CAS-002 | 10 Tips For Rebirth CAS-002 dumps

New Questions 15

A WAF without customization will protect the infrastructure from which of the following attack combinations?

A. DDoS, DNS poisoning, Boink, Teardrop

B. Reflective XSS, HTTP exhaustion, Teardrop

C. SQL Injection, DOM based XSS, HTTP exhaustion

D. SQL Injection, CSRF, Clickjacking

Answer: C

New Questions 16

A new internal network segmentation solution will be implemented into the enterprise that consists of 200 internal firewalls. As part of running a pilot exercise, it was determined that it takes three changes to deploy a new application onto the network before it is operational. Security now has a significant affect on overall availability. Which of the following would be the FIRST process to perform as a result of these findings?

A. Lower the SLA to a more tolerable level and perform a risk assessment to see if the solution could be met by another solution. Reuse the firewall infrastructure on other projects.

B. Perform a cost benefit analysis and implement the solution as it stands as long as the risks are understood by the business owners around the availability issues. Decrease the current SLA expectations to match the new solution.

C. Engage internal auditors to perform a review of the project to determine why and how the project did not meet the security requirements. As part of the review ask them to review the control effectiveness.

D. Review to determine if control effectiveness is in line with the complexity of the solution. Determine if the requirements can be met with a simpler solution.

Answer: D

New Questions 17

A security administrator at Company XYZ is trying to develop a body of knowledge to enable heuristic and behavior based security event monitoring of activities on a geographically distributed network. Instrumentation is chosen to allow for monitoring and measuring the network. Which of the following is the BEST methodology to use in establishing this baseline?

A. Model the network in a series of VMs; instrument the systems to record comprehensive metrics; run a large volume of simulated data through the model; record and analyze results; document expected future behavior.

B. Completely duplicate the network on virtual machines; replay eight hours of captured corporate network traffic through the duplicate network; instrument the network; analyze the results; document the baseline.

C. Instrument the operational network; simulate extra traffic on the network; analyze net flow information from all network devices; document the baseline volume of traffic.

D. Schedule testing on operational systems when users are not present; instrument the systems to log all network traffic; monitor the network for at least eight hours; analyze the results; document the established baseline.

Answer: A

New Questions 18

A vulnerability scanner report shows that a client-server host monitoring solution operating in the credit card corporate environment is managing SSL sessions with a weak algorithm which does not meet corporate policy. Which of the following are true statements? (Select TWO).

A. The X509 V3 certificate was issued by a non trusted public CA.

B. The client-server handshake could not negotiate strong ciphers.

C. The client-server handshake is configured with a wrong priority.

D. The client-server handshake is based on TLS authentication.

E. The X509 V3 certificate is expired.

F. The client-server implements client-server mutual authentication with different certificates.

Answer: B,C

New Questions 19

A small company is developing a new Internet-facing web application. The security requirements are:

A. Use OpenID and allow a third party to authenticate users.

B. Use TLS with a shared client certificate for all users.

C. Use SAML with federated directory services.

D. Use Kerberos and browsers that support SAML.

Answer: A

New Questions 20

As part of the ongoing information security plan in a large software development company, the Chief Information officer (CIO) has decided to review and update the companyu2021s privacy policies and procedures to reflect the changing business environment and business requirements.

Training and awareness of the new policies and procedures has been incorporated into the security awareness program which should be:

A. presented by top level management to only data handling staff.

B. customized for the various departments and staff roles.

C. technical in nature to ensure all development staff understand the procedures.

D. used to promote the importance of the security department.

Answer: B

New Questions 21

In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).

A. Provide free email software for personal devices.

B. Encrypt data in transit for remote access.

C. Require smart card authentication for all devices

D. Implement NAC to limit insecure devices access.

E. Enable time of day restrictions for personal devices.

Answer:: B,D

New Questions 22

The Information Security Officer (ISO) is reviewing new policies that have been recently made effective and now apply to the company. Upon review, the ISO identifies a new requirement to implement two-factor authentication on the companyu2021s wireless system. Due to budget constraints, the company will be unable to implement the requirement for the next two years. The ISO is required to submit a policy exception form to the Chief Information Officer (CIO). Which of the following are MOST important to include when submitting the exception form? (Select THREE).

A. Business or technical justification for not implementing the requirements.

B. Risks associated with the inability to implement the requirements.

C. Industry best practices with respect to the technical implementation of the current controls.

D. All section of the policy that may justify non-implementation of the requirements.

A. E. A revised DRP and COOP plan to the exception form.

F. Internal procedures that may justify a budget submission to implement the new requirement.

G. Current and planned controls to mitigate the risks.

Answer: A,B,G

New Questions 23

Wireless users are reporting issues with the companyu2021s video conferencing and VoIP systems. The security administrator notices internal DoS attacks from infected PCs on the network causing the VoIP system to drop calls. The security administrator also notices that the SIP servers are unavailable during these attacks. Which of the following security controls will MOST likely mitigate the VoIP DoS attacks on the network? (Select TWO).

A. Install a HIPS on the SIP servers

B. Configure 802.1X on the network

C. Update the corporate firewall to block attacking addresses

A. D. Configure 802.11e on the network

E. Configure 802.1q on the network

Answer: A,D

New Questions 24

Company XYZ has transferred all of the corporate servers, including web servers, to a cloud hosting provider to reduce costs. All of the servers are running unpatched, outdated versions of Apache. Furthermore, the corporate financial data is also hosted by the cloud services provider, but it is encrypted when not in use. Only the DNS server is configured to audit user and administrator actions and logging is disabled on the other virtual machines. Given this scenario, which of the following is the MOST significant risk to the system?

A. All servers are unpatched and running old versions.

B. Financial data is processed without being encrypted.

C. Logging is disabled on critical servers.

D. Server services have been virtualized and outsourced.

Answer: A