★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


Q151. - (Topic 5) 

A small company’s Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company’s security posture with regard to targeted attacks. Which of the following should the CSO conduct FIRST? 

A. Survey threat feeds from analysts inside the same industry. 

B. Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic. 

C. Conduct an internal audit against industry best practices to perform a gap analysis. 

D. Deploy a UTM solution that receives frequent updates from a trusted industry vendor. 

Answer:


Q152. - (Topic 3) 

A helpdesk manager at a financial company has received multiple reports from employees and customers that their phone calls sound metallic on the voice system. The helpdesk has been using VoIP lines encrypted from the handset to the PBX for several years. Which of the following should be done to address this issue for the future? 

A. SIP session tagging and QoS 

B. A dedicated VLAN 

C. Lower encryption setting 

D. Traffic shaping 

Answer:


Q153. - (Topic 4) 

A business owner has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently implemented a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches. Which of the following statements BEST describes this situation? 

A. The business owner is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products. 

B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete. 

C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the business owner. 

D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly. 

Answer:


Q154. - (Topic 1) 

The Chief Executive Officer (CEO) of an Internet service provider (ISP) has decided to limit the company’s contribution to worldwide Distributed Denial of Service (DDoS) attacks. Which of the following should the ISP implement? (Select TWO). 

A. Block traffic from the ISP’s networks destined for blacklisted IPs. 

B. Prevent the ISP’s customers from querying DNS servers other than those hosted by the ISP. 

C. Scan the ISP’s customer networks using an up-to-date vulnerability scanner. 

D. Notify customers when services they run are involved in an attack. 

E. Block traffic with an IP source not allocated to customers from exiting the ISP's network. 

Answer: D,E 


Q155. - (Topic 5) 

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted? 

A. The company should develop an in-house solution and keep the algorithm a secret. 

B. The company should use the CEO’s encryption scheme. 

C. The company should use a mixture of both systems to meet minimum standards. 

D. The company should use the method recommended by other respected information security organizations. 

Answer:


Q156. - (Topic 3) 

A company receives an e-discovery request for the Chief Information Officer’s (CIO’s) email data. The storage administrator reports that the data retention policy relevant to their industry only requires one year of email data. However the storage administrator also reports that there are three years of email data on the server and five years of email data on backup tapes. How many years of data MUST the company legally provide? 

A. 1 

B. 2 

C. 3 

D. 5 Answer: D 


Q157. - (Topic 2) 

A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following figures is the system’s SLE? 

A. $2,000 

B. $8,000 

C. $12,000 

D. $32,000 

Answer:


Q158. CORRECT TEXT - (Topic 3) 

An administrator wants to install a patch to an application. Given the scenario, download, verify and install the patch in the most secure manner. Instructions The last install that is completed will be the final submission 

Answer: You need to check the hash value of download software with md5 utility. 


Q159. - (Topic 4) 

The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients. 

Which of the following is MOST likely the cause of this problem? 

A. TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped. 

B. TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall. 

C. Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped. 

D. The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped. 

Answer:


Q160. - (Topic 1) 

A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO). 

A. The user’s certificate private key must be installed on the VPN concentrator. 

B. The CA’s certificate private key must be installed on the VPN concentrator. 

C. The user certificate private key must be signed by the CA. 

D. The VPN concentrator’s certificate private key must be signed by the CA and installed on the VPN concentrator. 

E. The VPN concentrator’s certificate private key must be installed on the VPN concentrator. 

F. The CA’s certificate public key must be installed on the VPN concentrator. 

Answer: E,F