This page was exported from Free Download Braindump2go Latest Microsoft Exam Questions & Microsoft Exam Dumps [ ] Export date:Tue Feb 18 1:54:24 2020 / +0000 GMT ___________________________________________________ Title: [2018-June-New]Exam Pass 100%!Braindump2go CAS-002 Exam VCE 900Q Instant Download[12-22] --------------------------------------------------- 2018 June New CompTIA CAS-002 Exam Dumps with PDF and VCE Just Updated Today! Following are some new CAS-002 Real Exam Questions: 1.|2018 Latest CAS-002 Exam Dumps (PDF & VCE) 900Q&As Download:|2018 Latest CAS-002 Exam Questions & Answers Download: 12A company contracts with a third party to develop a new web application to process credit cards. Which of the following assessments will give the company the GREATEST level of assurance for the web application?A. Social EngineeringB. Penetration TestC. Vulnerability AssessmentD. Code ReviewAnswer: DQUESTION 13A security audit has uncovered that some of the encryption keys used to secure the company B2B financial transactions with its partners may be too weak. The security administrator needs to implement a process to ensure that financial transactions will not be compromised if a weak encryption key is found. Which of the following should the security administrator implement?A. Entropy should be enabled on all SSLv2 transactions.B. AES256-CBC should be implemented for all encrypted data.C. PFS should be implemented on all VPN tunnels.D. PFS should be implemented on all SSH connections.Answer: CQUESTION 14Company Z is merging with Company A to expand its global presence and consumer base. This purchase includes several offices in different countries. To maintain strict internal security and compliance requirements, all employee activity may be monitored and reviewed. Which of the following would be the MOST likely cause for a change in this practice?A. The excessive time it will take to merge the company's information systems.B. Countries may have different legal or regulatory requirements.C. Company A might not have adequate staffing to conduct these reviews.D. The companies must consolidate security policies during the merger.Answer: BQUESTION 15A business is currently in the process of upgrading its network infrastructure to accommodate a personnel growth of over fifty percent within the next six months. All preliminary planning has been completed and a risk assessment plan is being adopted to decide which security controls to put in place throughout each phase.Which of the following risk responses is MOST likely being considered if the business is creating an SLA with a third party?A. Accepting riskB. Mitigating riskC. Identifying riskD. Transferring riskAnswer: DQUESTION 16Which of the following must be taken into consideration for e-discovery purposes when a legal case is first presented to a company?A. Data ownership on all filesB. Data size on physical disksC. Data retention policies on only file serversD. Data recovery and storageAnswer: DQUESTION 17Based on the results of a recent audit, a company rolled out a standard computer image in an effort to provide consistent security configurations across all computers. Which of the following controls provides the GREATEST level of certainty that unauthorized changes are not occurring?A. Schedule weekly vulnerability assessmentsB. Implement continuous log monitoringC. Scan computers weekly against the baselineD. Require monthly reports showing compliance with configuration and updatesAnswer: CQUESTION 18A new project initiative involves replacing a legacy core HR system, and is expected to touch many major operational systems in the company. A security administrator is engaged in the project to provide security consulting advice. In addition, there are database, network, application, HR, and transformation management consultants engaged on the project as well. The administrator has established the security requirements. Which of the following is the NEXT logical step?A. Document the security requirements in an email and move on to the next most urgent task.B. Organize for a requirements workshop with the non-technical project members, being the HR and transformation management consultants.C. Communicate the security requirements with all stakeholders for discussion and buy-in.D. Organize for a requirements workshop with the technical project members, being the database, network, and application consultants.Answer: CQUESTION 19A small company has a network with 37 workstations, 3 printers, a 48 port switch, an enterprise class router, and a firewall at the boundary to the ISP. The workstations have the latest patches and all have up-to-date anti-virus software. User authentication is a two-factor system with fingerprint scanners and passwords. Sensitive data on each workstation is encrypted. The network is configured to use IPv4 and is a standard Ethernet network. The network also has a captive portal based wireless hot-spot to accommodate visitors. Which of the following is a problem with the security posture of this company?A. No effective controls in placeB. No transport security controls are implementedC. Insufficient user authentication controls are implementedD. IPv6 is not incorporated in the networkAnswer: BQUESTION 20Which of the following authentication types is used primarily to authenticate users through the use of tickets?A. LDAPB. RADIUSC. TACACS+D. KerberosAnswer: DQUESTION 21A company is developing a new web application for its Internet users and is following a secure coding methodology. Which of the following methods would BEST assist the developers in determining if any unknown vulnerabilities are present?A. Conduct web server load tests.B. Conduct static code analysis.C. Conduct fuzzing attacks.D. Conduct SQL injection and XSS attacks.Answer: CQUESTION 22A project has been established in a large bank to develop a new secure online banking platform. Half way through the development it was discovered that a key piece of software used as part of the base platform is now susceptible to recently published exploits. Who should be contacted FIRST by the project team to discuss potential changes to the platform requirements?A. EngineersB. Facilities ManagerC. StakeholdersD. Human ResourcesAnswer: C!!!RECOMMEND!!! 1.|2018 Latest CAS-002 Exam Dumps (PDF & VCE) 900Q&As Download:|2018 Latest CAS-002 Study Guide Video: YouTube Video: --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2018-06-15 04:02:07 Post date GMT: 2018-06-15 04:02:07 Post modified date: 2018-06-15 04:02:07 Post modified date GMT: 2018-06-15 04:02:07 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from