CompTIA CAS-002 Exam Practice Questions (P. 4)
- Full Access (239 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #16
A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important?
- AInsecure direct object references, CSRF, Smurf
- BPrivilege escalation, Application DoS, Buffer overflow
- CSQL injection, Resource exhaustion, Privilege escalation
- DCSRF, Fault injection, Memory leaks
Correct Answer:
A
A
send
light_mode
delete
Question #17
A security administrator wants to deploy a dedicated storage solution which is inexpensive, can natively integrate with AD, allows files to be selectively encrypted and is suitable for a small number of users at a satellite office. Which of the following would BEST meet the requirement?
send
light_mode
delete
Question #18
At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO).
- AAdd guests with more memory to increase capacity of the infrastructure.
- BA backup is running on the thin clients at 9am every morning.
- CInstall more memory in the thin clients to handle the increased load while booting.
- DBooting all the lab desktops at the same time is creating excessive I/O.
- EInstall 10-Gb uplinks between the hosts and the lab to increase network capacity.
- FInstall faster SSD drives in the storage system used in the infrastructure.
- GThe lab desktops are saturating the network while booting.
- HThe lab desktops are using more memory than is available to the host systems.
Correct Answer:
DF
DF
send
light_mode
delete
Question #19
A security administrator is shown the following log excerpt from a Unix system:
2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port 37914 ssh2
2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port 37915 ssh2
2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port 37916 ssh2
2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port 37918 ssh2
2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port 37920 ssh2
2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port 37924 ssh2
Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).
2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port 37914 ssh2
2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port 37915 ssh2
2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port 37916 ssh2
2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port 37918 ssh2
2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port 37920 ssh2
2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port 37924 ssh2
Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response? (Select TWO).
- AAn authorized administrator has logged into the root account remotely.
- BThe administrator should disable remote root logins.
- CIsolate the system immediately and begin forensic analysis on the host.
- DA remote attacker has compromised the root account using a buffer overflow in sshd.
- EA remote attacker has guessed the root password using a dictionary attack.
- FUse iptables to immediately DROP connections from the IP 198.51.100.23.
- GA remote attacker has compromised the private key of the root account.
- HChange the root password immediately to a password not found in a dictionary.
Correct Answer:
CE
CE
send
light_mode
delete
Question #20
A security administrator wants to prevent sensitive data residing on corporate laptops and desktops from leaking outside of the corporate network. The company has already implemented full-disk encryption and has disabled all peripheral devices on its desktops and laptops. Which of the following additional controls MUST be implemented to minimize the risk of data leakage? (Select TWO).
- AA full-system backup should be implemented to a third-party provider with strong encryption for data in transit.
- BA DLP gateway should be installed at the company border.
- CStrong authentication should be implemented via external biometric devices.
- DFull-tunnel VPN should be required for all network communication.
- EFull-drive file hashing should be implemented with hashes stored on separate storage.
- FSplit-tunnel VPN should be enforced when transferring sensitive data.
Correct Answer:
BD
BD
send
light_mode
delete
All Pages