You Should Get A Set Of Passleader CAS-001 VCE Dumps For Passing Exam Quickly (41-60)

The Chief Information Security Officer (CISO) is
researching ways to reduce the risk associated with administrative access of six
IT staff members while enforcing separation of duties. In the case where an IT
staff member is absent, each staff member should be able to perform all the
necessary duties of their IT co-workers. Which of the following policies should
the CISO implement to reduce the risk?

A.    Require the use of an unprivileged account, and a second
shared account only for administrative purposes.
B.    Require role-based
security on primary role, and only provide access to secondary roles on a case-
by-case basis.
C.    Require separation of duties ensuring no single
administrator has access to all systems.
D.    Require on-going auditing of
administrative activities, and evaluate against risk-based metrics.

Answer: B

A company has a primary DNS server at address and a secondary server at An administrator wants to
secure a company by only allowing secure zone transfers to the secondary server.
Which of the following should appear in the primary DNS configuration file to
accomplish this?

A.    key company-key.{
algorithm hmac-rc4;
allow transfer {;
B.    key company-key.{
algorithm hmac-md5;
allow transfer {;
C.    key company-key.{
algorithm hmac-md5;
allow transfer {;
D.    key company-key.{
algorithm hmac-rc4;
allow transfer {;

Answer: C

An employee of a company files a complaint with
a security administrator. While sniffing network traffic, the employee discovers
that financially confidential emails were passing between two warehouse users.
The two users deny sending confidential emails to each other. Which of the
following security practices would allow for non-repudiation and prevent network
sniffers from reading the confidential mail? (Select TWO).

A.    Transport encryption
B.    Authentication
C.    Digital signature
D.    Legal mail hold
E.    TSIG code

Answer: AC

An administrator of a secure web server has
several clients with top security clearance and prefers security over
performance. By default, which of the following cipher suites would provide
strong security, but at the same time the worst performance?

A.    3DES – SHA
B.    DES – MD5
C.    Camellia –
D.    RC4 – MD5

Answer: A

An administrator wants to integrate the
Credential Security Support Provider (CredSSP) protocol network level
authentication (NLA) into the remote desktop terminal services environment.
Which of the following are supported authentication or encryption methods to use
while implementing this? (Select THREE).

A.    Kerberos
B.    NTLM
E.    TLS
F.    HMAC
G.    Camellia

Answer: ABE

A systems security consultant is hired by
Corporation X to analyze the current enterprise network environment and make
recommendations for increasing network security. It is the consultant’s first
day on the job. Which of the following network design considerations should the
consultant consider? (Select THREE).

A.    What hardware and software would work best for securing
the network?
B.    What corporate assets need to be protected?
C.    What
are the business needs of the organization?
D.    What outside threats are
most likely to compromise network security?
E.    What is the budget for this
F.    What time and resources are needed to carry out the security

Answer: BCD

The Chief Executive Officer (CEO) has asked a
security project manager to provide recommendations on the breakout of tasks for
the development of a new product. The CEO thinks that by assigning areas of work
appropriately the overall security of the product will be increased, because
staff will focus on their areas of expertise. Given the below groups and tasks
select the BEST list of assignments. Groups: Networks, Development, Project
Management, Security, Systems Engineering, Testing Tasks: Decomposing
requirements, Secure coding standards, Code stability, Functional validation,
Stakeholder engagement, Secure transport

A.    Systems Engineering. Decomposing
Development: Secure coding standards
Testing. Code
Project Management: Stakeholder engagement
Security: Secure
Networks: Functional validation
B.    Systems Engineering.
Decomposing requirements
Development: Code stability
Testing. Functional
Project Management: Stakeholder engagement
Security: Secure
coding standards
Networks: Secure transport
C.    Systems Engineering.
Functional validation
Development: Stakeholder engagement
Testing. Code
Project Management: Decomposing requirements
Security: Secure
coding standards
Networks: Secure transport
D.    Systems Engineering.
Decomposing requirements
Development: Stakeholder engagement
Testing. Code
Project Management: Functional validation
Security: Secure
coding standards
Networks: Secure transport

Answer: B

Which of the following is the MOST secure way to
ensure third party applications and introduce only acceptable risk?

