Category Archives: CompTIA

[100% Pass Guarantee] Update Latest CompTIA CAS-002 Dumps Exam Materials And Youtube Try

Posted on by

Lead4pass offers latest CompTIA CASP CAS-002 dumps exam training materials and study guides free try. Update the best CompTIA CASP CAS-002 dumps vce youtube online free demo. https://www.lead4pass.com/CAS-002.html dumps pdf practice files. High quality CompTIA CASP CAS-002 dumps exam practice questions and answers, 100% success and guarantee to pass CompTIA CAS-002 exam test easily.

Latest CompTIA CAS-002 dumps pdf materials: https://drive.google.com/open?id=0B_7qiYkH83VRVE55cV9qOGhpbG8

Latest CompTIA 220-801 dumps pdf materials: https://drive.google.com/open?id=0B_7qiYkH83VRNjNMdThRWnZ5R3M

Vendor: CompTIA
Certifications: CASP
Exam Name: CompTIA Advanced Security Practitioner (CASP)
Exam Code: CAS-002
Total Questions: 532 Q&As
CAS-002 dumps
QUESTION: 1
A small company’s Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company’s security posture quickly with regard to targeted attacks.
Which of the following should the CSO conduct FIRST?
A. Survey threat feeds from services inside the same industry.
B. Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic.
C. Conduct an internal audit against industry best practices to perform a qualitative analysis.
D. Deploy a UTM solution that receives frequent updates from a trusted industry vendor.
Correct Answer: A

QUESTION: 2
Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components of the proprietary web application before launch. CAS-002 dumps
Which of the following is the penetration tester MOST likely to use while performing black box testing of the security of the company’s purchased application? (Select TWO).
A. Code review
B. Sandbox
C. Local proxy
D. Fuzzer
E. Port scanner
Correct Answer: C, D

QUESTION: 3
A developer is determining the best way to improve security within the code being developed.
The developer is focusing on input fields where customers enter their credit card details.
Which of the following techniques, if implemented in the code, would be the MOST effective in protecting the fields from malformed input?
A. Client side input validation
B. Stored procedure
C. Encrypting credit card details
D. Regular expression matching
Correct Answer: D

QUESTION: 4
A Chief Financial Officer (CFO) has raised concerns with the Chief Information Security Officer (CISO) because money has been spent on IT security infrastructure, but corporate assets are still found to be vulnerable. The business recently funded a patch management product and SOE hardening initiative. A third party auditor reported findings against the business because some systems were missing patches.
Which of the following statements BEST describes this situation?
A. The CFO is at fault because they are responsible for patching the systems and have already been given patch management and SOE hardening products.
B. The audit findings are invalid because remedial steps have already been applied to patch servers and the remediation takes time to complete.
C. The CISO has not selected the correct controls and the audit findings should be assigned to them instead of the CFO.
D. Security controls are generally never 100% effective and gaps should be explained to stakeholders and managed accordingly.
Correct Answer: D

QUESTION: 5
A new piece of ransomware got installed on a company’s backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. CAS-002 dumps During the incident response, the company finds that all backup tapes for this server are also corrupt.
Which of the following is the PRIMARY concern?
A. Determining how to install HIPS across all server platforms to prevent future incidents
B. Preventing the ransomware from re-infecting the server upon restore
C. Validating the integrity of the deduplicated data
D. Restoring the data will be difficult without the application configuration
Correct Answer: D
CAS-002 dumps
QUESTION: 6
The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working.
Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53?
A. PING
B. NESSUS
C. NSLOOKUP
D. NMAP
Correct Answer: D

QUESTION: 7
Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption.
Which of the following solutions minimizes the performance impact on the router?
A. Deploy inline network encryption devices
B. Install an SSL acceleration appliance
C. Require all core business applications to use encryption
D. Add an encryption module to the router and configure IPSec
Correct Answer: A

QUESTION: 8
The source workstation image for new accounting PCs has begun blue-screening. A technician notices that the date/time stamp of the image source appears to have changed. The desktop support director has asked the Information Security department to determine if any changes were made to the source image.
Which of the following methods would BEST help with this process? (Select TWO).
A. Retrieve source system image from backup and run file comparison analysis on the two images.
B. Parse all images to determine if extra data is hidden using steganography.
C. Calculate a new hash and compare it with the previously captured image hash.
D. Ask desktop support if any changes to the images were made.
E. Check key system files to see if date/time stamp is in the past six months.
Correct Answer: A, C

QUESTION: 9
The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it.
Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system?
A. Virtualize the system and migrate it to a cloud provider.
B. Segment the device on its own secure network.
C. Install an antivirus and HIDS on the system.
D. Hire developers to reduce vulnerabilities in the code.
Correct Answer: B

