Online Access Free CAS-002 Exam Questions

There have been some failures of the company's internal facing website. A security engineer has found the WAF to be the root cause of the failures. System logs show that the WAF has been unavailable for 14 hours over the past month, in four separate situations.
One of these situations was a two hour scheduled maintenance time, aimed at improving the stability of the WAF. Using the MTTR based on the last month's performance figures, which of the following calculations is the percentage of uptime assuming there were 722 hours in the month?

• A.98.34 percent
• B.99.72 percent
• C.98.06 percent
• D.92.24 percent

A security administrator is conducting network forensic analysis of a recent defacement of the company's secure web payment server (HTTPS). The server was compromised around the New Year's holiday when all the company employees were off. The company's network diagram is summarized below:
Internet
Gateway Firewall
IDS
Web SSL Accelerator
Web Server Farm
Internal Firewall
Company Internal Network
The security administrator discovers that all the local web server logs have been deleted.
Additionally, the Internal Firewall logs are intact but show no activity from the internal network to the web server farm during the holiday.
Which of the following is true?

• A.The security administrator must correlate the external firewall logs with the intrusion detection system logs to determine what specific attack led to the web server compromise.
• B.The security administrator must reconfigure the network and place the IDS between the SSL accelerator and the server farm to be able to determine the cause of future attacks.
• C.The security administrator should review the IDS logs to determine the source of the attack and the attack vector used to compromise the web server.
• D.The security administrator must correlate logs from all the devices in the network diagram to determine what specific attack led to the web server compromise.

A Chief Information Security Officer (CISO) of a major consulting firm has significantly increased the company's security posture; however, the company is still plagued by data breaches of misplaced assets. These data breaches as a result have led to the compromise of sensitive corporate and client data on at least 25 occasions. Each employee in the company is provided a laptop to perform company business. Which of the following actions can the CISO take to mitigate the breaches?

• A.Implement new continuous monitoring procedures.
• B.Implement an open source system which allows data to be encrypted while processed.
• C.Implement full disk encryption on all storage devices the firm owns.
• D.Reload all user laptops with full disk encryption software immediately.

As a cost saving measure, a company has instructed the security engineering team to allow all consumer devices to be able to access the network. They have asked for recommendations on what is needed to secure the enterprise, yet offer the most flexibility in terms of controlling applications, and stolen devices. Which of the following is BEST suited for the requirements?

• A.MEAP with MDM
• B.MEAP with Enterprise Appstore
• C.Enterprise Appstore with client-side VPN software
• D.MEAP with TLS

After being informed that the company DNS is unresponsive, the system administrator issues the following command from a Linux workstation:
Once at the command prompt, the administrator issues the below commanD.
Which of the following is true about the above situation?

• A.The administrator must use the sudo command in order to restart the service.
• B.The administrator used the wrong SSH port to restart the DNS server.
• C.The service did not restart because the bind command is privileged.
• D.The service was restarted correctly, but it failed to bind to the network interface.