A.    Line by line code review and simulation; uncovers hidden
vulnerabilities and allows for behavior to be observed with minimal
B.    Technical exchange meetings with the application’s vendor;
vendors have more in depth knowledge of the product.
C.    Pilot trial;
minimizes the impact to the enterprise while still providing services to
enterprise users.
D.    Full deployment with crippled features; allows for
large scale testing and observation of the applications security profile.

Answer: A

A software vendor has had several zero-day
attacks against its software, due to previously unknown security defects being
exploited by attackers. The attackers have been able to perform operations at
the same security level as the trusted application. The vendor product
management team has decided to re-design the application with security as a
priority. Which of the following is a design principle that should be used to
BEST prevent these types of attacks?

A.    Application sandboxing
B.    Input validation
C.    Penetration testing
D.    Code reviews

Answer: A

A new vendor product has been acquired to
replace a legacy perimeter security product. There are significant time
constraints due to the existing solution nearing end-of-life with no options for
extended support. It has been emphasized that only essential activities be
performed. Which of the following sequences BEST describes the order of
activities when balancing security posture and time constraints?

A.    Install the new solution, migrate to the new solution,
and test the new solution.
B.    Purchase the new solution, test the new
solution, and migrate to the new solution.
C.    Decommission the old
solution, install the new solution, and test the new solution.
D.    Test the
new solution, migrate to the new solution, and decommission the old

Answer: D


A bank has just outsourced the security
department to a consulting firm, but retained the security architecture group. A
few months into the contract the bank discovers that the consulting firm has
sub-contracted some of the security functions to another provider. Management is
pressuring the sourcing manager to ensure adequate protections are in place to
insulate the bank from legal and service exposures. Which of the following is
the MOST appropriate action to take?

A.    Directly establish another separate service contract with
the sub-contractor to limit the risk exposure and legal implications.
B.    Ensure the consulting firm has service agreements with the sub-contractor; if
the agreement does not exist, exit the contract when possible.
C.    Log it
as a risk in the business risk register and pass the risk to the consulting firm
for acceptance and responsibility.
D.    Terminate the contract immediately
and bring the security department in-house again to reduce legal and regulatory

Answer: B

Company XYZ has invested an increasing amount in
security due to the changing threat landscape. The company is going through a
cost cutting exercise and the Chief Financial Officer (CFO) has queried the
security budget allocated to the Chief Information Security Officer (CISO). At
the same time, the CISO is actively promoting business cases for additional
funding to support new initiatives. These initiatives will mitigate several
security incidents that have occurred due to ineffective controls. A security
advisor is engaged to assess the current controls framework and to provide
recommendations on whether preventative, detective, or corrective controls
should be implemented. How should the security advisor respond when explaining
which controls to implement?

A.    Preventative controls are useful before an event occurs,
detective controls are useful during an event, and corrective controls are
useful after an event has occurred. A combination of controls can be
B.    Corrective controls are more costly to implement, but are only
needed for real attacks or high value assets; therefore, controls should only be
put in place after a real attack has occurred.
C.    Detective controls are
less costly to implement than preventative controls; therefore, they should be
encouraged wherever possible. Corrective controls are used during an event or
security incident. Preventative controls are hard to achieve in practice due to
current market offerings.
D.    Always advise the use of preventative
controls as this will prevent security incidents from occurring in the first
place. Detective and corrective controls are redundant compensating controls and
are not required if preventative controls are implemented.

Answer: A

There has been a recent security breach which
has led to the release of sensitive customer information. As part of improving
security and reducing the disclosure of customer data, a training company has
been employed to educate staff. Which of the following should be the primary
focus of the privacy compliance training program?

A.    Explain how customer data is gathered, used, disclosed,
and managed.
B.    Remind staff of the company’s data handling policy and
have staff sign an NDA.
C.    Focus on explaining the “how” and “why”
customer data is being collected.
D.    Republish the data classification and
the confidentiality policy.

Answer: A

A new malware spreads over UDP Port 8320 and
several network hosts have been infected. A new security administrator has
determined a possible cause, and the infected machines have been quarantined.
Which of the following actions could a new security administrator take to
further mitigate this issue?