QUESTION: 10
An organization has decided to reduce labor costs by outsourcing back office processing of credit applications to a provider located in another country. Data sovereignty and privacy concerns raised by the security team resulted in the third-party provider only accessing and processing the data via remote desktop sessions. CAS-002 dumps To facilitate communications and improve productivity, staff at the third party has been provided with corporate email accounts that are only accessible via the remote desktop sessions. Email forwarding is blocked and staff at the third party can only communicate with staff within the organization.
Which of the following additional controls should be implemented to prevent data loss? (Select THREE).
A. Implement hashing of data in transit
B. Session recording and capture
C. Disable cross session cut and paste
D. Monitor approved credit accounts
E. User access audit reviews
F. Source IP whitelisting
Correct Answer: C, E, F

Reference: https://www.lead4pass.com/CAS-002.html dumps pdf questions and answers free update.

Watch the video to learn more: 

[100% Pass Guarantee] Latest CompTIA SY0-401 Dumps Exam Questions And Answers

Posted on by

Latest and most accurate CompTIA SY0-401 dumps exam study material and real exam practice questions and answers. All the questions and answers are revised by the skillful experts. 100% pass guarantee of your CompTIA SY0-401 dumps exam. Pass your CompTIA SY0-401 exam test easily with Lead4Pass exam dumps.

Question No : 1
A company determines a need for additional protection from rogue devices plugging into physical ports around the building.
Which of the following provides the highest degree of protection from unauthorized wired network access?
A. Intrusion Prevention Systems
B. MAC filtering
C. Flood guards
D. 802.1x
Answer: D

Explanation:
IEEE 802.1x is an IEEE Standard for Port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols and provides an authentication mechanism to wireless devices connecting to SY0-401 pdf a LAN or WLAN.

Question No : 2
A Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner. Which of the following is the BEST way to run the malware scanner?
A. Kill all system processes
B. Enable the firewall
C. Boot from CD/USB
D. Disable the network connection
Answer: C
SY0-401
Explanation:
Antivirus companies frequently create boot discs you can use to scan and repair your computer. These tools can be burned to a CD or DVD or installed onto a USB drive. You can then restart your computer and boot from the removable media. A special antivirus
environment will load where your computer can be scanned and repaired.

Question No : 3
A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?
A. ICMP
B. BGP
C. NetBIOS
D. DNS
Answer: C

Explanation:
The LMHOSTS file provides a NetBIOS name resolution method that SY0-401 vce can be used for small networks that do not use a WINS server. NetBIOS has been adapted to run on top of TCP/IP, and is still extensively used for name resolution and registration in Windows-based environments.

Question No : 4
Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?
A. Packet Filter Firewall
B. Stateful Firewall
C. Proxy Firewall
D. Application Firewall
Answer: B

Explanation:
Stateful inspections occur at all levels of the network.

Question No : 5
Multi-tenancy is a concept found in which of the following?
A. Full disk encryption
B. Removable media
C. Cloud computing
D. Data loss prevention
Answer: C

Explanation:
One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.

Question No : 6
An organization does not want the wireless network name to be easily discovered. Which of the following software features should be configured on the access points?
A. SSID broadcast
B. MAC filter
C. WPA2
D. Antenna placement
Answer: A

Explanation:
Numerous networks broadcast their name (known as an SSID broadcast) to SY0-401 dumps reveal their presence.

Question No : 7
Which of the following technologies can store multi-tenant data with different security requirements?
A. Data loss prevention
B. Trusted platform module
C. Hard drive encryption
D. Cloud computing
Answer: D

Explanation:
One of the ways cloud computing is able to obtain cost efficiencies is by putting data from various clients on the same machines. This “multitenant” nature means that workloads from different clients can be on the same system, and a flaw in implementation could compromise security.

Question No : 8
Which of the following would satisfy SY0-401 wireless network implementation requirements to use mutual authentication and usernames and passwords?
A. EAP-MD5
B. WEP
C. PEAP-MSCHAPv2
D. EAP-TLS
Answer: C
Explanation:
PEAP-MS-CHAP v2 is easier to deploy than EAP-TLS or PEAP-TLS because user authentication is accomplished via password-base credentials (user name and password) rather than digital certificates or smart cards.

Read more: http://www.lead4pass.com/sy0-401.html The best and most updated Security+ SY0-401 training materials, we also want you to be able to access them easily, whenever you want. We provide all our CompTIA SY0-401 dumps exam training material in PDF format which is a very common format found in all computers and gadgets. Regardless of whichever computer you have, you just need to download one of the many PDF readers that are available for free.

Reference: https://certification.comptia.org/certifications/security