CAS-002 Exam Questions

The IT manager is evaluating IPS products to determine which would be most effective at stopping network traffic that contains anomalous content on networks that carry very specifi...

A company is in the process of implementing a new front end user interface for its customers, the goal is to provide them with more self service functionality. The application has...

What item below is not associated with Session Initiation Protocol (SIP)?

Which of the following is a feature of Asymmetric cryptography?

What provides for fault tolerance and higher performance when databases are clustered?

Which of these malicious agents are capable of distributing themselves without the use of a host file?

Networks have different types of topologies. Which topology is a single cable running the entire length of the network?

Which of the following is a term used to define a collection of software robots-or bots-that run autonomously and automatically and may harm your computer?

Which technology uses a person's physical characteristics to establish identity?

Jim's company is paying Chris's company to develop software and a third party keeps a copy of the source code. What should Jim have in place for protection?

Software development methods provide software developers and vendor guidelines for program creation. What software development method is generally implemented in scenarios requirin...

What is created when RAM and secondary storage is combined?

A security analyst is tasked to create an executive briefing, which explains the activity and motivation of a cyber adversary. Which of the following is the MOST important content...

A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corp...

The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer...

The audit department at a company requires proof of exploitation when conducting internal network penetration tests. Which of the following provides the MOST conclusive proof of co...

During a software development project review, the cryptographic engineer advises the project manager that security can be greatly improved by significantly slowing down the runtime...

A security manager has received the following email from the Chief Financial Officer (CFO): "While I am concerned about the security of the proprietary financial data in our ERP ap...

Every year, the accounts payable employee, Ann, takes a week off work for a vacation. She typically completes her responsibilities remotely during this week. Which of the following...

An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating...

A security administrator needs to deploy a remote access solution for both staff and contractors. Management favors remote desktop due to ease of use. The current risk assessment s...

A security engineer at a bank has detected a Zeus variant, which relies on covert communication channels to receive new instructions and updates from the malware developers. As a r...

A forensic analyst receives a hard drive containing malware quarantined by the antivirus application. After creating an image and determining the directory location of the malware...

A high-tech company dealing with sensitive data seized the mobile device of an employee suspected of leaking company secrets to a competitive organization. Which of the following i...

Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology....

A company has received the contract to begin developing a new suite of software tools to replace an aging collaboration solution. The original collaboration solution has been in pl...

A company has migrated its data and application hosting to a cloud service provider (CSP). To meet its future needs, the company considers an IdP. Why might the company want to sel...

A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization's customer database. The database w...

A security administrator was doing a packet capture and noticed a system communicating with an address within the 2001::/32 prefix. The network administrator confirms there is no I...

A security manager has started a new job and has identified that a key application for a new client does not have an accreditation status and is currently not meeting the complianc...

A software project manager has been provided with a requirement from the customer to place limits on the types of transactions a given user can initiate without external interactio...

Two universities are making their 802.11n wireless networks available to the other university's students. The infrastructure will pass the student's credentials back to the home sc...

A developer is determining the best way to improve security within the code being developed. The developer is focusing on input fields where customers enter their credit card detai...

The helpdesk manager wants to find a solution that will enable the helpdesk staff to better serve company employees who call with computer-related problems. The helpdesk staff is c...

An administrator is trying to categorize the security impact of a database server in the case of a security event. There are three databases on the server. Current Financial Data =...

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and t...

After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following...

A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. Ho...

An IT administrator has been tasked with implementing an appliance-based web proxy server to control external content accessed by internal staff. Concerned with the threat of corpo...

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communi...

A small company's Chief Executive Officer (CEO) has asked its Chief Security Officer (CSO) to improve the company's security posture with regard to targeted attacks. Which of the f...

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely...

Company XYZ is building a new customer facing website which must access some corporate resources. The company already has an internal facing web server and a separate server suppor...

A security engineer is a new member to a configuration board at the request of management. The company has two new major IT projects starting this year and wants to plan security i...

The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate...

The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage; and realizes this is a risk to the company....

The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users' workstations from both known and unknown malicious atta...

Joe, a hacker, has discovered he can specifically craft a webpage that when viewed in a browser crashes the browser and then allows him to gain remote code execution in the context...

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string: user@hostname...

The sales team is considering the deployment of a new CRM solution within the enterprise. The IT and Security teams are members of the project; however, neither team has expertise...