An organization recently upgraded its wireless infrastructure to support WPA2 and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only WEP compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the WPA2 requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?
A. Create a separate SSID and WEP key to support the legacy clients and enable detection of rogue APs.
B. Create a separate SSID and WEP key on a new network segment and only allow required communication paths.
C. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.
D. Create a separate SSID and require the use of dynamic WEP keys.
A database is hosting information assets with a computed CIA aggregate value of high. The database is located within a secured network zone where there is flow control between the client and datacenter networks. Which of the following is the MOST likely threat?
A. Inappropriate administrator access
B. Malicious code
C. Internal business fraud
D. Regulatory compliance
An organization must comply with a new regulation that requires the organization to determine if an external attacker is able to gain access to its systems from outside the network. Which of the following should the company conduct to meet the regulation's criteria?
A. Conduct a compliance review
B. Conduct a vulnerability assessment
C. Conduct a black box penetration test
D. Conduct a full system audit
A company is developing a new web application for its Internet users and is following a secure coding methodology. Which of the following methods would BEST assist the developers in determining if any unknown vulnerabilities are present?
A. Conduct web server load tests.
B. Conduct static code analysis.
C. Conduct fuzzing attacks.
D. Conduct SQL injection and XSS attacks.
The Chief Information Officer (CIO) comes to the security manager and asks what can be done to reduce the potential of sensitive data being emailed out of the company. Which of the following is an active security measure to protect against this threat?
A. Require a digital signature on all outgoing emails.
B. Sanitize outgoing content.
C. Implement a data classification policy.
D. Implement a SPAM filter.
A small bank is introducing online banking to its customers through its new secured website. The firewall has three interfaces: one for the Internet connection, another for the DMZ, and the other for the internal network. Which of the following will provide the MOST protection from all likely attacks on the bank?
A. Implement NIPS inline between the web server and the firewall.
B. Implement a web application firewall inline between the web server and the firewall.
C. Implement host intrusion prevention on all machines at the bank.
D. Configure the firewall policy to only allow communication with the web server using SSL.
A manufacturing company is having issues with unauthorized access and modification of the controls operating the production equipment. A communication requirement is to allow the free flow of data between all network segments at the site. Which of the following BEST remediates the issue?
A. Implement SCADA security measures.
B. Implement NIPS to prevent the unauthorized activity.
C. Implement an AAA solution.
D. Implement a firewall to restrict access to only a single management station.
Employees have recently requested remote access to corporate email and shared drives. Remote access has never been offered; however, the need to improve productivity and rapidly responding to customer demands means staff now requires remote access. Which of the following controls will BEST protect the corporate network?
A. Develop a security policy that defines remote access requirements. Perform regular audits of user accounts and reviews of system logs.
B. Secure remote access systems to ensure shared drives are read only and access is provided through a SSL portal. Perform regular audits of user accounts and reviews of system logs.
C. Plan and develop security policies based on the assumption that external environments have active hostile threats.
D. Implement a DLP program to log data accessed by users connecting via remote access. Regularly perform user revalidation.
The IT department of a large telecommunications company has developed and finalized a set of security solutions and policies which have been approved by upper management for deployment within the company. During the development of the security solutions and policies, the FIRST thing the IT department should have done was:
A. contact vendor management so the RFI and RFP process can be started as soon as possible.
B. contact an independent consultant who can tell them what policies and solutions they need.
C. discuss requirements with stakeholders from the various internal departments.
D. involve facilities management early in the project so they can plan for the new security hardware in the data center.
A production server has been compromised. Which of the following is the BEST way to preserve the non- volatile evidence?
A. Shut the server down and image the hard drive.
B. Remove all power sources from the server.
C. Install remote backup software and copy data to write-once media.
D. Login remotely and perform a full backup of the server.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-002 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.