Ucertify CAS-002 Questions are updated and all CAS-002 answers are verified by experts. Once you have completely prepared with our CAS-002 exam prep kits you will be ready for the real CAS-002 exam without a problem. We have Latest CompTIA CAS-002 dumps study guide. PASSED CAS-002 First attempt! Here What I Did.

P.S. Top Quality CAS-002 braindump are available on Google Drive, GET MORE: https://drive.google.com/open?id=1LW12huDLg6jOYg9lhN_DwABm-ur1zaYh


New CompTIA CAS-002 Exam Dumps Collection (Question 9 - Question 18)

New Questions 9

The Universal Research Association has just been acquired by the Association of Medical Business Researchers. The new conglomerate has funds to upgrade or replace hardware as part of the acquisition, but cannot fund labor for major software projects. Which of the following will MOST likely result in some IT resources not being integrated?

A. One of the companies may use an outdated VDI.

A. B. Corporate websites may be optimized for different web browsers.

C. Industry security standards and regulations may be in conflict.

D. Data loss prevention standards in one company may be less stringent.

Answer: C



New Questions 10

An administrator has four virtual guests on a host server. Two of the servers are corporate SQL servers, one is a corporate mail server, and one is a testing web server for a small group of developers. The administrator is experiencing difficulty connecting to the host server during peak network usage times. Which of the following would allow the administrator to securely connect to and manage the host server during peak usage times?

A. Increase the virtual RAM allocation to high I/O servers.

B. Install a management NIC and dedicated virtual switch.

C. Configure the high I/O virtual servers to use FCoE rather than iSCSI.

D. Move the guest web server to another dedicated host.

Answer: B



New Questions 11

A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important?

A. Insecure direct object references, CSRF, Smurf

B. Privilege escalation, Application DoS, Buffer overflow

C. SQL injection, Resource exhaustion, Privilege escalation

D. CSRF, Fault injection, Memory leaks

Answer: A



New Questions 12

A manager who was attending an all-day training session was overdue entering bonus and payroll information for subordinates. The manager felt the best way to get the changes entered while in training was to log into the payroll system, and then activate desktop sharing with a trusted subordinate. The manager granted the subordinate control of the desktop thereby giving the subordinate full access to the payroll system. The subordinate did not have authorization to be in the payroll system. Another employee reported the incident to the security team. Which of the following would be the MOST appropriate method for dealing with this issue going forward?

A. Provide targeted security awareness training and impose termination for repeat violators.

B. Block desktop sharing and web conferencing applications and enable use only with approval.

C. Actively monitor the data traffic for each employee using desktop sharing or web conferencing applications.

D. Permanently block desktop sharing and web conferencing applications and do not allow its use at the company.

Answer: A



New Questions 13

-- Exhibit u2013

-- Exhibit --

Company management has indicated that instant messengers (IM) add to employee productivity. Management would like to implement an IM solution, but does not have a budget for the project. The security engineer creates a feature matrix to help decide the most secure product. Click on the Exhibit button.

Which of the following would the security engineer MOST likely recommend based on the table?

A. Product A

B. Product B

C. Product C

D. Product D

Answer: C



New Questions 14

Which of the following should be used to identify overflow vulnerabilities?

A. Fuzzing

B. Input validation

C. Privilege escalation

D. Secure coding standards

Answer: A



New Questions 15

An organization did not know its internal customer and financial databases were compromised until the attacker published sensitive portions of the database on several popular attacker websites. The organization was unable to determine when, how, or who conducted the attacks but rebuilt, restored, and updated the compromised database server to continue operations.

Which of the following is MOST likely the cause for the organizationu2019s inability to determine what really occurred?

A. Too few layers of protection between the Internet and internal network

B. Lack of a defined security auditing methodology

C. Poor intrusion prevention system placement and maintenance

D. Insufficient logging and mechanisms for review

Answer: D



New Questions 16

An administrator has a system hardening policy to only allow network access to certain services, to always use similar hardware, and to protect from unauthorized application configuration changes.

Which of the following technologies would help meet this policy requirement? (Select TWO).

A. Spam filter

B. Solid state drives

C. Management interface

D. Virtualization

E. Host firewall

Answer: D,E



New Questions 17

A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs:

1. The banker accesses the CRM system, a redirect is performed back to the organizationu2019s internal systems.

2. A lookup is performed of the identity and a token is generated, signed and encrypted.

3. A redirect is performed back to the CRM system with the token.

4. The CRM system validates the integrity of the payload, extracts the identity and performs a lookup.

5. If the banker is not in the system and automated provisioning request occurs.

6. The banker is authenticated and authorized and can access the system. This is an example of which of the following?

A. Service provider initiated SAML 2.0

B. Identity provider initiated SAML 1.0

C. OpenID federated single sign on

D. Service provider initiated SAML 1.1

Answer:: A



New Questions 18

A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipments are following secure routes. Which of the following would BEST help the executives meet this goal?

A. Install GSM tracking on each product for end-to-end delivery visibility.

B. Implement geo-fencing to track products.

C. Require drivers to geo-tag documentation at each delivery location.

D. Equip each truck with an RFID tag for location services.

Answer: B



100% Latest CompTIA CAS-002 Questions & Answers shared by Thedumpscentre, Get HERE: http://www.thedumpscentre.com/CAS-002-dumps/ (New 532 Q&As)