[May 2018] CAS-002 Exam Dumps Free Download In Lead2pass 100% CAS-002 Exam Questions 900q

Lead2pass CAS-002 Exam Dumps New Updated By CompTIA Official Exam Center:

https://www.lead2pass.com/cas-002.html

QUESTION 31
The Chief Executive Officer (CEO) of a corporation decided to move all email to a cloud computing environment.
The Chief Information Security Officer (CISO) was told to research the risk involved in this environment.
Which of the following measures should be implemented to minimize the risk of hosting email in the cloud?

A.    Remind users that all emails with sensitive information need be encrypted and physically
inspect the cloud computing.
B.    Ensure logins are over an encrypted channel and obtain an NDA and an SLA from the
cloud provider.
C.    Ensure logins are over an encrypted channel and remind users to encrypt all emails that
contain sensitive information.
D.    Obtain an NDA from the cloud provider and remind users that all emails with sensitive
information need be encrypted.

Answer: B

QUESTION 32
Due to a new regulation, a company has to increase active monitoring of security-related events to 24 hours a day.
The security staff only has three full time employees that work during normal business hours. Instead of hiring new security analysts to cover the remaining shifts necessary to meet the monitoring requirement, the Chief Information Officer (CIO) has hired a Managed Security Service (MSS) to monitor events.
Which of the following should the company do to ensure that the chosen MSS meets expectations?

A.    Develop a memorandum of understanding on what the MSS is responsible to provide.
B.    Create internal metrics to track MSS performance.
C.    Establish a mutually agreed upon service level agreement.
D.    Issue a RFP to ensure the MSS follows guidelines.

Answer: C

QUESTION 33
A system administrator needs to develop a policy for when an application server is no longer needed.
Which of the following policies would need to be developed?

A.    Backup policy
B.    De-provisioning policy
C.    Data retention policy
D.    Provisioning policy

Answer: C

QUESTION 34
After a security incident, an administrator revokes the SSL certificate for their web server www.company.com.
Later, users begin to inform the help desk that a few other servers are generating certificate errors: ftp.company.com, mail.company.com, and partners.company.com.
Which of the following is MOST likely the reason for this?

A.    Each of the servers used the same EV certificate.
B.    The servers used a wildcard certificate.
C.    The web server was the CA for the domain.
D.    Revoking a certificate can only be done at the domain level.

Answer: B

QUESTION 35
A wholesaler has decided to increase revenue streams by selling direct to the public through an on-line system.
Initially this will be run as a short term trial and if profitable, will be expanded and form part of the day to day business.
The risk manager has raised two main business risks for the initial trial:

1. IT staff has no experience with establishing and managing secure on-line credit card processing.
2. An internal credit card processing system will expose the business to additional compliance requirements.

Which of the following is the BEST risk mitigation strategy?

A.    Transfer the risks to another internal department, who have more resources to accept the
risk.
B.    Accept the risks and log acceptance in the risk register.
Once the risks have been accepted close them out.
C.    Transfer the initial risks by outsourcing payment processing to a third party service provider.
D.    Mitigate the risks by hiring additional IT staff with the appropriate experience and
certifications.

Answer: C

QUESTION 36
An administrator notices the following file in the Linux server’s /tmp directory.

-rwsr-xr-x. 4 root root 234223 Jun 6 22:52 bash*

Which of the following should be done to prevent further attacks of this nature?

A.    Never mount the /tmp directory over NFS
B.    Stop the rpcidmapd service from running
C.    Mount all tmp directories nosuid, noexec
D.    Restrict access to the /tmp directory

Answer: C

QUESTION 37
Company GHI consolidated their network distribution so twelve network VLANs would be available over dual fiber links to a modular L2 switch in each of the company’s six IDFs.
The IDF modular switches have redundant switch fabrics and power supplies.
Which of the following threats will have the GREATEST impact on the network and what is the appropriate remediation step?

A.    Threat: 802.1q trunking attack
Remediation: Enable only necessary VLANs for each port
B.    Threat: Bridge loop
Remediation: Enable spanning tree
C.    Threat: VLAN hopping
Remediation: Enable only necessary VLANs for each port
D.    Threat: VLAN hopping
Remediation: Enable ACLs on the IDF switch

Answer: B

QUESTION 38
Within an organization, there is a known lack of governance for solution designs.
As a result there are inconsistencies and varying levels of quality for the artifacts that are produced.
Which of the following will help BEST improve this situation?

