Certleader 2018 New CAS-002 Exam Dumps (PDF & VCE) Download: https://www.certleader.com/CAS-002-dumps.html

Our pass rate is high to 98.9% and the similarity percentage between our CAS-002 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the CompTIA CAS-002 exam in just one try? I am currently studying for the CompTIA CAS-002 exam. Latest CompTIA CAS-002 Test exam practice questions and answers, Try CompTIA CAS-002 Brain Dumps First.

P.S. High value CAS-002 bundle are available on Google Drive, GET MORE: https://drive.google.com/open?id=1LW12huDLg6jOYg9lhN_DwABm-ur1zaYh

New CompTIA CAS-002 Exam Dumps Collection (Question 9 - Question 18)

New Questions 9

An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:

1. Each lab must be on a separate network segment.

2. Labs must have access to the Internet, but not other lab networks.

3. Student devices must have network access, not simple access to hosts on the lab networks.

4. Students must have a private certificate installed before gaining access.

5. Servers must have a private certificate installed locally to provide assurance to the students.

6. All students must use the same VPN connection profile.

Which of the following components should be used to achieve the design in conjunction with directory services?

A. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment

B. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment

C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment

D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment

Answer: C

New Questions 10

A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing confidential corporate information on a daily basis. Which of the following are the MOST effective security controls that can be implemented to stop the above problem? (Select TWO).

A. Implement a URL filter to block the online forum

B. Implement NIDS on the desktop and DMZ networks

C. Security awareness compliance training for all employees

D. Implement DLP on the desktop, email gateway, and web proxies

A. E. Review of security policies and procedures

Answer: C,D

New Questions 11

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the companyu2019s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE).

A. Business or technical justification for not implementing the requirements.

B. Risks associated with the inability to implement the requirements.

C. Industry best practices with respect to the technical implementation of the current controls.

D. All section of the policy that may justify non-implementation of the requirements.

A. E. A revised DRP and COOP plan to the exception form.

F. Internal procedures that may justify a budget submission to implement the new requirement.

G. Current and planned controls to mitigate the risks.

Answer: A,B,G

New Questions 12

An administrator is tasked with securing several website domains on a web server. The administrator elects to secure www.example.com, mail.example.org, archive.example.com, and www.example.org with the same certificate. Which of the following would allow the administrator to secure those domains with a single issued certificate?

A. Intermediate Root Certificate

B. Wildcard Certificate

C. EV x509 Certificate

D. Subject Alternative Names Certificate

Answer: D

New Questions 13

The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required.

Which of the following BEST describes the risk assurance officeru2019s concerns?

A. Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS.

B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails.

C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS.

D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in

A. data throughput performance issues.

Answer: C

New Questions 14

An organization has several production critical SCADA supervisory systems that cannot follow the normal 30-day patching policy. Which of the following BEST maximizes the protection of these systems from malicious software?

A. Configure a firewall with deep packet inspection that restricts traffic to the systems

B. Configure a separate zone for the systems and restrict access to known ports

C. Configure the systems to ensure only necessary applications are able to run

D. Configure the host firewall to ensure only the necessary applications have listening ports

Answer: C

New Questions 15

Several business units have requested the ability to use collaborative web-based meeting places with third party vendors. Generally these require user registration, installation of client-based ActiveX or Java applets, and also the ability for the user to share their desktop in read-only or read-write mode. In order to ensure that information security is not compromised, which of the following controls is BEST suited to this situation?

A. Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation.

B. Hire an outside consultant firm to perform both a quantitative and a qualitative risk- based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur.

C. Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked.

D. Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited.

Answer: D

New Questions 16

A Linux security administrator is attempting to resolve performance issues with new software installed on several baselined user systems. After investigating, the security administrator determines that the software is not initializing or executing correctly. For security reasons, the company has implemented trusted operating systems with the goal of preventing unauthorized changes to the configuration baseline. The MOST likely cause of

this problem is that SE Linux is set to:

A. Enforcing mode with an incorrectly configured policy.

B. Enforcing mode with no policy configured.

C. Disabled with a correctly configured policy.

D. Permissive mode with an incorrectly configured policy.

Answer: A

New Questions 17

A startup company offering software on demand has hired a security consultant to provide expertise on data security. The companyu2019s clients are concerned about data confidentiality. The security consultant must design an environment with data confidentiality as the top priority, over availability and integrity. Which of the following designs is BEST suited for this purpose?

A. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment to access the virtualized applications. A secret key kept by the startup encrypts the application virtual memory and data store.

B. All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment and to access the virtualized applications. Each client has a common shared key, which encrypts the application virtual memory and data store.

C. Each client is assigned a set of virtual hosts running shared hardware. Physical storage is partitioned into LUNS and assigned to each client. MPLS technology is used to segment and encrypt each of the clientu2019s networks. PKI based remote desktop with hardware tokens is used by the client to connect to the application.

D. Each client is assigned a set of virtual hosts running shared hardware. Virtual storage is partitioned and assigned to each client. VLAN technology is used to segment each of the clientu2019s networks. PKI based remote desktop access is used by the client to connect to the application.

Answer: C

New Questions 18

A team of security engineers has applied regulatory and corporate guidance to the design of a corporate network. The engineers have generated an SRTM based on their work and a thorough analysis of the complete set of functional and performance requirements in the network specification. Which of the following BEST describes the purpose of an SRTM in this scenario?

A. To ensure the security of the network is documented prior to customer delivery

B. To document the source of all functional requirements applicable to the network

C. To facilitate the creation of performance testing metrics and test plans

D. To allow certifiers to verify the network meets applicable security requirements

Answer: D

To know more about the CAS-002 dumps download, click here.

Recommend!! Get the High value CAS-002 dumps in VCE and PDF From Dumpscollection, Welcome to download: http://www.dumpscollection.net/dumps/CAS-002/ (New 532 Q&As Version)