Instant Access CompTIA.CAS-003.v2022-06-25.q354 Actual Practice Test Engine for Free (Page 44)

Question 211

When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard.
Which of the following BEST describes why this is necessary?

A.The user is providing entropy so the application can use random data to create the key pair.
B.The application is requesting perfect forward secrecy from the user in order to create the key pair.
C.The user needs a non-repudiation data source in order for the application to generate the key pair.
D.The user is providing a diffusion point to the application to aid in creating the key pair.

Question 212

A hospital uses a legacy electronic medical record system that requires multicast for traffic between the application servers and databases on virtual hosts that support segments of the application. Following a switch upgrade, the electronic medical record is unavailable despite physical connectivity between the hypervisor and the storage being in place. The network team must enable multicast traffic to restore access to the electronic medical record. The ISM states that the network team must reduce the footprint of multicast traffic on the network.

Using the above information, on which VLANs should multicast be enabled?

A.VLAN201, VLAN202, VLAN400
B.VLAN201, VLAN202, VLAN700
C.VLAN201, VLAN202, VLAN400, VLAN680, VLAN700
D.VLAN400, VLAN680, VLAN700

Question 213

An intruder was recently discovered inside the data center, a highly sensitive area. To gain access, the intruder circumvented numerous layers of physical and electronic security measures.
Company leadership has asked for a thorough review of physical security controls to prevent this from happening again. Which of the following departments are the MOST heavily invested in rectifying the problem? (Select THREE).

A.Facilities management
B.Human resources
C.Research and development
D.Programming
E.Data center operations
F.Marketing
G.Information technology

Question 214

The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?

A.HIPS
B.UTM
C.Antivirus
D.NIPS
E.DLP

Correct Answer: A

In this question, we need to protect the workstations when connected to either the office or home network. Therefore, we need a solution that stays with the workstation when the user takes the computer home.
A HIPS (Host Intrusion Prevention System) is software installed on a host which monitors the host for suspicious activity by analyzing events occurring within that host with the aim of detecting and preventing intrusion.
Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it.
Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor network traffic and/or system activities for malicious activity. The main differences are, unlike intrusion detection systems, intrusion prevention systems are placed in-line and are able to actively prevent/block intrusions that are detected. More specifically, IPS can take such actions as sending an alarm, dropping the malicious packets, resetting the connection and/or blocking the traffic from the offending IP address.
Incorrect Answers:
B: Unified threat management (UTM) is a primary network gateway defense solution for organizations. In theory, UTM is the evolution of the traditional firewall into an all-inclusive security product able to perform multiple security functions within one single system: network firewalling, network intrusion prevention and gateway antivirus (AV), gateway anti-spam, VPN, content filtering, load balancing, data loss prevention and on-appliance reporting. However, UTM is designed to protect a network; it will not protect the user's workstations when connected to their home networks as required in this question.
C: Antivirus software will protect against attacks aided by known viruses. However, it will not protect against unknown attacks as required in this question.
D: NIPS stands for Network Intrusion Prevention Systems. A NIPS is designed to protect a network; it will not protect the user's workstations when connected to their home networks as required in this question.
E: Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. DLP does not protect against malicious attacks.
References:
http://en.wikipedia.org/wiki/Intrusion_prevention_system

Question 215

The director of sales asked the development team for some small changesto increase the usability of an application used by the sales team. Prior security reviews of the code showed no significant vulnerabilities, and since the changes were small, they were given a peer review and then pushed to the live environment.
Subsequent vulnerability scans now show numerous flaws that were not present in the previous versions of the code. Which of the following is an SDLC best practice that should have been followed?

A.Integration testing
B.Regression testing
C.Versioning
D.Continuous integration

Question 211

Question 212

Question 213

Question 214

Question 215

Download PDF File