A.    Ensure that those producing solution artifacts are reminded at the next team meeting that
quality is important.
B.    Introduce a peer review process that is mandatory before a document can be officially
made final.
C.    Introduce a peer review and presentation process that includes a review board with representation from relevant disciplines.
D.    Ensure that appropriate representation from each relevant discipline approves of the solution documents before official approval.

Answer: C

QUESTION 39
An administrator of a secure web server has several clients with top security clearance and prefers security over performance.
By default, which of the following cipher suites would provide strong security, but at the same time the worst performance?

A.    3DES-SHA
B.    DES-MD5
C.    Camellia-SHA
D.    RC4-MD5

Answer: A

QUESTION 40
Corporate policy states that the systems administrator should not be present during system audits.
The security policy that states this is:

A.    Separation of duties.
B.    Mandatory vacation.
C.    Non-disclosure agreement.
D.    Least privilege.

Answer: A

CAS-002 dumps full version (PDF&VCE): https://www.lead2pass.com/cas-002.html

Large amount of free CAS-002 exam questions on Google Drive: https://drive.google.com/open?id=13j5iOL_XYuK24xlefcIzTQtqmeQfLY7K

Continue Reading

[May 2018] Free Lead2pass CompTIA 220-902 PDF Dumps With The Latest Update Exam Questions 1236q

Free Lead2pass CompTIA 220-902 PDF Exam Questions And Answers Download:

https://www.lead2pass.com/220-902.html

QUESTION 31
After several passes with a malware removal program, the program keeps detecting the same malware infection after a reboot. Which of the following should be done to attempt to remove the offending malware?

A.    Run the malware removal program while disconnected from the Internet
B.    Run the malware removal program in Windows Safe Mode
C.    Reinstall the malware removal program from a trusted source
D.    Set the malware removal program to run each time the computer is rebooted

Continue Reading

[May 2018] Easily Pass 220-901 Exam With Lead2pass New CompTIA 220-901 Brain Dumps 1346q

Easily Pass 220-901 Exam With Lead2pass Updated CompTIA 220-901 Dumps:

https://www.lead2pass.com/220-901.html

QUESTION 31
A customer has purchased a 1TB internal hard drive. The customer would like to have it installed as a data drive in their existing system. The technician discovers there is no spare power supply connector for the new hard drive. Which of the following would enable the technician to EASILY accomplish the task? (Select TWO).

A.    Replace the existing hard drive.
B.    Replace the power supply.
C.    Remove the floppy disk.
D.    Remove the CD-ROM.
E.    Split an existing power connection.

Continue Reading

[April 2018] Lead2pass CompTIA SY0-501 Latest Exam Dumps Download 250q

Lead2pass SY0-501 Exam Questions Free Download:

https://www.lead2pass.com/sy0-501.html

QUESTION 31
Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select TWO).

A.    Rainbow table attacks greatly reduce compute cycles at attack time.
B.    Rainbow tables must include precompiled hashes.
C.    Rainbow table attacks do not require access to hashed passwords.
D.    Rainbow table attacks must be performed on the network.
E.    Rainbow table attacks bypass maximum failed login restrictions.

Answer: BE

QUESTION 32
Which of the following BEST describes a routine in which semicolons, dashes, quotes, and commas are removed from a string?

A.    Error handling to protect against program exploitation
B.    Exception handling to protect against XSRF attacks
C.    Input validation to protect against SQL injection
D.    Padding to protect against string buffer overflows

Answer: C

QUESTION 33
Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?

A.    Roll back changes in the test environment
B.    Verify the hashes of files
C.    Archive and compress the files
D.     Update the secure baseline

Answer: A

QUESTION 34
Which of the following cryptographic attacks would salting of passwords render ineffective?

A.    Brute force
B.    Dictionary
C.    Rainbow tables
D.     Birthday

Answer: B

QUESTION 35
A network administrator wants to implement a method of securing internal routing.
Which of the following should the administrator implement?

A.    DMZ
B.    NAT
C.    VPN
D.    PAT

Answer: C

QUESTION 36
Which of the following types of keys is found in a key escrow?

A.    Public
B.    Private
C.    Shared
D.    Session

Answer: D

QUESTION 37
A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?

A.    Botnet
B.    Ransomware
C.    Polymorphic malware
D.    Armored virus

Answer: A

QUESTION 38
A company is currently using the following configuration:

* IAS server with certificate-based EAP-PEAP and MSCHAP
* Unencrypted authentication via PAP

A security administrator needs to configure a new wireless setup with the following configurations:

* PAP authentication method
* PEAP and EAP provide two-factor authentication

Which of the following forms of authentication are being used? (Select TWO).

A.    PAP
B.    PEAP
C.    MSCHAP
D.    PEAP-MSCHAP
E.    EAP
F.    EAP-PEAP

Answer: AF

QUESTION 39
A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?

A.    It can protect multiple domains
B.    It provides extended site validation
C.    It does not require a trusted certificate authority
D.    It protects unlimited subdomains

Answer: B

QUESTION 40
After a merger between two companies a security analyst has been asked to ensure that the organization’s systems are secured against infiltration by any former employees that were terminated during the transition.
Which of the following actions are MOST appropriate to harden applications against infiltration by former employees? (Select TWO)

A.    Monitor VPN client access
B.    Reduce failed login out settings
C.    Develop and implement updated access control policies
D.    Review and address invalid login attempts
E.    Increase password complexity requirements
F.    Assess and eliminate inactive accounts

Answer: CF

SY0-501 dumps full version (PDF&VCE): https://www.lead2pass.com/sy0-501.html

Large amount of free SY0-501 exam questions on Google Drive: https://drive.google.com/open?id=1Hm6GQHDVOsEnyhNf3EHqIGEtor5IUsfu

You may also need:

SY0-401 exam dumps: https://drive.google.com/open?id=0B3Syig5i8gpDLXZsWm9MWmh0a0E

Continue Reading

[April 2018] Free Version Lead2pass CompTIA SY0-401 PDF Dumps With Exam Questions Download 1868q

Lead2pass 100% Valid SY0-401 Exam Questions PDF Free Download:

https://www.lead2pass.com/sy0-401.html

QUESTION 21
The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?

A.    Implicit deny
B.    VLAN management
C.    Port security
D.    Access control lists

Continue Reading

[April 2018] Lead2pass PK0-004 New Questions For Passing The PK0-004 Certification Exam 115q

Lead2pass CompTIA New Exam PK0-004 VCE Files Free Instant Download:

https://www.lead2pass.com/pk0-004.html

QUESTION 21
Which of the following is a definition of an RFP?

A.    A document sent to potential vendors to solicit a bid for a project
B.    A document sent to potential vendors to request information for skills and experience for a project
C.    A document sent to potential vendors to request a commitment for a project
D.    A document sent to potential vendors to solicit information that excludes pricing information for a project

Continue Reading

[April 2018] CompTIA Exam N10-006 PDF Dump Free Download In Lead2pass 1521q

Lead2pass N10-006 New Questions For Passing The N10-006 Certification Exam:

https://www.lead2pass.com/n10-006.html

QUESTION 21
A technician wants to separate networks on a switch. Which of the following should be configured to allow this?

A.    VLAN
B.    Trunking
C.    Spanning tree
D.    Traffic filtering

Continue Reading

[April 2018] Free Download Of Lead2pass CS0-001 Real Exam Questions 85q

Free Downloading CS0-001 Exam Dumps PDF From Lead2pass:

https://www.lead2pass.com/cs0-001.html

QUESTION 21
Review the following results:

211

Which of the following has occurred?

A.    This is normal network traffic.
B.    123.120.110.212 is infected with a Trojan.
C.    172.29.0.109 is infected with a worm.
D.    172.29.0.109 is infected with a Trojan.

Answer: A

QUESTION 22
A security analyst is creating baseline system images to remediate vulnerabilities found in different operating systems. Each image needs to be scanned before it is deployed.
The security analyst must ensure the configurations match industry standard benchmarks and the process can be repeated frequently.
Which of the following vulnerability options would BEST create the process requirements?

A.    Utilizing an operating system SCAP plugin
B.    Utilizing an authorized credential scan
C.    Utilizing a non-credential scan
D.    Utilizing a known malware plugin

Answer: A

QUESTION 23
A network technician is concerned that an attacker is attempting to penetrate the network, and wants to set a rule on the firewall to prevent the attacker from learning which IP addresses are valid on the network. Which of the following protocols needs to be denied?

A.    TCP
B.    SMTP
C.    ICMP
D.    ARP

Answer: C

QUESTION 24
An analyst wants to use a command line tool to identify open ports and running services on a host along with the application that is associated with those services and port.
Which of the following should the analyst use?

