[2018-June-New]Free Braindump2go CAS-002 Exam Dumps Free 900Q Download[112-122]
2018 June New CompTIA CAS-002 Exam Dumps with PDF and VCE Just Updated Today! Following are some new CAS-002 Real Exam Questions:
1.|2018 Latest CAS-002 Exam Dumps (PDF & VCE) 900Q&As Download:
2.|2018 Latest CAS-002 Exam Questions & Answers Download:
“We need the system to produce a series of numbers with no discernible mathematical progression for use by our Java based, PKI-enabled, customer facing website.”
Which of the following BEST restates the customer need?
A. The system shall use a pseudo-random number generator seeded the same every time.
B. The system shall generate a pseudo-random number upon invocation by the existing Java program.
C. The system shall generate a truly random number based upon user PKI certificates.
D. The system shall implement a pseudo-random number generator for use by corporate
A startup company offering software on demand has hired a security consultant to provide expertise on data security.
The company’s clients are concerned about data confidentiality.
The security consultant must design an environment with data confidentiality as the top priority, over availability and integrity.
Which of the following designs is BEST suited for this purpose?
A. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage.
Clients use terminal service access to the shared environment to access the virtualized applications.
A secret key kept by the startup encrypts the application virtual memory and data store.
B. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage.
Clients use terminal service access to the shared environment and to access the virtualized applications.
Each client has a common shared key, which encrypts the application virtual memory and
C. Each client is assigned a set of virtual hosts running shared hardware.
Physical storage is partitioned into LUNS and assigned to each client.
MPLS technology is used to segment and encrypt each of the client’s networks.
PKI based remote desktop with hardware tokens is used by the client to connect to the application.
D. Each client is assigned a set of virtual hosts running shared hardware.
Virtual storage is partitioned and assigned to each client.
VLAN technology is used to segment each of the client’s networks.
PKI based remote desktop access is used by the client to connect to the application.
The <nameID> element in SAML can be provided in which of the following predefined formats? (Select TWO).
A. X.509 subject name
B. PTR DNS record
C. EV certificate OID extension
D. Kerberos principal name
E. WWN record name
A security researcher is about to evaluate a new secure VoIP routing appliance.
The appliance manufacturer claims the new device is hardened against all known attacks and several un-disclosed zero day exploits.
The code base used for the device is a combination of compiled C and TC/TKL scripts.
Which of the following methods should the security research use to enumerate the ports and protocols in use by the appliance?
A. Device fingerprinting
B. Switchport analyzer
C. Grey box testing
D. Penetration testing
A network administrator notices a security intrusion on the web server.
A. Buffer overflow
B. Click jacking
C. SQL injection
D. XSS attack
The Chief Information Security Officer (CISO) of a small bank wants to embed a monthly testing regiment into the security management plan specifically for the development area.
The CISO’s requirements are that testing must have a low risk of impacting system stability, can be scripted, and is very thorough.
The development team claims that this will lead to a higher degree of test script maintenance and that it would be preferable if the testing was outsourced to a third party.
The CISO still maintains that third-party testing would not be as thorough as the third party lacks the introspection of the development team.
Which of the following will satisfy the CISO requirements?
A. Grey box testing performed by a major external consulting firm who have signed a NDA.
B. Black box testing performed by a major external consulting firm who have signed a NDA.
C. White box testing performed by the development and security assurance teams.
D. Grey box testing performed by the development and security assurance teams.
A database administrator comes across the below records in one of the databases during an internal audit of the payment system:
UserIDAddressCredit Card No.Password
jsmith123 fake street55XX-XXX-XXXX-1397Password100
jqdoe234 fake street42XX-XXX-XXXX-202717DEC12
From a security perspective, which of the following should be the administrator’s GREATEST concern, and what will correct the concern?
A. Concern: Passwords are stored in plain text.
Correction: Require a minimum of 8 alphanumeric characters and hash the password.
B. Concern: User IDs are also usernames, and could be enumerated, thereby disclosing
sensitive account information.
Correction: Require user IDs to be more complex by using alphanumeric characters and
hash the UserIDs.
C. Concern: User IDs are confidential private information.
Correction: Require encryption of user IDs.
D. Concern: More than four digits within a credit card number are stored.
Correction: Only store the last four digits of a credit card to protect sensitive financial
A company is preparing to upgrade its NIPS at five locations around the world.
The three platforms the team plans to test, claims to have the most advanced features and lucrative pricing.
Assuming all platforms meet the functionality requirements, which of the following methods should be used to select the BEST platform?
A. Establish return on investment as the main criteria for selection.
B. Run a cost/benefit analysis based on the data received from the RFP.
C. Evaluate each platform based on the total cost of ownership.
D. Develop a service level agreement to ensure the selected NIPS meets all performance requirements.
A corporation has expanded for the first time by integrating several newly acquired businesses.
Which of the following are the FIRST tasks that the security team should undertake? (Select TWO).
A. Remove acquired companies Internet access.
B. Federate identity management systems.
C. Install firewalls between the businesses.
D. Re-image all end user computers to a standard image.
E. Develop interconnection policy.
F. Conduct a risk analysis of each acquired company’s networks.
An administrator receives reports that the network is running slow for users connected to a certain switch.
Viewing the network traffic, the administrator reviews the following:
18:51:59.042108 IP linuxwksta.55467 > dns.company.com.domain: 39462+ PTR? 18.104.22.168.in-addr.arpa. (42)
18:51:59.055732 IP dns.company.com.domain > linuxwksta.55467: 39462 NXDomain 0/0/0 (42)
18:51:59.055842 IP linuxwksta.48287 > dns.company.com.domain: 46767+ PTR? 255.19.4.10.in-addr.arpa. (42)
18:51:59.069816 IP dns.company.com.domain > linuxwksta.48287: 46767 NXDomain 0/0/0 (42)
18:51:59.159060 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [P.], seq 1989625106:1989625154, ack 2067334822, win 1525, options [nop,nop,TS val 16021424 ecr 215646227], length 48
18:51:59.159145 IP linuxwksta.48854 > dns.company.com.domain: 3834+ PTR? 22.214.171.124.in-addr.arpa. (41)
18:51:59.159314 IP 10.4.17.72.iscsi-target > linuxwksta.42491: Flags [P.], seq 1:49, ack 48, win 124, options [nop,nop,TS val 215647479 ecr 16021424], length 48
18:51:59.159330 IP linuxwksta.42491 > 10.4.17.72.iscsi-target: Flags [.], ack 49, win 1525, options [nop,nop,TS val 16021424 ecr 215647479], length 0
18:51:59.165342 IP dns.company.com.domain > linuxwksta.48854: 3834 NXDomain 0/0/0 (41)
18:51:59.397461 ARP, Request who-has 10.4.16.58 tell 10.4.16.1, length 46
18:51:59.397597 IP linuxwksta.37684 > dns.company.com.domain: 15022+ PTR? 126.96.36.199.in-addr.arpa. (41)
Given the traffic report, which of the following is MOST likely causing the slow traffic?
A. DNS poisoning
B. Improper network zoning
C. ARP poisoning
D. Improper LUN masking
The security administrator at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years.
The security administrator is only able to find one year’s worth of email records on the server and is now concerned about the possible legal implications of not complying with the request.
Which of the following should the security administrator check BEFORE responding to the request?
A. The company data privacy policies
B. The company backup logs and archives
C. The company data retention policies and guidelines
D. The company data retention procedures
1.|2018 Latest CAS-002 Exam Dumps (PDF & VCE) 900Q&As Download:
2.|2018 Latest CAS-002 Study Guide Video: