CAS-002 Exam Questions

Which of the following devices allows telephone calls to be made over an IP network such as the Internet instead of the ordinary PSTN system?

___________is defined as maintaining ongoing awareness of information.

Which of the following statements are true about distributed computing? Each correct answer represents a complete solution. Choose all that apply.

Compliance is described as dutifulness, obligingness, pliability, tolerance, and tractability. Which of the following are multitude of standards that a project must comply? Each co...

Which of the following are examples of privilege escalation? Each correct answer represents a complete solution. Choose two.

Which of the following statements are true about Continuous Monitoring? Each correct answer represents a complete solution. Choose all that apply.

Which of the following arise every time an application takes a user-supplied data and sends it to a Web browser without first confirming or encoding the content?

What is the goal of a black-box penetration testing?

You work as a Network Administrator for uCertify Inc. You want the clients and servers in your organization to be able to communicate in a way that prevents eavesdropping and tampe...

David works as a Network Administrator for a large company. The company recently decided to extend their intranet access, to allow trusted third party vendors access to the corpora...

Which of the following are the functions of a network security administrator? Each correct answer represents a complete solution. Choose three.

Which of the following situations would incline you to use a vulnerability scanner?

What would dictate the degree of association between elements, methods of access, processing alternatives, and the organization of data elements?

John is in charge of setting up an infrastructure which includes flammable liquids. Which of the following Fire extinguisher types should he use in case of a fire emergency?

Eddie is discussing with his brother-in-law his company's trade secrets, healthcare information, programming code, and information that keeps the company competitive. What type of...

John wants to measure the network utilization factor of his network, that is, the ratio of current network traffic to the maximum traffic that a port can handle. Which of the follo...

Which of the following access control models uses a subject and object label?

What are mandatory activities, actions, or rules?

David is a Security Administrator at his organization. He is trying to prevent unauthorized access of the corporate wireless network by people passing by. What kind of wireless net...

John is a Network Security Administrator at his organization. The company plans to establish secure connections between the company's headquarters and branch offices. Which of the...

Ryan is inserting data inside of an ICMP packet to communicate to an already comprised system. What is Ryan doing?

which of the following is the randomness collected by an operating system or application for use in cryptography or other uses that require random data?

Mary is a new security administrator. She wants to focus most of her efforts on the areas that have the greatest risk. Which of the following areas poses the greatest risk?

Which of the following is SAN management software and is designed for cross-platform workgroup collaboration?

Which of the following terms is about communicating the user's need and ability to communicate, and the medium through which that communication may occur?

A user has entered a user name and password at the beginning of the session, and accesses multiple applications. He does not need to re-authenticate for accessing each application....

Which of the following stages are involved in the successful implementation of a collaboration platform? Each correct answer represents a part of the solution. Choose two.

Mark works as a Network Security Administrator for uCertify Inc. The organization is using an intranet to distribute information to its employees. A database residing on the networ...

Denial of service attacks are quite common. Whether it is an ICMP flood, Syn Flood, or SMURF attack, they all are based on the concept of________.

Allen is using a security feature that ensures that if hackers want to compromise a private key, they will only be able to access data in transit protected by that key and not any...

Information security continuous monitoring is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk manageme...

Which of the following is the most secure authentication scheme and uses a public key cryptography and digital certificate to authenticate a user?

Risk analysis provides the higher management the details necessary to determine the risks that should be mitigated, transferred, and accepted. What are the various stages in the ri...

Which of the following is an XML-based framework developed by OASIS and used to exchange user, resource and service provisioning information between cooperating organizations?

Juan is working as a Security Administrator for a credit card processing company. He is concerned about PCI compliance and so, he uses network segmentation. How does segmentation h...

You work as a System Administrator for uCertify Inc. The company has a Windows-based network. A user requests you to provide him instructions regarding the installation of applicat...

Which of the following statements are true about Fibre Channel over Ethernet (FCoE)? Each correct answer represents a complete solution. Choose three.

Which of the following statements are true about audit findings? Each correct answer represents a complete solution. Choose all that apply.

Which of the following is an automated software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program?

In which of the following activities an organization identifies and prioritizes technical, organizational, procedural, administrative, and physical security weaknesses?

Cloud computing is significantly impacting the definition of network perimeters. Which of the following is NOT a network perimeter issue with cloud computing?

You work as a Network Administrator for uCertify Inc. You want to allow some users to access a particular program on the computers in the network. What will you do to accomplish th...

Which of the following types of Incident Response Teams (IRT) is responsible for a logical or physical segment of the infrastructure, usually of a large organization or one that is...

Allen is a network administrator for a hosting company. Multiple different companies store data on the same server. Which of the following is the best method to reduce security iss...

End point security is an information security concept that assumes that each device (end point) is responsible for its own security. Which of the following tools are examples of en...

Which of the following refers to an operating system that provides sufficient support for multilevel security and evidence of correctness to meet a particular set of government req...

Which of the following processes is used to ensure that standardized methods and procedures are used for efficient handling of all changes?

Which of the following protocols will you use to query and modify information stored within directory services?

Mary is responsible for getting rid of old hard drives that are no longer used. It is important that all data be removed from the drive and none recoverable, but that the drive sti...

You work as a Desktop Support Technician for uCertify Inc. A user reports that the security log on his Windows 7 computer is full. After analyzing, you observe that the security lo...