CompTIA CAS-001 Additional Security Settings Practice Exam 1

Sample Questions:

Safety Partner is revising, and implementing a service-oriented architecture to replace the old, in-house software processing system, tied to the sale of the company's website. After completing the analysis of business processes, the administrator will decide on the need for services to act dynamically. The company has also had to injection of data attacks in the past and must take advantage of the mitigation properties. Based on these requirements and vulnerabilities in the past, which of the following needs to be incorporated into SOA?

Point to Point VPNs for all your company's intranet users

The seals of all the services of the data transferred.

From service to service authentication for all workflows

Two-factor authentication and a signed code

None

A number of security staff has applied regulatory and corporate governance planning a corporate network. Engineers have produced SRTM based on the work and a thorough analysis of the entire set of functional and performance requirements of the network in the declaration. Which of the following best describes the Purpose SRTM in this scenario?

In order to ensure the safety of the network are documented prior to delivery to the customer

To document the source of all the functional requirements which apply to the network

In order to facilitate performance testing meters and test plans

Allow the Earth certifiers to verify the network meets current safety standards

None

Small business hosting multiple virtualized servers to one client host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology is going to be compatible. Both the hosts connected to the shared iSCSI solution. Which of the following is a hosting company probably trying to achieve?

Increased customer access to information

Increased customer data confidentiality

To increase provisioning security

The safety of the addition of data integrity

None

Safety Partner please visit our web forensic analysis of a recent defacement company's secure web payment (https). The server was compromised around the New Year's holiday, when all of the Company's employees were off. The company's network diagram is summarized below: Internet Gateway firewall, IDS Web Accelerator SSL Web Server Farm Firewall Enterprise Internal Network Security administrator discovers that all the local web server has been removed. In addition, the internal firewall logs are intact, but do not show activity in the internal network to the web server farm during your stay. Which of the following is true?

by the security unit should be seen in the IDS logs to determine the source of the attack and attack vector used to compromise a web server.

The security administrator has to correlate the external firewall logs intrusion prevention system logs to determine what specific attack resulted in a web server

Responsible for the safety of the unit is to reconfigure the network and set the IDS between the accelerator and the SSL server farm to be able to determine the cause of future attacks

responsible for the safety of the unit must correlate logs all devices on the network diagram to determine what specific attack resulted in a web-server.

None

director of the security company has hired an outside consultant to make a security assessment of the company's network. Under the agreement, the consultant shall not transfer any data to the corporate network performance of wired and wireless security assessments. Which of the following technical means to use a consultant to determine the manufacturer and the likely operating company of wireless and wired network devices and computers connected to the corporate network?

Social engineering

protocol analyzer

Port scanner

Gray box testing

None