Leading CAS-002: Testking real samples from 1 to 10

New Questions 1

When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.

Which of the following would impact the security of conferenceu2021s resources?

A. Wireless network security may need to be increased to decrease access of mobile devices.

B. Physical security may need to be increased to deter or prevent theft of mobile devices.

C. Network security may need to be increased by reducing the number of available

A. physical network jacks.

D. Wireless network security may need to be decreased to allow for increased access of mobile devices.

New Questions 2

A business unit of a large enterprise has outsourced the hosting and development of a new external website which will be accessed by premium customers, in order to speed up the time to market timeline. Which of the following is the MOST appropriate?

A. The external party providing the hosting and website development should be obligated under contract to provide a secure service which is regularly tested (vulnerability and penetration). SLAs should be in place for the resolution of newly identified vulnerabilities and a guaranteed uptime.

B. The use of external organizations to provide hosting and web development services is not recommended as the costs are typically higher than what can be achieved internally. In addition, compliance with privacy regulations becomes more complex and guaranteed uptimes are difficult to track and measure.

C. Outsourcing transfers all the risk to the third party. An SLA should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.

D. Outsourcing transfers the risk to the third party, thereby minimizing the cost and any legal obligations. An MOU should be in place for the resolution of newly identified vulnerabilities and penetration / vulnerability testing should be conducted regularly.

New Questions 3

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability?

A. Source code vulnerability scanning

B. Time-based access control lists

C. ISP to ISP network jitter

D. File-size validation

E. End to end network encryption

New Questions 4

After being informed that the company DNS is unresponsive, the system administrator issues the following command from a Linux workstation:

Once at the command prompt, the administrator issues the below commanD. Which of the following is true about the above situation?

A. The administrator must use the sudo command in order to restart the service.

B. The administrator used the wrong SSH port to restart the DNS server.

C. The service was restarted correctly, but it failed to bind to the network interface.

D. The service did not restart because the bind command is privileged.

New Questions 5

Continuous monitoring is a popular risk reduction technique in many large organizations with formal certification processes for IT projects. In order to implement continuous monitoring in an effective manner which of the following is correct?

A. Only security related alerts should be forwarded to the network team for resolution.

B. All logs must be centrally managed and access to the logs restricted only to data storage staff.

C. Logging must be set appropriately and alerts delivered to security staff in a timely manner.

D. Critical logs must be monitored hourly and adequate staff must be assigned to the network team.

New Questions 6

A security administrator at a Lab Company is required to implement a solution which will provide the highest level of confidentiality possible to all data on the lab network.

The current infrastructure design includes:

The network is protected with a firewall implementing ACLs, a NIPS device, and secured wireless access points.

Which of the following cryptographic improvements should be made to the current architecture to achieve the stated goals?

A. PKI based authorization

B. Transport encryption

C. Data at rest encryption

D. Code signing

New Questions 7

A small company hosting multiple virtualized client servers on a single host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage solution. Which of the following is the hosting company MOST likely trying to achieve?

A. Increased customer data availability

B. Increased customer data confidentiality

C. Increased security through provisioning

D. Increased security through data integrity

New Questions 8

A finance manager says that the company needs to ensure that the new system can u201creplayu201d data, up to the minute, for every exchange being tracked by the investment departments. The finance manager also states that the companyu2021s transactions need to be tracked against this data for a period of five years for compliance. How would a security engineer BEST interpret the finance manageru2021s needs?

A. Compliance standards

B. User requirements

C. Data elements

D. Data storage

E. Acceptance testing

F. Information digest

G. System requirements

New Questions 9

A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention. Which of the following recommendations should the consultant provide to the security administrator?

A. Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.

B. Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.

C. Disable AH. Enable ESP on the internal network, and use NIPS on both networks.

D. Enable ESP on the internal network, and place NIPS on both networks.

New Questions 10

The Chief Information Security Officer (CISO) at a software development company is concerned about the lack of introspection during a testing cycle of the companyu2021s flagship product. Testing was conducted by a small offshore consulting firm and the report by the consulting firm clearly indicates that limited test cases were used and many of the code paths remained untested.

The CISO raised concerns about the testing results at the monthly risk committee meeting, highlighting the need to get to the bottom of the product behaving unexpectedly in only some large enterprise deployments.

The Security Assurance and Development teams highlighted their availability to redo the testing if required.

Which of the following will provide the MOST thorough testing?

A. Have the small consulting firm redo the Black box testing.

B. Use the internal teams to perform Grey box testing.

C. Use the internal team to perform Black box testing.

D. Use the internal teams to perform White box testing.

E. Use a larger consulting firm to perform Black box testing.