CAS-002 exam questions
The article at Testaimer.com going over http://www.testaimer.com/CAS-002-test is very comprehensive.
Q211. - (Topic 4)
A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO).
A. The user’s certificate private key must be installed on the VPN concentrator.
B. The CA’s certificate private key must be installed on the VPN concentrator.
C. The user certificate private key must be signed by the CA.
D. The VPN concentrator’s certificate private key must be signed by the CA and installed on the VPN concentrator.
E. The VPN concentrator’s certificate private key must be installed on the VPN concentrator.
F. The CA’s certificate public key must be installed on the VPN concentrator.
Answer: E,F
Q212. - (Topic 4)
Two storage administrators are discussing which SAN configurations will offer the MOST confidentiality. Which of the following configurations would the administrators use? (Select TWO).
A. Deduplication
B. Zoning
C. Snapshots
D. Multipathing
E. LUN masking
Answer: B,E
Q213. - (Topic 3)
The security administrator is responsible for the confidentiality of all corporate data. The company’s servers are located in a datacenter run by a different vendor. The vendor datacenter hosts servers for many different clients, all of whom have access to the datacenter. None of the racks are physically secured. Recently, the company has been the victim of several attacks involving data injection and exfiltatration. The security administrator suspects these attacks are due to several new network based attacks facilitated by having physical access to a system. Which of the following BEST describes how to adapt to the threat?
A. Apply port security to all switches, switch to SCP, and implement IPSec tunnels between devices.
B. Apply two factor authentication, require point to point VPNs, and enable log auditing on all devices.
C. Apply port security to all routers, switch to telnet, and implement point to point VPNs on all servers.
D. Apply three factor authentication, implement IPSec, and enable SNMP.
Answer: A
Q214. - (Topic 1)
A security administrator notices a recent increase in workstations becoming compromised by malware. Often, the malware is delivered via drive-by downloads, from malware hosting websites, and is not being detected by the corporate antivirus. Which of the following solutions would provide the BEST protection for the company?
A. Increase the frequency of antivirus downloads and install updates to all workstations.
B. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections.
C. Deploy a WAF to inspect and block all web traffic which may contain malware and exploits.
D. Deploy a web based gateway antivirus server to intercept viruses before they enter the network.
Answer: B
Q215. - (Topic 1)
select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson
Which of the following types of attacks is the user attempting?
A. XML injection
B. Command injection
C. Cross-site scripting
D. SQL injection
Answer: D
Q216. - (Topic 1)
An intruder was recently discovered inside the data center, a highly sensitive area. To gain access, the intruder circumvented numerous layers of physical and electronic security measures. Company leadership has asked for a thorough review of physical security controls to prevent this from happening again. Which of the following departments are the
MOST heavily invested in rectifying the problem? (Select THREE).
A. Facilities management
B. Human resources
C. Research and development
D. Programming
E. Data center operations
F. Marketing
G. Information technology
Answer: A,E,G
Q217. - (Topic 4)
The Information Security Officer (ISO) is reviewing a summary of the findings from the last COOP tabletop exercise. The Chief Information Officer (CIO) wants to determine which additional controls must be implemented to reduce the risk of an extended customer service outage due to the VoIP system being unavailable. Which of the following BEST describes the scenario presented and the document the ISO is reviewing?
A. The ISO is evaluating the business implications of a recent telephone system failure within the BIA.
B. The ISO is investigating the impact of a possible downtime of the messaging system within the RA.
C. The ISO is calculating the budget adjustment needed to ensure audio/video system redundancy within the RFQ.
D. The ISO is assessing the effect of a simulated downtime involving the telecommunication system within the AAR.
Answer: D
Q218. - (Topic 3)
A new startup company with very limited funds wants to protect the organization from external threats by implementing some type of best practice security controls across a number of hosts located in the application zone, the production zone, and the core network. The 50 hosts in the core network are a mixture of Windows and Linux based systems, used by development staff to develop new applications. The single Windows host in the application zone is used exclusively by the production team to control software deployments into the production zone. There are 10 UNIX web application hosts in the production zone which are publically accessible.
Development staff is required to install and remove various types of software from their hosts on a regular basis while the hosts in the zone rarely require any type of configuration changes.
Which of the following when implemented would provide the BEST level of protection with the LEAST amount of disruption to staff?
A. NIPS in the production zone, HIPS in the application zone, and anti-virus / anti-malware across all Windows hosts.
B. NIPS in the production zone, NIDS in the application zone, HIPS in the core network, and anti-virus / anti-malware across all hosts.
C. HIPS in the production zone, NIPS in the application zone, and HIPS in the core network.
D. NIDS in the production zone, HIDS in the application zone, and anti-virus / anti-malware across all hosts.
Answer: A
Q219. - (Topic 2)
A medical device manufacturer has decided to work with another international organization to develop the software for a new robotic surgical platform to be introduced into hospitals within the next 12 months. In order to ensure a competitor does not become aware, management at the medical device manufacturer has decided to keep it secret until formal contracts are signed. Which of the following documents is MOST likely to contain a description of the initial terms and arrangement and is not legally enforceable?
A. OLA
B. BPA
C. SLA
D. SOA
E. MOU
Answer: E
Q220. - (Topic 5)
Noticing latency issues at its connection to the Internet, a company suspects that it is being targeted in a Distributed Denial of Service attack. A security analyst discovers numerous inbound monlist requests coming to the company’s NTP servers. Which of the following mitigates this activity with the LEAST impact to existing operations?
A. Block in-bound connections to the company’s NTP servers.
B. Block IPs making monlist requests.
C. Disable the company’s NTP servers.
D. Disable monlist on the company’s NTP servers.
Answer: D