CAS-002 Exam Dumps | A security engineer is troubleshooting a possible virus infection, which may have spread to multiple

Valid CAS-002 Dumps shared by ExamDiscuss.com for Helping Passing CAS-002 Exam! ExamDiscuss.com now offer the newest CAS-002 exam dumps, the ExamDiscuss.com CAS-002 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-002 dumps with Test Engine here:

Access CAS-002 Dumps Premium Version
(465 Q&As Dumps, 35%OFF Special Discount Code: freecram)

<< Prev Question Next Question >>

Question 98/229

A security engineer is troubleshooting a possible virus infection, which may have spread to multiple desktop computers within the organization. The company implements enterprise antivirus software on all desktops, but the enterprise antivirus server's logs show no sign of a virus infection. The border firewall logs show suspicious activity from multiple internal hosts trying to connect to the same external IP address.
The security administrator decides to post the firewall logs to a security mailing list and receives confirmation from other security administrators that the firewall logs indicate internal hosts are compromised with a new variant of the Trojan.Ransomcrypt.G malware not yet detected by most antivirus software. Which of the following would have detected the malware infection sooner?

A. The security administrator should consider deploying a signature-based intrusion detection system.

B. The security administrator should consider installing a cloud augmented security service.

C. The security administrator should consider establishing an incident response team.

D. The security administrator should consider deploying enterprise forensic analysis tools.

Question List (229q): Question 1: Warehouse users are reporting performance issues at the end ...; Question 2: A Chief Information Security Officer (CISO) has requested th...; Question 3: An administrator has enabled salting for users' passwords on...; Question 4: Part of the procedure for decommissioning a database server ...; Question 5: ABC Corporation has introduced token-based authentication to...; Question 6: A large corporation which is heavily reliant on IT platforms...; Question 7: A critical system audit shows that the payroll system is not...; Question 8: The Chief Information Security Officer (CISO) of a small ban...; Question 9: An organization has implemented an Agile development process...; Question 10: A large financial company has a team of security-focused arc...; Question 11: A security researcher is about to evaluate a new secure VoIP...; Question 12: The security administrator has just installed an active\pass...; Question 13: An organization uses IP address block 203.0.113.0/24 on its ...; Question 14: A team of security engineers has applied regulatory and corp...; Question 15: A new startup company with very limited funds wants to prote...; Question 16: A corporation implements a mobile device policy on smartphon...; Question 17: An administrator has four virtual guests on a host server. T...; Question 18: After being informed that the company DNS is unresponsive, t...; Question 19: A security administrator has noticed that an increased numbe...; Question 20: The Chief Technology Officer (CTO) has decided that servers ...; Question 21: New zero-day attacks are announced on a regular basis agains...; Question 22: An administrator is notified that contract workers will be o...; Question 23: Which of the following does SAML uses to prevent government ...; Question 24: After the install process, a software application executed a...; Question 25: A small company is developing a new Internet-facing web appl...; Question 26: A security solutions architect has argued consistently to im...; Question 27: The lead systems architect on a software development project...; Question 28: A vulnerability research team has detected a new variant of ...; Question 29: An information security assessor for an organization finishe...; Question 30: A new IT company has hired a security consultant to implemen...; Question 31: An IT administrator wants to restrict DNS zone transfers bet...; Question 32: Company A is purchasing Company B Company A uses a change ma...; Question 33: Ann is testing the robustness of a marketing website through...; Question 34: A vulnerability scanner report shows that a client-server ho...; Question 35: Which of the following are components defined within an Ente...; Question 36: DRAG DROP A manufacturer is planning to build a segregated n...; Question 37: A large bank deployed a DLP solution to detect and block cus...; Question 38: The security administrator is responsible for the confidenti...; Question 39: An IT Manager is concerned about errors made during the depl...; Question 40: The Chief Information Officer (CIO) of a technology company ...; Question 41: An IT manager is working with a project manager from another...; Question 42: The security administrator is reviewing the business continu...; Question 43: A new web application system was purchased from a vendor and...; Question 44: Which of the following BEST describes the implications of pl...; Question 45: A security manager looked at various logs while investigatin...; Question 46: A senior network security engineer has been tasked to decrea...; Question 47: During an incident involving the company main database, a te...; Question 48: A security analyst, Ann, states that she believes Internet f...; Question 49: About twice a year a switch fails in a company's network cen...; Question 50: At 10:35 a.m. a malicious user was able to obtain a valid au...; Question 51: A Security Manager is part of a team selecting web conferenc...; Question 52: Two storage administrators are discussing which SAN configur...; Question 53: A large international business has completed the acquisition...; Question 54: An audit at a popular on-line shopping site reveals that a f...; Question 55: Some mobile devices are jail-broken by connecting via USB ca...; Question 56: A security engineer is implementing a new solution designed ...; Question 57: A company is preparing to upgrade its NIPS at five locations...; Question 58: A corporation has expanded for the first time by integrating...; Question 59: ABC Corporation uses multiple security zones to protect syst...; Question 60: Which of the following protocols only facilitates access con...; Question 61: Within the company, there is executive management pressure t...; Question 62: A company is trying to decide how to manage hosts in a branc...; Question 63: A Physical