

 

QUESTION 208

An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate?

 

A.

Intermediate Root Certificate

B.

Wildcard Certificate

C.

EV x509 Certificate

D.

Subject Alternative Names Certificate

 

Correct Answer: D

 

 

QUESTION 209

An organization has implemented an Agile development process for front end web application development. A new security architect has just joined the company and wants to integrate security activities into the SDLC. Which of the following activities MUST be mandated to ensure code quality from a security perspective? (Select TWO).

 

A.

Static and dynamic analysis is run as part of integration

B.

Security standards and training is performed as part of the project

C.

Daily stand-up meetings are held to ensure security requirements are understood

D.

For each major iteration penetration testing is performed

E.

Security requirements are story boarded and make it into the build

F.

A security design is performed at the end of the requirements phase

Correct Answer: AD

 

 

QUESTION 210

The IT Security Analyst for a small organization is working on a customer’s system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion?

 

A.

Contact the local authorities so an investigation can be started as quickly as possible.

B.

Shut down the production network interfaces on the server and change all of the DBMS account passwords.

C.

Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed.

D.

Refer the issue to management for handling according to the incident response process.

 

Correct Answer: D

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …