CAS-002 무료 덤프문제 온라인 액세스

An IT manager is working with a project manager from another subsidiary of the same multinational organization. The project manager is responsible for a new software development effort that is being outsourced overseas, while customer acceptance testing will be performed in house. Which of the following capabilities is MOST likely to cause issues with network availability?

• A.Time-based access control lists
• B.ISP to ISP network jitter
• C.File-size validation
• D.End to end network encryption
• E.Source code vulnerability scanning

A security solutions architect has argued consistently to implement the most secure method of encrypting corporate messages. The solution has been derided as not being cost effective by other members of the IT department. The proposed solution uses symmetric keys to encrypt all messages and is very resistant to unauthorized decryption.
The method also requires special handling and security for all key material that goes above and beyond most encryption systems.
Which of the following is the solutions architect MOST likely trying to implement?

• A.Quantum cryptography
• B.One time pads
• C.PKI
• D.Digital rights management

A Linux security administrator is attempting to resolve performance issues with new software installed on several baselined user systems. After investigating, the security administrator determines that the software is not initializing or executing correctly. For security reasons, the company has implemented trusted operating systems with the goal of preventing unauthorized changes to the configuration baseline. The MOST likely cause of this problem is that SE Linux is set to:

• A.Enforcing mode with an incorrectly configured policy.
• B.Disabled with a correctly configured policy.
• C.Permissive mode with an incorrectly configured policy.
• D.Enforcing mode with no policy configured.

A data breach has occurred at Company A and as a result, the Chief Information Officer (CIO) has resigned. The CIO's laptop, cell phone and PC were all wiped of data per company policy. A month later, prosecutors in litigation with Company A suspect the CIO knew about the data breach long before it was discovered and have issued a subpoena requesting all the CIO's email from the last 12 months. The corporate retention policy recommends keeping data for no longer than 90 days. Which of the following should occur?

• A.Restore the CIO's email from an email server backup and provide whatever is available up to the last 12 months from the subpoena date.
• B.Inform the litigators that the CIOs information has been deleted as per corporate policy.
• C.Restore the CIO's email from an email server backup and provide the last 90 days from the date of the subpoena request.
• D.Restore the CIO's email from an email server backup and provide the last 90 days from the date of the CIO resignation.

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out to the Internet using HTTPS. Upon investigation, there have been no user logins over the previous week and the endpoint protection software is not reporting any issues. Which of the following BEST provides insight into where the compromised server collected the information?

• A.Setup a packet capture on the firewall to collect all of the server communications.
• B.Review the flow data against each server's baseline communications profile.
• C.Correlate data loss prevention logs for anomalous communications from the server.
• D.Configure the server logs to collect unusual activity including failed logins and restarted services.