Page 1

100% Real Questions & Correct Answers from Lead2pass

Vendor: CompTIA Exam Code: CAS-002 Exam Name: CompTIA Advanced Security Practitioner Question 161—Question 170 Click to Download All CAS-002 Q&As From Lead2pass QUESTION 161 A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplify the underlying complexity. Which of the following is the MOST suitable integration platform to provide event-driven and standards-based secure software architecture? A. Service oriented architecture (SOA) B. Federated identities C. Object request broker (ORB) D. Enterprise service bus (ESB) Answer: D

QUESTION 162 When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones. Which of the following would impact the security of conference's resources?

CAS-002 Dumps

CAS-002 Exam Questions

CAS-002 New Questions

CAS-002 VCE

CAS-002 PDF

Get Full Version CAS-002 Q&As From Lead2pass: https://www.lead2pass.com/cas-002.html


100% Real Questions & Correct Answers from Lead2pass

A. Wireless network security may need to be increased to decrease access of mobile devices. B. Physical security may need to be increased to deter or prevent theft of mobile devices. C. Network security may need to be increased by reducing the number of available physical network jacks. D. Wireless network security may need to be decreased to allow for increased access of mobile devices. Answer: C

QUESTION 163 A business wants to start using social media to promote the corporation and to ensure that customers have a good experience with their products. Which of the following security items should the company have in place before implementation? (Select TWO). A. The company must dedicate specific staff to act as social media representatives of the company. B. All staff needs to be instructed in the proper use of social media in the work environment. C. Senior staff blogs should be ghost written by marketing professionals. D. The finance department must provide a cost benefit analysis for social media. E. The security policy needs to be reviewed to ensure that social media policy is properly implemented. F. The company should ensure that the company has sufficient bandwidth to allow for social media traffic. Answer: AE

QUESTION 164 The Chief Technology Officer (CTO) has decided that servers in the company datacenter should be virtualized to conserve physical space. The risk assurance officer is concerned that the project team in charge of virtualizing servers plans to co-mingle many guest operating systems with different security requirements to speed up the rollout and reduce the number of host operating systems or hypervisors required. Which of the following BEST describes the risk assurance officer's concerns? A. Co-mingling guest operating system with different security requirements allows guest OS CAS-002 Dumps

CAS-002 Exam Questions

CAS-002 New Questions

CAS-002 VCE

CAS-002 PDF

Get Full Version CAS-002 Q&As From Lead2pass: https://www.lead2pass.com/cas-002.html


100% Real Questions & Correct Answers from Lead2pass

privilege elevation to occur within the guest OS via shared memory allocation with the host OS. B. Co-mingling of guest operating systems with different security requirements increases the risk of data loss if the hypervisor fails. C. A weakly protected guest OS combined with a host OS exploit increases the chance of a successful VMEscape attack being executed, compromising the hypervisor and other guest OS. D. A weakly protected host OS will allow the hypervisor to become corrupted resulting in data throughput performance issues. Answer: C

QUESTION 165 A company receives a subpoena for email that is four years old. Which of the following should the company consult to determine if it can provide the email in question? A. Data retention policy B. Business continuity plan C. Backup and archive processes D. Electronic inventory Answer: A

QUESTION 166 In an effort to reduce internal email administration costs, a company is determining whether to outsource its email to a managed service provider that provides email, spam, and malware protection. The security manager is asked to provide input regarding any security implications of this change. Which of the following BEST addresses risks associated with disclosure of intellectual property? A. Require the managed service provider to implement additional data separation. B. Require encrypted communications when accessing email. C. Enable data loss protection to minimize emailing PII and confidential data. D. Establish an acceptable use policy and incident response policy. CAS-002 Dumps

CAS-002 Exam Questions

CAS-002 New Questions

CAS-002 VCE

CAS-002 PDF

Get Full Version CAS-002 Q&As From Lead2pass: https://www.lead2pass.com/cas-002.html


100% Real Questions & Correct Answers from Lead2pass

Answer: C

QUESTION 167 In single sign-on, the secondary domain needs to trust the primary domain to do which of the following? (Select TWO). A. Correctly assert the identity and authorization credentials of the end user. B. Correctly assert the authentication and authorization credentials of the end user. C. Protect the authentication credentials used to verify the end user identity to the secondary domain for unauthorized use. D. Protect the authentication credentials used to verify the end user identity to the secondary domain for authorized use. E. Protect the accounting credentials used to verify the end user identity to the secondary domain for unauthorized use. F. Correctly assert the identity and authentication credentials of the end user. Answer: DF

QUESTION 168 Due to cost and implementation time pressures, a security architect has allowed a NAS to be used instead of a SAN for a non-critical, low volume database. Which of the following would make a NAS unsuitable for a business critical, high volume database application that required a high degree of data confidentiality and data availability? (Select THREE). A. File level transfer of data B. Zoning and LUN security C. Block level transfer of data D. Multipath E. Broadcast storms F. File level encryption G. Latency Answer: AEG

CAS-002 Dumps

CAS-002 Exam Questions

CAS-002 New Questions

CAS-002 VCE

CAS-002 PDF

Get Full Version CAS-002 Q&As From Lead2pass: https://www.lead2pass.com/cas-002.html


100% Real Questions & Correct Answers from Lead2pass

QUESTION 169 A process allows a LUN to be available to some hosts and unavailable to others. Which of the following causes such a process to become vulnerable? A. LUN masking B. Data injection C. Data fragmentation D. Moving the HBA Answer: D

QUESTION 170 Several business units have requested the ability to use collaborative web-based meeting places with third party vendors. Generally these require user registration, installation of client-based ActiveX or Java applets, and also the ability for the user to share their desktop in read-only or read-write mode. In order to ensure that information security is not compromised, which of the following controls is BEST suited to this situation? A. Disallow the use of web-based meetings as this could lead to vulnerable client-side components being installed, or a malicious third party gaining read-write control over an internal workstation. B. Hire an outside consultant firm to perform both a quantitative and a qualitative risk-based assessment. Based on the outcomes, if any risks are identified then do not allow web-based meetings. If no risks are identified then go forward and allow for these meetings to occur. C. Allow the use of web-based meetings, but put controls in place to ensure that the use of these meetings is logged and tracked. D. Evaluate several meeting providers. Ensure that client-side components do not introduce undue security risks. Ensure that the read-write desktop mode can either be prevented or strongly audited. Answer: D

CAS-002 Dumps

CAS-002 Exam Questions

CAS-002 New Questions

CAS-002 VCE

CAS-002 PDF

Get Full Version CAS-002 Q&As From Lead2pass: https://www.lead2pass.com/cas-002.html

Lead2pass CompTIA CAS-002 Latest Exam Dumps (161-170)  

CAS-002 dumps full version (PDF&VCE): https://www.lead2pass.com/cas-002.html Large amount of free CAS-002 exam questions on Google Drive: ht...

Lead2pass CompTIA CAS-002 Latest Exam Dumps (161-170)  

CAS-002 dumps full version (PDF&VCE): https://www.lead2pass.com/cas-002.html Large amount of free CAS-002 exam questions on Google Drive: ht...

Advertisement