CAS-002 testing engine(4 to 13) for customers: Jan 2019 Edition

Certleader CAS-002 Questions are updated and all CAS-002 answers are verified by experts. Once you have completely prepared with our CAS-002 exam prep kits you will be ready for the real CAS-002 exam without a problem. We have Rebirth CompTIA CAS-002 dumps study guide. PASSED CAS-002 First attempt! Here What I Did.


♥♥ 2018 NEW RECOMMEND ♥♥

Free VCE & PDF File for CompTIA CAS-002 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW CAS-002 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/CAS-002-exam-dumps.html

P.S. Certified CAS-002 preparation are available on Google Drive, GET MORE: https://drive.google.com/open?id=1MWxVvRqKw5P-3mL6Zi7QlXk_26ObOJ_y


New CompTIA CAS-002 Exam Dumps Collection (Question 4 - Question 13)

New Questions 4

An administrator wants to enable policy based flexible mandatory access controls on an open source OS to prevent abnormal application modifications or executions. Which of the following would BEST accomplish this?

A. Access control lists

B. SELinux

C. IPtables firewall

D. HIPS

Answer: B


New Questions 5

The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following:

90.76.165.40 u2013 - [08/Mar/2014:10:54:04] u201cGET calendar.php?create%20table%20hidden HTTP/1.1u201d 200 5724

90.76.165.40 u2013 - [08/Mar/2014:10:54:05] u201cGET ../../../root/.bash_history HTTP/1.1u201d 200

5724

90.76.165.40 u2013 - [08/Mar/2014:10:54:04] u201cGET index.php?user=<script>Create</script> HTTP/1.1u201d 200 5724

The security administrator also inspects the following file system locations on the database server using the command u2018ls -al /rootu2019

drwxrwxrwx 11 root root 4096 Sep 28 22:45 .

drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..

-rws------ 25 root root 4096 Mar 8 09:30 .bash_history

-rw------- 25 root root 4096 Mar 8 09:30 .bash_history

-rw------- 25 root root 4096 Mar 8 09:30 .profile

-rw------- 25 root root 4096 Mar 8 09:30 .ssh

Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).

A. Privilege escalation

B. Brute force attack

C. SQL injection

D. Cross-site scripting

E. Using input validation, ensure the following characters are sanitized: <>

F. Update crontab with: find / \\( -perm -4000 \\) u2013type f u2013print0 | xargs -0 ls u2013l | email.sh

G. Implement the following PHP directive: $clean_user_input = addslashes($user_input)

H. Set an account lockout policy

Answer: A,F


New Questions 6

A company is facing penalties for failing to effectively comply with e-discovery requests. Which of the following could reduce the overall risk to the company from this issue?

A. Establish a policy that only allows filesystem encryption and disallows the use of individual file encryption.

B. Require each user to log passwords used for file encryption to a decentralized repository.

C. Permit users to only encrypt individual files using their domain password and archive all old user passwords.

D. Allow encryption only by tools that use public keys from the existing escrowed corporate PKI.

Answer: D


New Questions 7

An attacker attempts to create a DoS event against the VoIP system of a company. The attacker uses a tool to flood the network with a large number of SIP INVITE traffic. Which of the following would be LEAST likely to thwart such an attack?

A. Install IDS/IPS systems on the network

A. B. Force all SIP communication to be encrypted

C. Create separate VLANs for voice and data traffic

D. Implement QoS parameters on the switches

Answer: D


New Questions 8

A software project manager has been provided with a requirement from the customer to place limits on the types of transactions a given user can initiate without external interaction from another user with elevated privileges. This requirement is BEST described as an implementation of:

A. an administrative control

B. dual control

C. separation of duties

D. least privilege

E. collusion

Answer: C


New Questions 9

Joe, the Chief Executive Officer (CEO), was an Information security professor and a Subject Matter Expert for over 20 years. He has designed a network defense method which he says is significantly better than prominent international standards. He has recommended that the company use his cryptographic method. Which of the following methodologies should be adopted?

A. The company should develop an in-house solution and keep the algorithm a secret.

B. The company should use the CEOu2019s encryption scheme.

C. The company should use a mixture of both systems to meet minimum standards.

D. The company should use the method recommended by other respected information security organizations.

Answer: D


New Questions 10

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

A. Implement an IPS to block the application on the network

B. Implement the remote application out to the rest of the servers

A. C. Implement SSL VPN with SAML standards for federation

D. Implement an ACL on the firewall with NAT for remote access

Answer: C


New Questions 11

A security administrator wants to deploy a dedicated storage solution which is inexpensive, can natively integrate with AD, allows files to be selectively encrypted and is suitable for a small number of users at a satellite office. Which of the following would BEST meet the requirement?

A. SAN

B. NAS

C. Virtual SAN

D. Virtual storage

Answer: B


New Questions 12

A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame for whose fault it was that the incident occurred. In which part of the incident response phase would this be addressed in a controlled and productive manner?

A. During the Identification Phase

B. During the Lessons Learned phase

C. During the Containment Phase

D. During the Preparation Phase

Answer: B


New Questions 13

CORRECT TEXTAn administrator wants to install a patch to an application. Given the scenario, download, verify and install the patch in the most secure manner.

Instructions: The last install that is completed will be the final submission.

Answer: Please check the explanation part for full details on solution.


Recommend!! Get the Certified CAS-002 dumps in VCE and PDF From Surepassexam, Welcome to download: https://www.surepassexam.com/CAS-002-exam-dumps.html (New 450 Q&As Version)