CAS-002 Exam Questions

A security manager is collecting RFQ, RFP, and RFI publications to help identify the technology trends which a government will be moving towards in the future. This information is...

An internal committee comprised of the facilities manager, the physical security manager, the network administrator, and a member of the executive team has been formed to address a...

The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of supp...

A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame as to whose fault it w...

Which of the following is the process of creating or altering the systems; and the models and methodologies that people use to develop these systems?

Which of the following is the best description of vulnerability assessment?

Which of the following is the process of salvaging data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally?

SDLC phases include a minimum set of security tasks that are required to effectively incorporate security in the system development process. Which of the following are the key secu...

You need to ensure that a session key derived from a set of long-term public and private keys will not be compromised if one of the private keys is compromised in the future?

Collaboration platform offers a set of software components and services that enable users to communicate, share information, and work together for achieving common business goals....

Which of the following standard organizations promulgates worldwide proprietary industrial and commercial standards?

Which of the following teams has the responsibility of accounting for personnel and rendering aid?

Risk assessment helps in determining the extent of potential threats and risks associated with an IT system throughout its SDLC. Which of the following steps covered by the risk as...

Which of the following features are provided by SAN for SQL servers? Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for uCertify Inc. The company has a TCP/IP based network. You have segmented the network in multiple sub networks. Which of the following advant...

You have considered the security of the mobile devices on your corporate network from viruses and malware. Now, you need to plan for remotely enforcing policies for device manageme...

You work as a Network Administrator for uCertify Inc. You need to conduct network reconnaissance, which is carried out by a remote attacker attempting to gain information or access...

Which of the following security measures would be most effective against a memory exhaustion DoS attack?

Which of the following are the reasons to use SAN? Each correct answer represents a complete solution. Choose all that apply.

Juanita is a network administrator for a large insurance company. She is concerned about the security risks posed by the employees of the company. There are very thorough and compr...

Which of the following components are contained in Xsan? Each correct answer represents a complete solution. Choose all that apply.

The Top Level Management contains the Board of Directors (BOD) and the Chief Executive Officer (CEO) or General Manager (GM) or Managing Director (MO) or President. What are the ro...

Which of the following federal regulations requires federal agencies to be able to monitor activity in a "meaningful and actionable way"?

Which of the following is frequently used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to c...

A partnership is a for profit business association of two or more persons. Which of the following statements are true about partnership? Each correct answer represents a complete s...

Which of the following is used to provide for the systematic review, retention and destruction of documents received or created in the course of business?

In which of the following level of likelihood is the threat-source highly motivated and sufficiently capable, and controls to prevent the vulnerability from being exercised are ine...

Which of the following statements are true about prototypes? Each correct answer represents a complete solution. Choose three.

Which of the following helps an employee to access his corporation's network while traveling?

Denise works as a Security Administrator for a community college. She is assessing the various risks to her network. Which of the following is not a category of risk assessment?

In which level of threats of the SAN are threats large scale attacks and difficult to prevent?

Which is the process of comparing the business processes and performance metrics including cost, cycle time, productivity, or quality?

Juan realizes that more and more employees at his company are using smart phones. He wants to assess the risk posed by these devices. Which of the following best describes the most...

Which of the following is a structured review process to analyze what happened, why it happened, and how it can be done better, by the participants and those responsible for the pr...

Which of the following elements are essential elements of a privacy policy? Each correct answer represents a complete solution. Choose two.

Which scanning is one of the more unique scan types, as it does not exactly determine whether the port is open/closed, but whether the port is filtered/unfiltered?

Dipen is looking for a method to effectively get security policies read by staff and management, which of the following is the best solution?

Mark works as a Human Resource Manager for uCertify Inc. He is responsible to hiring some new employees for the company and improving the organization's overall security by turning...

Which of the following is a flexible set of design principles used during tine phases of systems development and integration?

Which of the following statements best describe the advantages of Simple Object Access Protocol (SOAP): Each correct answer represents a complete solution. Choose three.

Which of the following refers to any system whereby things that are of value to an entity or group are monitored and maintained?

Network boundaries can be logical or physical. Which of the following are boundaries a network administrator cannot control?

Which of the following are the purposes of the Cost-benefit analysis process? Each correct answer represents a complete solution. Choose two.

Which of the following is a computer program that is designed to assess computers, computer systems, networks, or applications for weaknesses?

Mike is trying to reduce the risks posed by end user activities. He is particularly concerned about how to deal with employees who take work home. Which of the following is the mos...

Allen needs a program that injects automatically semi-random data into a program or stacks and detects bugs. What will he use?

Which of the following statements are true about network-attached storage (NAS)? Each correct answer represents a complete solution. Choose all that apply.

New technologies can pose unique and new risks that must be managed. Which of the following new technologies poses the most risk due to regulatory compliance?

Which of the following concepts are included in the security of a SAN? Each correct answer represents a complete solution. Choose all that apply.

_____________applies enterprise architecture concepts and practices in the information security domain.