CAS-002 Exam Questions

The risk manager at a small bank wants to use quantitative analysis to determine the ALE of running a business system at a location which is subject to fires during the year. A ris...

An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided...

A risk manager has decided to use like lihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approac...

An administrator is implementing a new network-based storage device. In selecting a storage protocol, the administrator would like the data in transit's integrity to be the most im...

A security administrator is tasked with increasing the availability of the storage networks while enhancing the performance of existing applications. Which of the following technol...

A system administrator has just installed a new Linux distribution. The distribution is configured to be "secure out of the box". The system administrator cannot make updates to ce...

A security solutions architect has argued consistently to implement the most secure method of encrypting corporate messages. The solution has been derided as not being cost effecti...

A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not bein...

ODBC access to a database on a network-connected host is required. The host does not have a security mechanism to authenticate the incoming ODBC connection, and the application req...

A project manager working for a large city government is required to plan and build a WAN, which will be required to host official business and public access. It is also anticipate...

In a situation where data is to be recovered from an attacker's location, which of the following are the FIRST things to capture? (Select TWO).

An information security assessor for an organization finished an assessment that identified critical issues with the human resource new employee management software application. Th...

An IT Manager is concerned about errors made during the deployment process for a new model of tablet. Which of the following would suggest best practices and configuration paramete...

An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the risks associated with malware and resulting data leakage. Given that...

An IT manager is working with a project manager to implement a new ERP system capable of transacting data between the new ERP system and the legacy system. As part of this process,...

A facilities manager has observed varying electric use on the company's metered service lines. The facility management rarely interacts with the IT department unless new equipment...

A company has a difficult time communicating between the security engineers, application developers, and sales staff. The sales staff tends to overpromise the application deliverab...

The DLP solution has been showing some unidentified encrypted data being sent using FTP to a remote server. A vulnerability scan found a collection of Linux servers that are missin...

Customers have recently reported incomplete purchase history and other anomalies while accessing their account history on the web server farm. Upon investigation, it has been deter...

A senior network security engineer has been tasked to decrease the attack surface of the corporate network. Which of the following actions would protect the external network interf...

In an effort to minimize costs, the management of a small candy company wishes to explore a cloud service option for the development of its online applications. The company does no...

An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requir...

A small company is developing a new Internet-facing web application. The security requirements are: 1. Users of the web application must be uniquely identified and authenticated. 2...

A company is trying to decide how to manage hosts in a branch location connected via a slow WAN link. The company desires to provide the same level of performance and functionality...

A multi-national company has a highly mobile workforce and minimal IT infrastructure. The company utilizes a BYOD and social media policy to integrate presence technology into glob...

A finance manager says that the company needs to ensure that the new system can "replay" data, up to the minute, for every exchange being tracked by the investment departments. The...

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development ef...

The IT Security Analyst for a small organization is working on a customer's system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the a...

The Chief Information Security Officer (CISO) at a large organization has been reviewing some security-related incidents at the organization and comparing them to current industry...

Company XYZ finds itself using more cloud-based business tools, and password management is becoming onerous. Security is important to the company; as a result, password replication...

A network engineer wants to deploy user-based authentication across the company's wired and wireless infrastructure at layer 2 of the OSI model. Company policies require that users...

A company Chief Information Officer (CIO) is unsure which set of standards should govern the company's IT policy. The CIO has hired consultants to develop use cases to test against...

A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The pro...

A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network. Vendors...