Accurate of CAS-002 actual exam materials and rapidshare for CompTIA certification for IT engineers, Real Success Guaranteed with Updated CAS-002 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP) exam Today!
Q181. - (Topic 3)
Company ABC was formed by combining numerous companies which all had multiple databases, web portals, and cloud data sets. Each data store had a unique set of custom developed authentication mechanisms and schemas. Which of the following approaches to combining the disparate mechanisms has the LOWEST up front development costs?
D. Federated IDs
Q182. - (Topic 4)
Which of the following are components defined within an Enterprise Security Architecture Framework? (Select THREE).
A. Implementation run-sheets
B. Solution designs
C. Business capabilities
D. Solution architectures
E. Business requirements documents
F. Reference models
G. Business cases
H. Business vision and drivers
Q183. - (Topic 3)
A security administrator must implement a SCADA style network overlay to ensure secure remote management of all network management and infrastructure devices. Which of the following BEST describes the rationale behind this architecture?
A. A physically isolated network that allows for secure metric collection.
B. A physically isolated network with inband management that uses two factor authentication.
C. A logically isolated network with inband management that uses secure two factor authentication.
D. An isolated network that provides secure out-of-band remote management.
Q184. - (Topic 4)
Company XYZ has had repeated vulnerability exploits of a critical nature released to the company’s flagship product. The product is used by a number of large customers. At the Chief Information Security Officer’s (CISO’s) request, the product manager now has to budget for a team of security consultants to introduce major product security improvements.
Here is a list of improvements in order of priority:
1. A noticeable improvement in security posture immediately.
2. Fundamental changes to resolve systemic issues as an ongoing process
3. Improvements should be strategic as opposed to tactical
4. Customer impact should be minimized
Which of the following recommendations is BEST for the CISO to put forward to the product manager?
A. Patch the known issues and provide the patch to customers. Make a company announcement to customers on the main website to reduce the perceived exposure of the application to alleviate customer concerns. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that any defects have been resolved.
B. Patch the known issues and provide the patch to customers. Engage penetration testers and code reviewers to perform an in-depth review of the product. Based on the findings, address the defects and re-test the findings to ensure that the defects have been resolved. Introduce periodic code review and penetration testing of the product in question and consider including all relevant future projects going forward.
C. Patch the known issues and provide the patch to customers. Implement an SSDLC / SDL overlay on top of the SDLC. Train architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases. Use the product as the primary focal point to close out issues and consider using the SSDLC / SDL overlay for all relevant future projects.
D. Stop active support of the product. Bring forward end-of-life dates for the product so that it can be decommissioned. Start a new project to develop a replacement product and ensure that an SSDLC / SDL overlay on top of the SDLC is formed. Train BAs, architects, designers, developers, testers and operators on security importance and ensure that security-relevant activities are performed within each of the SDLC phases.
Q185. - (Topic 5)
A security administrator was doing a packet capture and noticed a system communicating with an address within the 2001::/32 prefix. The network administrator confirms there is no IPv6 routing into or out of the network. Which of the following is the BEST course of action?
A. Investigate the network traffic and block UDP port 3544 at the firewall
B. Remove the system from the network and disable IPv6 at the router
C. Locate and remove the unauthorized 6to4 relay from the network
D. Disable the switch port and block the 2001::/32 traffic at the firewall
Q186. - (Topic 1)
The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company’s contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO).
A. Block traffic from the ISP’s networks destined for blacklisted IPs.
B. Prevent the ISP’s customers from querying DNS servers other than those hosted by the ISP.
C. Scan the ISP’s customer networks using an up-to-date vulnerability scanner.
D. Notify customers when services they run are involved in an attack.
E. Block traffic with an IP source not allocated to customers from exiting the ISP's network.
Q187. - (Topic 1)
A large enterprise acquires another company which uses antivirus from a different vendor. The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the CISO’s requirement?
Q188. - (Topic 4)
Company ABC’s SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new SAN?
A. Enable multipath to increase availability
B. Enable deduplication on the storage pools
C. Implement snapshots to reduce virtual disk size
D. Implement replication to offsite datacenter
Q189. - (Topic 2)
A security services company is scoping a proposal with a client. They want to perform a general security audit of their environment within a two week period and consequently have the following requirements:
Requirement 1 – Ensure their server infrastructure operating systems are at their latest patch levels
Requirement 2 – Test the behavior between the application and database
Requirement 3 – Ensure that customer data can not be exfiltrated Which of the following is the BEST solution to meet the above requirements?
A. Penetration test, perform social engineering and run a vulnerability scanner
B. Perform dynamic code analysis, penetration test and run a vulnerability scanner
C. Conduct network analysis, dynamic code analysis, and static code analysis
D. Run a protocol analyzer perform static code analysis and vulnerability assessment
Q190. - (Topic 2)
An organization recently upgraded its wireless infrastructure to support 802.1x and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only pre-shared key compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the 802.1x requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?
A. Create a separate SSID and require the use of dynamic encryption keys.
B. Create a separate SSID with a pre-shared key to support the legacy clients and rotate the key at random intervals.
C. Create a separate SSID and pre-shared WPA2 key on a new network segment and only allow required communication paths.
D. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.