A.    Wireshark
B.    Qualys
C.    netstat
D.    nmap
E.    ping

Answer: C

QUESTION 25
In order to meet regulatory compliance objectives for the storage of PHI, vulnerability scans must be conducted on a continuous basis.
The last completed scan of the network returned 5,682 possible vulnerabilities.
The Chief Information Officer (CIO) would like to establish a remediation plan to resolve all known issues.
Which of the following is the BEST way to proceed?

A.    Attempt to identify all false positives and exceptions, and then resolve all remaining items.
B.    Hold off on additional scanning until the current list of vulnerabilities have been resolved.
C.    Place assets that handle PHI in a sandbox environment, and then resolve all vulnerabilities.
D.    Reduce the scan to items identified as critical in the asset inventory, and resolve these issues first.

Answer: D

QUESTION 26
An administrator has been investigating the way in which an actor had been exfiltrating confidential data from a web server to a foreign host.
After a thorough forensic review, the administrator determined the server’s BIOS had been modified by rootkit installation.
After removing the rootkit and flashing the BIOS to a known good state, which of the following would BEST protect against future adversary access to the BIOS, in case another rootkit is installed?

A.    Anti-malware application
B.    Host-based IDS
C.    TPM data sealing
D.    File integrity monitoring

Answer: C

QUESTION 27
A security analyst is reviewing the following log after enabling key-based authentication.
271

Given the above information, which of the following steps should be performed NEXT to secure the system?

A.    Disable anonymous SSH logins.
B.    Disable password authentication for SSH.
C.    Disable SSHv1.
D.    Disable remote root SSH logins.

Answer: B

QUESTION 28
A cybersecurity analyst has received a report that multiple systems are experiencing slowness as a result of a DDoS attack.
Which of the following would be the BEST action for the cybersecurity analyst to perform?

A.    Continue monitoring critical systems.
B.    Shut down all server interfaces.
C.    Inform management of the incident.
D.    Inform users regarding the affected systems.

Answer: C

QUESTION 29
A security professional is analyzing the results of a network utilization report. The report includes the following information:

291

Which of the following servers needs further investigation?

A.    hr.dbprod.01
B.    R&D.file.srvr.01
C.    mrktg.file.srvr.02
D.    web.srvr.03

Answer: B

QUESTION 30
A cybersecurity analyst has several SIEM event logs to review for possible APT activity.
The analyst was given several items that include lists of indicators for both IP addresses and domains.
Which of the following actions is the BEST approach for the analyst to perform?

A.    Use the IP addresses to search through the event logs.
B.    Analyze the trends of the events while manually reviewing to see if any of the indicators match.
C.    Create an advanced query that includes all of the indicators, and review any of the matches.
D.    Scan for vulnerabilities with exploits known to have been used by an APT.

Answer: B

CS0-001 dumps full version (PDF&VCE): https://www.lead2pass.com/cs0-001.html

Large amount of free CS0-001 exam questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDSG1XT3dzV0xVbDQ

Continue Reading

[April 2018] 100% Free Lead2pass CAS-002 New Questions Download 900q

100% New Updated CAS-002 New Questions Lead2pass Helps Pass CAS-002 Exam Successfully:

https://www.lead2pass.com/cas-002.html

QUESTION 21
A company is developing a new web application for its Internet users and is following a secure coding methodology.
Which of the following methods would BEST assist the developers in determining if any unknown vulnerabilities are present?

A.    Conduct web server load tests.
B.    Conduct static code analysis.
C.    Conduct fuzzing attacks.
D.    Conduct SQL injection and XSS attacks.

Continue Reading

[2018-4-2] CV0-001 Exam Dump Free Updation Availabe In Lead2pass

Lead2pass Latest CV0-001 Free Dumps Guarantee CV0-001 Certification Exam 100% Success.v.2018-4-2.730q:

https://www.lead2pass.com/cv0-001.html

QUESTION 409
Engineers are preparing to move guests to new compute and storage infrastructure. Basic network and SAN connectivity have been established. Which of the following options are valid NEXT steps to prepare for guest migration to the new infrastructure? (Select two.)

A.    Tag the live migration VLAN on the trunk to the new servers
B.    Correctly size and provision NFS LUNs on the new storage
C.    Zone HBAs
D.    Prep mirror VMs on new hosts for data migration
E.    Tag the SAN trunks with the correct guest network VLANs

Continue Reading
1 2 3 18