[Free] Download New Updated (December) CompTIA CAS-002 Exam Questions 361-370

Ensurepass

QUESTION 361

The Universal Research Association has just been acquired by the Association of Medical Business Researchers. The new conglomerate has funds to upgrade or replace hardware as part of the acquisition, but cannot fund labor for major software projects. Which of the following will MOST likely result in some IT resources not being integrated?

 

A.

One of the companies may use an outdated VDI.

B.

Corporate websites may be optimized for different web browsers.

C.

Industry security standards and regulations may be in conflict.

D.

Data loss prevention standards in one company may be less stringent.

 

Correct Answer: C

 

 

QUESTION 362

Company XYZ has just purchased Company ABC through a new acquisition. A business decision has been made to integrate the two company’s networks, application, and several basic services.

 

The initial integration of the two companies has specified the following requirements:

 

clip_image002Company XYZ requires access to the web intranet, file, print, secure FTP server, and authentication domain resources

clip_image002[1]Company XYZ is being on boarded into Company ABC’s authentication domain

clip_image002[2]Company XYZ is considered partially trusted

clip_image002[3]Company XYZ does not want performance issues when accessing ABC’s systems

 

Which of the following network security solutions will BEST meet the above requirements?

 

A.

Place a
Company ABC managed firewall in Company XYZ’s hub site; then place Company ABC’s file, print, authentication, and secure FTP servers in a zone off the firewall. Ensure that Company ABC’s business partner firewalls are opened up for web intranet access and other required services.

B.

Require Company XYZ to manage the router ACLs, controlling access to Company ABC resources, but with Company ABC approving the change control to the ACLs. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, print, secure FTP server, authentication servers and web intranet access.

C.

Place no restrictions on internal network connectivity between Company XYZ and Company ABC. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, print, secure FTP server, authentication servers and web intranet access.

D.

Place file, print, secure FTP server and authentication domain servers at Company XYZ’s hub site. Open up Company ABC’s business partner firewall to permit access to ABC’s web intranet access and other required services.

 

Correct Answer: A

 

 

QUESTION 363

Three companies want to allow their employees to seamlessly connect to each other’s wireless corporate networks while keeping one consistent wireless client configuration. Each company wants to maintain its own authentication infrastructure and wants to ensure that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companies’ wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement?

 

A.

The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation.

B.

The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID.

C.

The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates.

D.

All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller.

 

Correct Answer: A

 

 

QUESTION 364

A trust relationship has been established between two organizations with web based services. One organization is acting as the Requesting Authority (RA) and the other acts as the Provisioning Service Provider (PSP). Which of the following is correct about the trust relationship?

 

A.

The trust relationship uses SAML in the SOAP header. The SOAP body transports the SPML requests / responses.

B.

The trust relationship uses XACML in the SAML header. The SAML body transports the SOAP requests / responses.

C.

The trust relationship uses SPML in the SOAP header. The SOAP body transports the SAML requests / responses.

D.

The trust relationship uses SPML in the SAML header. The SAML body transports the SPML requests / responses.

 

Correct Answer: A

 

 

QUESTION 365

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO).

 

A.

Erase all files on drive

B.

Install of standard image

C.

Remove and hold all drives

D.

Physical destruction

E.

Drive wipe

 

Correct Answer: DE

 

 

QUESTION 366

In a SPML exchange, which of the following BEST describes the three primary roles?

 

A.

The Provisioning Service Target (PST) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the PST requests, and the Provisioning Service Target (PST) performs the provisioning.

B.

The Provisioning Service Provider (PSP) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the PSP requests, and the Provisioning Service Provider (PSP) performs the provisioning.

C.

The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the RA requests, and the Provisioning Service Provider (PSP) performs the provisioning.

D.

The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the RA requests, and the Provisioning Service Target (PST) performs the provisioning.

 

Correct Answer: D

 

 

QUESTION 367

In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).

 

A.

Provide free email software for personal devices.

B.

Encrypt data in transit for remote access.

C.

Require smart card authentication for all devices

D.

Implement NAC to limit insecure devices access.

E.

Enable time of day restrictions for personal devices.

Correct Answer: BD

 

 

QUESTION 368

The Chief Information Security Officer (CISO) regularly receives reports of a single department repeatedly violating the corporate security policy. The head of the department in question informs the CISO that the offending behaviors are a result of necessary business activities. The CISO assigns a junior security administrator to solve the issue. Which of the following is the BEST course of action for the junior security administrator to take?

 

A.

Work with the department head to find an acceptable way to change the business needs so the department no longer violates the corporate security policy.

B.

Draft an RFP for the purchase of a COTS product or consulting services to solve the problem through implementation of technical controls.

C.

Work with the CISO and department head to create an SLA specifying the response times of the IT security department when incidents are reported.

D.

Draft an MOU for the department head and CISO to approve, documenting the limits of the necessary behavior, and actions to be taken by both teams.

 

Correct Answer: D

 

 

QUESTION 369

A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no
error messages are displayed to the user during the VPN connection? (Select TWO).

 

A.

The user’s certificate private key must be installed on the VPN concentrator.

B.

The CA’s certificate private key must be installed on the VPN concentrator.

C.

The user certificate private key must be signed by the CA.

D.

The VPN concentrator’s certificate private key must be signed by the CA and installed on the VPN concentrator.

E.

The VPN concentrator’s certificate private key must be installed on the VPN concentrator.

F.

The CA’s certificate public key must be installed on the VPN concentrator.

 

Correct Answer: EF

 

 

QUESTION 370

An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendor’s RFP responses is in-line with the security and other requirements. Which of the following should the security administrator do to ensure the firewall platform is appropriate for the Association?

 

A.

Correlate current industry research with the RFP responses to ensure validity.

B.

Create a lab environment to evaluate each of the three firewall platforms.

C.

Benchmark each firewall platform’s capabilities and experiences with similar sized companies.

D.

Develop criteria and rate each firewall platform based on information in the RFP responses.

 

Correct Answer: B

 

Free VCE & PDF File for CompTIA CAS-002 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …