★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/CAS-002-dumps.html


Q121. - (Topic 2) 

A company has a difficult time communicating between the security engineers, application developers, and sales staff. The sales staff tends to overpromise the application deliverables. The security engineers and application developers are falling behind schedule. Which of the following should be done to solve this? 

A. Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliverables. 

B. Allow the security engineering team to do application development so they understand why it takes so long. 

C. Allow the application developers to attend a sales conference so they understand how business is done. 

D. Allow the sales staff to learn application programming and security engineering so they understand the whole lifecycle. 

Answer:


Q122. CORRECT TEXT - (Topic 2) 

Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range. 

Instructions: Click on the simulation button to refer to the Network Diagram for Company A. 

Click on Router 1, Router 2, and the Firewall to evaluate and configure each device. 

Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces. 

Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network. 

Answer: Please check the explanation part for the solution. 


Q123. - (Topic 5) 

A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame as to whose fault it was that the incident occurred. In which part of the incident response phase would this be addressed in a controlled and productive manner? 

A. During the Identification Phase 

B. During the Lessons Learned phase 

C. During the Containment Phase 

D. During the Preparation Phase 

Answer:


Q124. CORRECT TEXT - (Topic 3) 

Answer: 192.18.1.0/24 any 192.168.20.0/24 3389 any 


Q125. - (Topic 2) 

A large company is preparing to merge with a smaller company. The smaller company has been very profitable, but the smaller company’s main applications were created in-house. Which of the following actions should the large company’s security administrator take in preparation for the merger? 

A. A review of the mitigations implemented from the most recent audit findings of the smaller company should be performed. 

B. An ROI calculation should be performed to determine which company's application should be used. 

C. A security assessment should be performed to establish the risks of integration or co-existence. 

D. A regression test should be performed on the in-house software to determine security risks associated with the software. 

Answer:


Q126. - (Topic 1) 

A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk? 

A. Deploy new perimeter firewalls at all stores with UTM functionality. 

B. Change antivirus vendors at the store and the corporate office. 

C. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution. 

D. Deploy a proxy server with content filtering at the corporate office and route all traffic through it. 

Answer:


Q127. - (Topic 5) 

A security manager is collecting RFQ, RFP, and RFI publications to help identify the technology trends which a government will be moving towards in the future. This information is available to the public. By consolidating the information, the security manager will be able to combine several perspectives into a broader view of technology trends. This is an example of which of the following? (Select TWO). 

A. Supervisory control and data acquisition 

B. Espionage 

C. Hacktivism 

D. Data aggregation 

E. Universal description discovery and integration 

F. Open source intelligence gathering 

Answer: D,F 


Q128. - (Topic 5) 

A Chief Information Security Officer (CISO) is approached by a business unit manager who heard a report on the radio this morning about an employee at a competing firm who shipped a VPN token overseas so a fake employee could log into the corporate VPN. The CISO asks what can be done to mitigate the risk of such an incident occurring within the organization. Which of the following is the MOST cost effective way to mitigate such a risk? 

A. Require hardware tokens to be replaced on a yearly basis. 

B. Implement a biometric factor into the token response process. 

C. Force passwords to be changed every 90 days. 

D. Use PKI certificates as part of the VPN authentication process. 

Answer:


Q129. DRAG DROP - (Topic 2) 

A manufacturer is planning to build a segregated network. There are requirements to segregate development and test infrastructure from production and the need to support multiple entry points into the network depending on the service being accessed. There are also strict rules in place to only permit user access from within the same zone. Currently, the following access requirements have been identified: 

1. Developers have the ability to perform technical validation of development applications. 

2. End users have the ability to access internal web applications. 

3. Third-party vendors have the ability to support applications. 

In order to meet segregation and access requirements, drag and drop the appropriate network zone that the user would be accessing and the access mechanism to meet the above criteria. Options may be used once or not at all. All placeholders must be filled. 

Answer: 


Q130. - (Topic 2) 

An IT Manager is concerned about errors made during the deployment process for a new model of tablet. Which of the following would suggest best practices and configuration parameters that technicians could follow during the deployment process? 

A. Automated workflow 

B. Procedure 

C. Corporate standard 

D. Guideline 

E. Policy 

Answer: