★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


Q181. - (Topic 4) 

A large international business has completed the acquisition of a small business and it is now in the process of integrating the small business’ IT department. Both parties have agreed that the large business will retain 95% of the smaller business’ IT staff. Additionally, the larger business has a strong interest in specific processes that the smaller business has in place to handle its regional interests. Which of the following IT security related objectives should the small business’ IT staff consider reviewing during the integration process? (Select TWO). 

A. How the large business operational procedures are implemented. 

B. The memorandum of understanding between the two businesses. 

C. New regulatory compliance requirements. 

D. Service level agreements between the small and the large business. 

E. The initial request for proposal drafted during the merger. 

F. The business continuity plan in place at the small business. 

Answer: A,C 


Q182. - (Topic 1) 

A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines. In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs. Which of the following will meet this goal without requiring any hardware pass-through implementations? 

A. vTPM 

B. HSM 

C. TPM 

D. INE 

Answer:


Q183. - (Topic 3) 

A Chief Information Security Officer (CISO) of a major consulting firm has significantly increased the company’s security posture; however, the company is still plagued by data breaches of misplaced assets. These data breaches as a result have led to the compromise of sensitive corporate and client data on at least 25 occasions. Each employee in the company is provided a laptop to perform company business. Which of the following actions can the CISO take to mitigate the breaches? 

A. Reload all user laptops with full disk encryption software immediately. 

B. Implement full disk encryption on all storage devices the firm owns. 

C. Implement new continuous monitoring procedures. 

D. Implement an open source system which allows data to be encrypted while processed. 

Answer:


Q184. - (Topic 5) 

A security administrator notices a recent increase in workstations becoming compromised by malware. Often, the malware is delivered via drive-by downloads, from malware hosting websites, and is not being detected by the corporate antivirus. Which of the following solutions would provide the BEST protection for the company? 

A. Increase the frequency of antivirus downloads and install updates to all workstations. 

B. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections. 

C. Deploy a NIPS to inspect and block all web traffic which may contain malware and exploits. 

D. Deploy a web based gateway antivirus server to intercept viruses before they enter the network. 

Answer:


Q185. - (Topic 2) 

A system administrator has just installed a new Linux distribution. The distribution is configured to be “secure out of the box”. The system administrator cannot make updates to certain system files and services. Each time changes are attempted, they are denied and a system error is generated. Which of the following troubleshooting steps should the security administrator suggest? 

A. Review settings in the SELinux configuration files 

B. Reset root permissions on systemd files 

C. Perform all administrative actions while logged in as root 

D. Disable any firewall software before making changes 

Answer:


Q186. - (Topic 3) 

The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required. 

Which of the following BEST describes the risk assurance officer’s concerns? 

A. Co-mingling guest operating system with different security requirements allows guest OS privilege elevation to occur within the guest OS via shared memory allocation with the host OS. 

B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails. 

C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS. 

D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues. 

Answer:


Q187. - (Topic 2) 

A company with 2000 workstations is considering purchasing a HIPS to minimize the impact of a system compromise from malware. Currently, the company projects a total cost of $50,000 for the next three years responding to and eradicating workstation malware. The Information Security Officer (ISO) has received three quotes from different companies that provide HIPS. 

Which solution should the company select if the contract is only valid for three years? 

A. First quote 

B. Second quote 

C. Third quote 

D. Accept the risk 

Answer:


Q188. - (Topic 4) 

A vulnerability research team has detected a new variant of a stealth Trojan that disables itself when it detects that it is running on a virtualized environment. The team decides to use dedicated hardware and local network to identify the Trojan’s behavior and the remote DNS and IP addresses it connects to. Which of the following tools is BEST suited to identify the DNS and IP addresses the stealth Trojan communicates with after its payload is decrypted? 

A. HIDS 

B. Vulnerability scanner 

C. Packet analyzer 

D. Firewall logs 

E. Disassembler 

Answer:


Q189. - (Topic 4) 

A security engineer is troubleshooting a possible virus infection, which may have spread to multiple desktop computers within the organization. The company implements enterprise antivirus software on all desktops, but the enterprise antivirus server’s logs show no sign of a virus infection. The border firewall logs show suspicious activity from multiple internal hosts trying to connect to the same external IP address. The security administrator decides to post the firewall logs to a security mailing list and receives confirmation from other security administrators that the firewall logs indicate internal hosts are compromised with a new variant of the Trojan.Ransomcrypt.G malware not yet detected by most antivirus software. Which of the following would have detected the malware infection sooner? 

A. The security administrator should consider deploying a signature-based intrusion detection system. 

B. The security administrator should consider deploying enterprise forensic analysis tools. 

C. The security administrator should consider installing a cloud augmented security service. 

D. The security administrator should consider establishing an incident response team. 

Answer:


Q190. - (Topic 2) 

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability? 

A. Source code vulnerability scanning 

B. Time-based access control lists 

C. ISP to ISP network jitter 

D. File-size validation 

E. End to end network encryption 

Answer: