Certleader 2018 New CAS-002 Exam Dumps (PDF & VCE) Download: https://www.certleader.com/CAS-002-dumps.html

Pass4sure CAS-002 Questions are updated and all CAS-002 answers are verified by experts. Once you have completely prepared with our CAS-002 exam prep kits you will be ready for the real CAS-002 exam without a problem. We have Up to date CompTIA CAS-002 dumps study guide. PASSED CAS-002 First attempt! Here What I Did.

P.S. Best Quality CAS-002 practice are available on Google Drive, GET MORE: https://drive.google.com/open?id=1ddthACQd1JGf0imm89GpLL8acwMLf-_e


New CompTIA CAS-002 Exam Dumps Collection (Question 10 - Question 19)

New Questions 10

An IT auditor is reviewing the data classification for a sensitive system. The company has classified the data stored in the sensitive system according to the following matrix:

DATA TYPECONFIDENTIALITYINTEGRITYAVAILABILITY

----------------------------------------------------------------------------------------------------------------

FinancialHIGHHIGHLOW

Client nameMEDIUMMEDIUMHIGH Client addressLOWMEDIUMLOW

----------------------------------------------------------------------------------------------------------------- AGGREGATEMEDIUMMEDIUMMEDIUM

The auditor is advising the company to review the aggregate score and submit it to senior management. Which of the following should be the revised aggregate score?

A. HIGH, MEDIUM, LOW

B. MEDIUM, MEDIUM, LOW

C. HIGH, HIGH, HIGH

D. MEDIUM, MEDIUM, MEDIUM

Answer: C


New Questions 11

A financial company implements end-to-end encryption via SSL in the DMZ, and only IPSec in transport mode with AH enabled and ESP disabled throughout the internal network. The company has hired a security consultant to analyze the network infrastructure and provide a solution for intrusion prevention. Which of the following recommendations should the consultant provide to the security administrator?

A. Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.

B. Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.

C. Disable AH. Enable ESP on the internal network, and use NIPS on both networks.

D. Enable ESP on the internal network, and place NIPS on both networks.

Answer: A


New Questions 12

A Physical Security Manager is ready to replace all 50 analog surveillance cameras with IP cameras with built-in web management. The Security Manager has several security guard desks on different networks that must be able to view the cameras without unauthorized people viewing the video as well. The selected IP camera vendor does not have the ability to authenticate users at the camera level. Which of the following should the Security Manager suggest to BEST secure this environment?

A. Create an IP camera network and deploy NIPS to prevent unauthorized access.

B. Create an IP camera network and only allow SSL access to the cameras.

C. Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras.

D. Create an IP camera network and restrict access to cameras from a single management host.

Answer: C


New Questions 13

The Chief Information Security Officer (CISO) of a small bank wants to embed a monthly testing regiment into the security management plan specifically for the development area. The CISOu2019s requirements are that testing must have a low risk of impacting system stability, can be scripted, and is very thorough. The development team claims that this will lead to a higher degree of test script maintenance and that it would be preferable if the testing was outsourced to a third party. The CISO still maintains that third-party testing would not be as thorough as the third party lacks the introspection of the development team. Which of the following will satisfy the CISO requirements?

A. Grey box testing performed by a major external consulting firm who have signed a NDA.

B. Black box testing performed by a major external consulting firm who have signed a NDA.

C. White box testing performed by the development and security assurance teams.

D. Grey box testing performed by the development and security assurance teams.

Answer: C


New Questions 14

A manager who was attending an all-day training session was overdue entering bonus and payroll information for subordinates. The manager felt the best way to get the changes entered while in training was to log into the payroll system, and then activate desktop sharing with a trusted subordinate. The manager granted the subordinate control of the desktop thereby giving the subordinate full access to the payroll system. The subordinate did not have authorization to be in the payroll system. Another employee reported the incident to the security team. Which of the following would be the MOST appropriate method for dealing with this issue going forward?

A. Provide targeted security awareness training and impose termination for repeat violators.

B. Block desktop sharing and web conferencing applications and enable use only with approval.

C. Actively monitor the data traffic for each employee using desktop sharing or web conferencing applications.

D. Permanently block desktop sharing and web conferencing applications and do not allow its use at the company.

Answer: A


New Questions 15

Company XYZ recently acquired a manufacturing plant from Company ABC which uses a different manufacturing ICS platform. Company XYZ has strict ICS security regulations while Company ABC does not. Which of the following approaches would the network security administrator for Company XYZ MOST likely proceed with to integrate the new manufacturing plant?

A. Conduct a network vulnerability assessment of acquired plant ICS platform and correct all identified flaws during integration.

B. Convert the acquired plant ICS platform to the Company XYZ standard ICS platform solely to eliminate potential regulatory conflicts.

C. Conduct a risk assessment of the acquired plant ICS platform and implement any necessary or required controls during integration.

D. Require Company ABC to bring their ICS platform into regulatory compliance prior to integrating the new plant into Company XYZu2019s network.

Answer: C


New Questions 16

Company A has a remote work force that often includes independent contractors and out of state full time employees.

Company A's security engineer has been asked to implement a solution allowing these users to collaborate on projects with the following goals:

Which of the following solutions should the security engineer recommend to meet the MOST goals?

A. Create an SSL reverse proxy to a collaboration workspace. Use remote installation service to maintain application version. Have users use full desktop encryption. Schedule server downtime from 12:00 to 1:00 PM.

B. Install an SSL VPN to Company A's datacenter, have users connect to a standard virtual workstation image, set workstation time of day restrictions.

C. Create an extranet web portal using third party web based office applications. Ensure that Company A maintains the administrative access.

D. Schedule server downtime from 12:00 to 1:00 PM, implement a Terminal Server

A. Gateway, use remote installation services to standardize application on useru2019s laptops.

Answer: B


New Questions 17

A financial institution wants to reduce the costs associated with managing and

troubleshooting employeesu2019 desktops and applications, while keeping employees from copying data onto external storage. The Chief Information Officer (CIO) has asked the security team to evaluate four solutions submitted by the change management group. Which of the following BEST accomplishes this task?

A. Implement desktop virtualization and encrypt all sensitive data at rest and in transit.

B. Implement server virtualization and move the application from the desktop to the server.

C. Implement VDI and disable hardware and storage mapping from the thin client.

D. Move the critical applications to a private cloud and disable VPN and tunneling.

Answer: C


New Questions 18

In a SPML exchange, which of the following BEST describes the three primary roles?

A. The Provisioning Service Target (PST) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the PST requests, and the Provisioning Service Target (PST) performs the provisioning.

B. The Provisioning Service Provider (PSP) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the PSP requests, and the Provisioning Service Provider (PSP) performs the provisioning.

C. The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the RA requests, and the Provisioning Service Provider (PSP) performs the provisioning.

D. The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the RA requests, and the Provisioning Service Target (PST) performs the provisioning.

Answer: D


New Questions 19

Customer Need:

u201cWe need the system to produce a series of numbers with no discernible mathematical progression for use by our Java based, PKI-enabled, customer facing website.u201d

Which of the following BEST restates the customer need?

A. The system shall use a pseudo-random number generator seeded the same every time.

B. The system shall generate a pseudo-random number upon invocation by the existing Java program.

C. The system shall generate a truly random number based upon user PKI certificates.

D. The system shall implement a pseudo-random number generator for use by corporate customers.

Answer: : B



To know more about the CAS-002 dumps download, click here.

P.S. Easily pass CAS-002 Exam with Dumpscollection Best Quality Dumps & pdf vce, Try Free: http://www.dumpscollection.net/dumps/CAS-002/ (532 New Questions)