Finding Updated CAS-002 braindumps

CAS-002 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!

https://www.2passeasy.com/dumps/CAS-002/

Our pass rate is high to 98.9% and the similarity percentage between our CAS-002 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA CAS-002 exam in just one try? I am currently studying for the CompTIA CAS-002 exam. Latest CompTIA CAS-002 Test exam practice questions and answers, Try CompTIA CAS-002 Brain Dumps First.


This Testaimer.com web site will certainly provide you with credible info concerning CAS-002 exam dumps

P.S. Download CAS-002 preparation exams are available on Google Drive, GET MORE: https://drive.google.com/open?id=1jFEYVEoSSaRH30NOS859G8vaEUVGAdF5


New CompTIA CAS-002 Exam Dumps Collection (Question 8 - Question 17)

Q1. A system administrator needs to meet the maximum amount of security goals for a new DNS infrastructure. The administrator deploys DNSSEC extensions to the domain names

and infrastructure. Which of the following security goals does this meet? (Select TWO).

A. Availability

B. Authentication

C. Integrity

D. Confidentiality

E. Encryption

Answer: B,C


Q2. The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following:

90.76.165.40 u2013 - [08/Mar/2014:10:54:04] u201cGET calendar.php?create%20table%20hidden HTTP/1.1u201d 200 5724

90.76.165.40 u2013 - [08/Mar/2014:10:54:05] u201cGET ../../../root/.bash_history HTTP/1.1u201d 200

5724

90.76.165.40 u2013 - [08/Mar/2014:10:54:04] u201cGET index.php?user=<script>Create</script> HTTP/1.1u201d 200 5724

The security administrator also inspects the following file system locations on the database server using the command u2018ls -al /rootu2019

drwxrwxrwx 11 root root 4096 Sep 28 22:45 .

drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..

-rws------ 25 root root 4096 Mar 8 09:30 .bash_history

-rw------- 25 root root 4096 Mar 8 09:30 .bash_history

-rw------- 25 root root 4096 Mar 8 09:30 .profile

-rw------- 25 root root 4096 Mar 8 09:30 .ssh

Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).

A. Privilege escalation

B. Brute force attack

C. SQL injection

D. Cross-site scripting

E. Using input validation, ensure the following characters are sanitized: <>

F. Update crontab with: find / \\( -perm -4000 \\) u2013type f u2013print0 | xargs -0 ls u2013l | email.sh

G. Implement the following PHP directive: $clean_user_input = addslashes($user_input)

H. Set an account lockout policy

Answer: A,F


Q3. A new web based application has been developed and deployed in production. A security engineer decides to use an HTTP interceptor for testing the application. Which of the following problems would MOST likely be uncovered by this tool?

A. The tool could show that input validation was only enabled on the client side

B. The tool could enumerate backend SQL database table and column names

C. The tool could force HTTP methods such as DELETE that the server has denied

D. The tool could fuzz the application to determine where memory leaks occur

Answer: A


Q4. An organization has decided to reduce labor costs by outsourcing back office processing of credit applications to a provider located in another country. Data sovereignty and privacy concerns raised by the security team resulted in the third-party provider only accessing and processing the data via remote desktop sessions. To facilitate communications and improve productivity, staff at the third party has been provided with corporate email accounts that are only accessible via the remote desktop sessions. Email forwarding is blocked and staff at the third party can only communicate with staff within the organization. Which of the following additional controls should be implemented to prevent data loss? (Select THREE).

A. Implement hashing of data in transit

B. Session recording and capture

C. Disable cross session cut and paste

D. Monitor approved credit accounts

E. User access audit reviews

F. Source IP whitelisting

Answer: C,E,F


Q5. A new piece of ransomware got installed on a companyu2019s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern?

A. Determining how to install HIPS across all server platforms to prevent future incidents

B. Preventing the ransomware from re-infecting the server upon restore

C. Validating the integrity of the deduplicated data

D. Restoring the data will be difficult without the application configuration

Answer: D


Q6. An insurance company is looking to purchase a smaller company in another country. Which of the following tasks would the security administrator perform as part of the security due diligence?

A. Review switch and router configurations

B. Review the security policies and standards

C. Perform a network penetration test

D. Review the firewall rule set and IPS logs

Answer: B


Q7. A human resources manager at a software development company has been tasked with recruiting personnel for a new cyber defense division in the company. This division will require personnel to have high technology skills and industry certifications. Which of the following is the BEST method for this manager to gain insight into this industry to execute the task?

A. Interview candidates, attend training, and hire a staffing company that specializes in technology jobs

B. Interview employees and managers to discover the industry hot topics and trends

C. Attend meetings with staff, internal training, and become certified in software management

D. Attend conferences, webinars, and training to remain current with the industry and job requirements

Answer: D


Q8. A forensic analyst works for an e-discovery firm where several gigabytes of data are processed daily. While the business is lucrative, they do not have the resources or the scalability to adequately serve their clients. Since it is an e-discovery firm where chain of custody is important, which of the following scenarios should they consider?

A. Offload some data processing to a public cloud

B. Aligning their client intake with the resources available

C. Using a community cloud with adequate controls

D. Outsourcing the service to a third party cloud provider

Answer: C


Q9. A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO).

A. The useru2019s certificate private key must be installed on the VPN concentrator.

B. The CAu2019s certificate private key must be installed on the VPN concentrator.

C. The user certificate private key must be signed by the CA.

D. The VPN concentratoru2019s certificate private key must be signed by the CA and installed on the VPN concentrator.

E. The VPN concentratoru2019s certificate private key must be installed on the VPN concentrator.

F. The CAu2019s certificate public key must be installed on the VPN concentrator.

Answer: E,F


Q10. A company that must comply with regulations is searching for a laptop encryption product to use for its 40,000 end points. The product must meet regulations but also be flexible enough to minimize overhead and support in regards to password resets and lockouts. Which of the following implementations would BEST meet the needs?

A. A partition-based software encryption product with a low-level boot protection and authentication

B. A container-based encryption product that allows the end users to select which files to encrypt

C. A full-disk hardware-based encryption product with a low-level boot protection and authentication

D. A file-based encryption product using profiles to target areas on the file system to encrypt

Answer: : D


Recommend!! Get the Download CAS-002 dumps in VCE and PDF From Allfreedumps, Welcome to download: https://www.allfreedumps.com/CAS-002-dumps.html (New 450 Q&As Version)