Security Manager is ready to replace all 50 analo...; Question 64: A facilities manager has observed varying electric use on th...; Question 65: A morphed worm carrying a 0-day payload has infiltrated the ...; Question 66: The following has been discovered in an internally developed...; Question 67: Using SSL, an administrator wishes to secure public facing s...; Question 68: A retail bank has had a number of issues in regards to the i...; Question 69: A sensitive database needs its cryptographic integrity uphel...; Question 70: A bank provides single sign on services between its internal...; Question 71: A trust relationship has been established between two organi...; Question 72: In an effort to minimize costs, the management of a small ca...; Question 73: In a situation where data is to be recovered from an attacke...; Question 74: A database administrator comes across the below records in o...; Question 75: ODBC access to a database on a network-connected host is req...; Question 76: A trucking company delivers products all over the country. T...; Question 77: The security administrator at a company has received a subpo...; Question 78: A port in a fibre channel switch failed, causing a costly do...; Question 79: A security administrator at a Lab Company is required to imp...; Question 80: SIMULATION Compliance with company policy requires a quarter...; Question 81: A pentester must attempt to crack passwords on a windows dom...; Question 82: After reviewing a company's NAS configuration and file syste...; Question 83: Company policy requires that all company laptops meet the fo...; Question 84: An organization has had six security incidents over the past...; Question 85: An organization is preparing to upgrade its firewall and NIP...; Question 86: A multi-national company has a highly mobile workforce and m...; Question 87: An IT auditor is reviewing the data classification for a sen...; Question 88: Company XYZ has had repeated vulnerability exploits of a cri...; Question 89: A risk manager has decided to use likelihood and consequence...; Question 90: A user is suspected of engaging in potentially illegal activ...; Question 91: The <nameID> element in SAML can be provided in which ...; Question 92: A security administrator is tasked with increasing the avail...; Question 93: The network administrator at an enterprise reported a large ...; Question 94: A startup company offering software on demand has hired a se...; Question 95: Company XYZ has just purchased Company ABC through a new acq...; Question 96: In order for a company to boost profits by implementing cost...; Question 97: An international shipping company discovered that deliveries...; Question 98: A security engineer is troubleshooting a possible virus infe...; Question 99: The DLP solution has been showing some unidentified encrypte...; Question 100: The organization has an IT driver on cloud computing to impr...; Question 101: A recently hired security administrator is advising develope...; Question 102: A network engineer wants to deploy user-based authentication...; Question 103: A system administrator is troubleshooting a possible denial ...; Question 104: The internal audit department is investigating a possible br...; Question 105: An organization recently upgraded its wireless infrastructur...; Question 106: A Linux security administrator is attempting to resolve perf...; Question 107: A developer is coding the crypto routine of an application t...; Question 108: The marketing department at Company A regularly sends out em...; Question 109: An organization has had component integration related vulner...; Question 110: Company XYZ has experienced a breach and has requested an in...; Question 111: A company Chief Information Officer (CIO) is unsure which se...; Question 112: An internal development team has migrated away from Waterfal...; Question 113: A company has noticed recently that its corporate informatio...; Question 114: A newly-appointed risk management director for the IT depart...; Question 115: A software developer and IT administrator are focused on imp...; Question 116: ABC Company must achieve compliance for PCI and SOX. Which o...; Question 117: A security administrator is conducting network forensic anal...; Question 118: Company XYZ plans to donate 1,000 used computers to a local ...; Question 119: -- Exhibit -- (Exhibit) -- Exhibit -- Company management has...; Question 120: A security administrator at Company XYZ is trying to develop...; Question 121: Wireless users are reporting issues with the company's video...; Question 122: During a new desktop refresh, all hosts are hardened at the ...; Question 123: A security administrator must implement a SCADA style networ...; Question 124: Several business units have requested the ability to use col...; Question 125: Company A has a remote work force that often includes indepe...; Question 126: A security services company is scoping a proposal with a cli...; Question 127: An administrator has a system hardening policy to only allow...; Question 128: An employee is performing a review of the organization's sec...; Question 129: Which of the following should be used to identify overflow v...; Question 130: A company has adopted a BYOD program. The company would like...; Question 131: A security administrator has been asked to select a cryptogr...; Question 132: Company policy requires that all unsupported operating syste...; Question 133: A security manager is developing new policies and procedures...; Question 134: An administrator receives a notification from legal that an ...; Question 135: A UNIX administrator notifies the storage administrator that...; Question 136: Joe is a security architect who is tasked with choosing a ne...; Question 137: An IT manager is working with a project manager to implement...; Question 138: A project manager working for a large city government is req...; Question 139: An enterprise must ensure that all devices that connect to i...; Question 140: An investigator wants to collect the most volatile data firs...; Question 141: A security administrator is performing VDI traffic data coll...; Question 142: A helpdesk manager at a financial company has received multi...; Question 143: The risk manager at a small bank wants to use quantitative a...; Question 144: The security administrator of a large enterprise is tasked w...; Question 145: A security manager is looking into the following vendor prop...; Question 146: An administrator believes that the web servers are being flo...; Question 