CompTIA Advanced Security Practitioner (CASP) Recertification Exam for Continuing Education - RC0-C02무료 덤프문제 풀어보기
Which of the following technologies prevents an unauthorized HBA from viewing iSCSI target information?
정답: A
설명: (Fast2test 회원만 볼 수 있음)
A large corporation which is heavily reliant on IT platforms and systems is in financial difficulty and needs to drastically reduce costs in the short term to survive. The Chief Financial Officer (CFO) has mandated that all IT and architectural functions will be outsourced and a mixture of providers will be selected. One provider will manage the desktops for five years, another provider will manage the network for ten years, another provider will be responsible for security for four years, and an offshore provider will perform day to day business processing functions for two years. At the end of each contract the incumbent may be renewed or a new provider may be selected. Which of the following are the MOST likely risk implications of the CFO's business decision?
정답: D
A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE).
정답: A,C,E
A security administrator has noticed that an increased number of employees' workstations are becoming infected with malware. The company deploys an enterprise antivirus system as well as a web content filter, which blocks access to malicious web sites where malware files can be downloaded. Additionally, the company implements technical measures to disable external storage.
Which of the following is a technical control that the security administrator should implement next to reduce malware infection?
Which of the following is a technical control that the security administrator should implement next to reduce malware infection?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
A security policy states that all applications on the network must have a password length of eight characters. There are three legacy applications on the network that cannot meet this policy. One system will be upgraded in six months, and two are not expected to be upgraded or removed from the network.
Which of the following processes should be followed?
Which of the following processes should be followed?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
A security administrator is assessing a new application. The application uses an API that is supposed to encrypt text strings that are stored in memory. How might the administrator test that the strings are indeed encrypted in memory?
정답: D
설명: (Fast2test 회원만 볼 수 있음)
A firm's Chief Executive Officer (CEO) is concerned that IT staff lacks the knowledge to identify complex vulnerabilities that may exist in a payment system being internally developed. The payment system being developed will be sold to a number of organizations and is in direct competition with another leading product. The CEO highlighted that code base confidentiality is of critical importance to allow the company to exceed the competition in terms of the product's reliability, stability, and performance. Which of the following would provide the MOST thorough testing and satisfy the CEO's requirements?
정답: C
설명: (Fast2test 회원만 볼 수 있음)
A Security Administrator has some concerns about the confidentiality of data when using SOAP.
Which of the following BEST describes the Security Administrator's concerns?
Which of the following BEST describes the Security Administrator's concerns?
정답: D
An extensible commercial software system was upgraded to the next minor release version to patch a security vulnerability. After the upgrade, an unauthorized intrusion into the system was detected.
The software vendor is called in to troubleshoot the issue and reports that all core components were updated properly. Which of the following has been overlooked in securing the system? (Select TWO).
The software vendor is called in to troubleshoot the issue and reports that all core components were updated properly. Which of the following has been overlooked in securing the system? (Select TWO).
정답: B,C
설명: (Fast2test 회원만 볼 수 있음)
A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extra net site, accessible only from retail stores and the corporate office over a split tunnel
VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN.
Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic.
After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?
VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN.
Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic.
After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?
정답: D
설명: (Fast2test 회원만 볼 수 있음)
An organization is selecting a Saas provider to replace its legacy, in house Customer Resource
Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?
Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?
정답: D
설명: (Fast2test 회원만 볼 수 있음)
The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief
Security Officer's (CSO) request to harden the corporate network's perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following
BEST explains why this company should proceed with protecting its corporate network boundary?
Security Officer's (CSO) request to harden the corporate network's perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following
BEST explains why this company should proceed with protecting its corporate network boundary?
정답: B
설명: (Fast2test 회원만 볼 수 있음)
A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user continue to operate on the network as normal. However, they would like to have a copy of any communications from the user involving certain key terms. Additionally, the law enforcement agency has requested that the user's ongoing communication be retained in the user's account for future investigations. Which of the following will BEST meet the goals of law enforcement?
정답: C
설명: (Fast2test 회원만 볼 수 있음)
A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect? (Select TWO).
정답: C,D
설명: (Fast2test 회원만 볼 수 있음)