A.    Limit source ports on the firewall to specific IP
B.    Add an explicit deny-all and log rule as the final entry of
the firewall rulebase.
C.    Implement stateful UDP filtering on UDP ports
above 1024.
D.    Configure the firewall to use IPv6 by default.

Answer: B

A newly-hired Chief Information Security Officer
(CISO) is faced with improving security for a company with low morale and
numerous disgruntled employees. After reviewing the situation for several weeks
the CISO publishes a more comprehensive security policy with associated
standards. Which of the following issues could be addressed through the use of
technical controls specified in the new security policy?

A.    Employees publishing negative information and stories
about company management on social network sites and blogs.
B.    An employee
remotely configuring the email server at a relative’s company during work
C.    Employees posting negative comments about the company from
personal phones and PDAs.
D.    External parties cloning some of the
company’s externally facing web pages and creating look- alike sites.

Answer: B

A small company has recently placed a newly
installed DNS server on the DMZ and wants to secure it by allowing Internet
hosts to query the DNS server. Since the company deploys an internal DNS server,
all DNS queries to that server coming from the company network should be
blocked. An IT administrator has placed the following ACL on the company
firewall: Testing shows that the DNS server in the DMZ is not working. Which of
the following should the administrator do to resolve the problem?

A.    Modify the SRC and DST ports of ACL 1
B.    Modify the
SRC IP of ACL 1 to
C.    Modify the ACTION of ACL 2 to
D.    Modify the PROTO of ACL 1 to TCP

Answer: A

An administrator would like to connect a server
to a SAN. Which of the following processes would BEST allow for availability and
access control?

A.    Install a dual port HBA on the SAN, create a LUN on the
server, and enable deduplication and data snapshots.
B.    Install a
multipath LUN on the server with deduplication, and enable LUN masking on the
C.    Install 2 LUNs on the server, cluster HBAs on the SAN, and enable
multipath and data deduplication.
D.    Install a dual port HBA in the
server; create a LUN on the SAN, and enable LUN masking and multipath.

Answer: D

A company data center provides Internet based
access to email and web services. The firewall is separated into four
RED ZONE is an Internet zone
an email DMZ
GREEN ZONE is a management interface
There are 15 email
servers and 10 web servers. The data center administrator plugs a laptop into
the management interface to make firewall changes. The administrator would like
to secure this environment but has a limited budget. Assuming each addition is
an appliance, which of the following would provide the MOST appropriate
placement of security solutions while minimizing the expenses?

A.    RED ZONE. None
B.    RED ZONE. Virus Scanner, SPAM
C.    RED ZONE. WAF, Virus Scanner
Virus Scanner, SPAM Filter

Answer: D

An administrator implements a new PHP
application into an existing website and discovers the newly added PHP pages do
not work. The rest of the site also uses PHP and is functioning correctly. The
administrator tested the new application on their personal workstation
thoroughly before uploading to the server and did not run into any errors.
Checking the Apache configuration file, the administrator verifies that the new
virtual directory is added as listed:
DocumentRoot “/var/www”
AllowOveride none
Order allow, deny
from all
Which of the following
is MOST likely occurring so that this application does not run properly?

A.    PHP is overriding the Apache security settings.
B.    SELinux is preventing HTTP access to home directories.
C.    PHP has not been
restarted since the additions were added.
D.    The directory had an explicit
allow statement rather than the implicit deny.

Answer: B

Company GHI consolidated their network
distribution so twelve network VLANs would be available over dual fiber links to
a modular L2 switch in each of the company’s six IDFs. The IDF modular switches
have redundant switch fabrics and power supplies. Which of the following threats
will have the GREATEST impact on the network and what is the appropriate
remediation step?

A.    Threat: 802.1q trunking attack
Remediation: Enable
only necessary VLANs for each port
B.    Threat: Bridge loop
Enable spanning tree
C.    Threat: VLAN hopping
Remediation: Enable only
necessary VLANs for each port
D.    Threat: VLAN hopping
Enable ACLs on the IDF switch

Answer: B

You Should Get A Set Of Passleader CAS-001 VCE Dumps For Passing Exam Quickly