147: A company provides on-demand cloud computing resources for a...; Question 148: A penetration tester is inspecting traffic on a new mobile b...; Question 149: A security administrator is redesigning, and implementing a ...; Question 150: A storage as a service company implements both encryption at...; Question 151: A system worth $100,000 has an exposure factor of eight perc...; Question 152: A hosting company provides inexpensive guest virtual machine...; Question 153: An educational institution would like to make computer labs ...; Question 154: Continuous monitoring is a popular risk reduction technique ...; Question 155: A company has a difficult time communicating between the sec...; Question 156: A large organization has gone through several mergers, acqui...; Question 157: A company's security policy states that its own internally d...; Question 158: A company receives an e-discovery request for the Chief Info...; Question 159: An administrator receives reports that the network is runnin...; Question 160: Which of the following would be used in forensic analysis of...; Question 161: A medical device manufacturer has decided to work with anoth...; Question 162: A well-known retailer has experienced a massive credit card ...; Question 163: A system administrator has just installed a new Linux distri...; Question 164: A company has implemented data retention policies and storag...; Question 165: A bank is in the process of developing a new mobile applicat...; Question 166: A WAF without customization will protect the infrastructure ...; Question 167: The latest independent research shows that cyber attacks inv...; Question 168: A finance manager says that the company needs to ensure that...; Question 169: VPN users cannot access the active FTP server through the ro...; Question 170: When attending the latest security conference, an informatio...; Question 171: A university Chief Information Security Officer is analyzing...; Question 172: In developing a new computing lifecycle process for a large ...; Question 173: Company XYZ finds itself using more cloud-based business too...; Question 174: After three vendors submit their requested documentation, th...; Question 175: A company that must comply with regulations is searching for...; Question 176: A security auditor is conducting an audit of a corporation w...; Question 177: Which of the following is the BEST place to contractually do...; Question 178: The finance department for an online shopping website has di...; Question 179: Which of the following represents important technical contro...; Question 180: An organization has several production critical SCADA superv...; Question 181: A company decides to purchase commercially available softwar...; Question 182: The telecommunications manager wants to improve the process ...; Question 183: A large enterprise introduced a next generation firewall app...; Question 184: Company ABC is planning to outsource its Customer Relationsh...; Question 185: The security manager of a company has hired an external cons...; Question 186: A bank has decided to outsource some existing IT functions a...; Question 187: An administrator is implementing a new network-based storage...; Question 188: A security administrator is tasked with securing a company's...; Question 189: A firm's Chief Executive Officer (CEO) is concerned that IT ...; Question 190: A security auditor suspects two employees of having devised ...; Question 191: DRAG DROP Company A has experienced external attacks on thei...; Question 192: A general insurance company wants to set up a new online bus...; Question 193: An external auditor has found that IT security policies in t...; Question 194: An intrusion detection system logged an attack attempt from ...; Question 195: Customer Need: "We need the system to produce a series of nu...; Question 196: The helpdesk is receiving multiple calls about slow and inte...; Question 197: A bank now has a major initiative to virtualize as many serv...; Question 198: The Chief Information Security Officer (CISO) at a large org...; Question 199: The Chief Information Security Officer (CISO) regularly rece...; Question 200: An insurance company has an online quoting system for insura...; 1 commentQuestion 201: SIMULATION Company A has noticed abnormal behavior targeting...; Question 202: The Linux server at Company A hosts a graphical application ...; Question 203: A Chief Information Security Officer (CISO) of a major consu...; Question 204: The IT Security Analyst for a small organization is working ...; Question 205: A company receives a subpoena for email that is four years o...; Question 206: A financial institution wants to reduce the costs associated...; Question 207: An architect has been engaged to write the security viewpoin...; Question 208: An accountant at a small business is trying to understand th...; Question 209: An administrator is reviewing logs and sees the following en...; Question 210: A medium-sized company has recently launched an online produ...; Question 211: Which of the following BEST explains SAML?...; Question 212: The IT director has charged the company helpdesk with saniti...; Question 213: A security administrator was recently hired in a start-up co...; Question 214: Joe, a penetration tester, is tasked with testing the securi...; Question 215: A security administrator is assessing a new application. The...; Question 216: A security tester is testing a website and performs the foll...; Question 217: A security consultant is hired by a company to determine if ...; Question 218: SIMULATION An administrator wants to install a patch to an a...; Question 219: The risk committee has endorsed the adoption of a security s...; Question 220: In single sign-on, the secondary domain needs to trust the p...; Question 221: A security architect has been engaged during the implementat...; Question 222: An Association is preparing to upgrade their firewalls at fi...; Question 223: An administrator attempts to install the package "named.9.3....; Question 224: An administrator at a small company replaces servers wheneve...; Question 225: Which of the following is an example of single sign-on?...; Question 226: A system administrator has installed a new Internet facing s...; Question 227: Customers have recently reported incomplete purchase history...; Question 228: Since the implementation of IPv6 on the company network, the...; Question 229: A company runs large computing jobs only during the overnigh...

Question 98/229

LEAVE A REPLY

Download PDF File