Latest Lead4pass IT Exam Dumps Free Update

Download Free Latest Microsoft, Cisco, CompTIA And Other IT Exam Dumps Questions And Answers

CompTIA

now browsing by category

 

[New CompTIA Exam Dumps] CompTIA CASP CAS-002 Dumps Real Exam Questions And Youtube Free Shared

New CompTIA CASP CAS-002 dumps real exam questions and answers free download from lead4pass. High quality CompTIA CASP CAS-002 dumps pdf files and vce youtube demo update free shared. “CompTIA Advanced Security Practitioner Exam” is the name of CompTIA CASP https://www.lead4pass.com/CAS-002.html exam dumps which covers all the knowledge points of the real CompTIA exam. Useful latest CompTIA CASP CAS-002 dumps pdf training materials and study guides free update, pass CompTIA CAS-002 exam test easily at first try.

Best CompTIA CAS-002 dumps pdf questions and answers: https://drive.google.com/open?id=0B_7qiYkH83VRVE55cV9qOGhpbG8

Best CompTIA CLO-001 dumps pdf questions and answers: https://drive.google.com/open?id=0B_7qiYkH83VRM1FyZGJiOUpoeVE
CAS-002 dumps
QUESTION 1
A company has issued a new mobile device policy permitting BYOD and company-issued devices. The company-issued device has a managed middleware client that restricts the applications allowed on company devices and provides those that are approved. The middleware client provides configuration standardization for both company owned and BYOD to secure data and communication to the device according to industry best practices. The policy states that, andquot;BYOD clients must meet the company\’s infrastructure requirements to permit a connection.andquot; The company also issues a memorandum separate from the policy, which provides instructions for the purchase, installation, and use of the middleware client on BYOD. Which of the following is being described?
A. Asset management
B. IT governance
C. Change management
D. Transference of risk
Correct Answer: B

QUESTION 2
An organization would like to allow employees to use their network username and password to access a third-party service. The company is using Active Directory Federated Services for their directory service. Which of the following should the company ensure is supported by the third-party? (Select TWO).
A. LDAP/S
B. SAML
C. NTLM
D. OAUTH
E. Kerberos
Correct Answer: BE

QUESTION 3
A sensitive database needs its cryptographic integrity upheld. Which of the following controls meets this goal? (Select TWO).
A. Data signing
B. Encryption
C. Perfect forward secrecy
D. Steganography
E. Data vaulting
F. RBAC
G. Lock and key
Correct Answer: AF

QUESTION 4
The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system?
A. Virtualize the system and migrate it to a cloud provider.
B. Segment the device on its own secure network.
C. Install an antivirus and HIDS on the system.
D. Hire developers to reduce vulnerabilities in the code.
Correct Answer: B

QUESTION 5
A security code reviewer has been engaged to manually review a legacy application. A number of systemic issues have been uncovered relating to buffer overflows and format string vulnerabilities.
The reviewer has advised that future software projects utilize managed code platforms if at all possible.
Which of the following languages would suit this recommendation? (Select TWO).
A. C
B. C#
C. C++
D. Perl
E. Java
Correct Answer: BE

QUESTION 6
The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take?
A. Address the security concerns through the network design and security controls.
B. Implement mitigations to the security risks and address the poor communications on the team with the project manager.
C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager.
D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect.
Correct Answer: C

QUESTION 7
A company has a single subnet in a small office. The administrator wants to limit non-web related traffic to the corporate intranet server as well as prevent abnormal HTTP requests and HTTP protocol anomalies from causing problems with the web server. Which of the following is the MOST likely solution?
A. Application firewall and NIPS
B. Edge firewall and HIDS
C. ACLs and anti-virus
D. Host firewall and WAF
Correct Answer: D

QUESTION 8
In order to reduce costs and improve employee satisfaction, a large corporation is creating a BYOD policy. It will allow access to email and remote connections to the corporate enterprise from personal devices; provided they are on an approved device list. Which of the following security measures would be MOST effective in securing the enterprise under the new policy? (Select TWO).
A. Provide free email software for personal devices.
B. Encrypt data in transit for remote access.
C. Require smart card authentication for all devices.
D. Implement NAC to limit insecure devices access.
E. Enable time of day restrictions for personal devices.
Correct Answer: BD

QUESTION 9
A large hospital has implemented BYOD to allow doctors and specialists the ability to access patient medical records on their tablets. The doctors and specialists access patient records over the hospital\’s guest WiFi network which is isolated from the internal network with appropriate security controls. The patient records management system can be accessed from the guest network and requires two factor authentication. Using a remote desktop type interface, the doctors and specialists can interact with the hospital\’s system. Cut and paste and printing functions are disabled to prevent the copying of data to BYOD devices. Which of the following are of MOST concern? (Select TWO).
A. Privacy could be compromised as patient records can be viewed in uncontrolled areas.
B. Device encryption has not been enabled and will result in a greater likelihood of data loss.
C. The guest WiFi may be exploited allowing non-authorized individuals access to confidential patient data.
D. Malware may be on BYOD devices which can extract data via key logging and screen scrapes.
E. Remote wiping of devices should be enabled to ensure any lost device is rendered inoperable.
Correct Answer: AD

QUESTION 10
When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones.
Which of the following would impact the security of conference\’s resources?
A. Wireless network security may need to be increased to decrease access of mobile devices.
B. Physical security may need to be increased to deter or prevent theft of mobile devices.
C. Network security may need to be increased by reducing the number of available physical network jacks.
D. Wireless network security may need to be decreased to allow for increased access of mobile devices.
Correct Answer: C

QUESTION 11
Company A needs to export sensitive data from its financial system to company B\’s database, using company B\’s API in an automated manner. Company A\’s policy prohibits the use of any intermediary external systems to transfer or store its sensitive data, therefore the transfer must occur directly between company A\’s financial system and company B\’s destination server using the supplied API. Additionally, company A\’s legacy financial software does not support encryption, while company B\’s API supports encryption. Which of the following will provide end-to-end encryption for the data transfer while adhering to these requirements?
A. Company A must install an SSL tunneling software on the financial system.
B. Company A\’s security administrator should use an HTTPS capable browser to transfer the data.
C. Company A should use a dedicated MPLS circuit to transfer the sensitive data to company B.
D. Company A and B must create a site-to-site IPSec VPN on their respective firewalls.
Correct Answer: A

QUESTION 12
The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients.
Which of the following is MOST likely the cause of this problem?
A. TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped.
B. TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall.
C. Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped.
D. The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.
Correct Answer: A

QUESTION 13
A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company\’s online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation?
A. $60,000
B. $100,000
C. $140,000
D. $200,000
Correct Answer: A

QUESTION 14
A bank now has a major initiative to virtualize as many servers as possible, due to power and rack space capacity at both data centers. The bank has prioritized by virtualizing older servers first as the hardware is nearing end-of-life.
The two initial migrations include:
Windows 2000 hosts: domain controllers and front-facing web servers RHEL3 hosts: front-facing web servers
Which of the following should the security consultant recommend based on best practices?
A. One data center should host virtualized web servers and the second data center should host the virtualized domain controllers.
B. One virtual environment should be present at each data center, each housing a combination of the converted Windows 2000 and RHEL3 virtual machines.
C. Each data center should contain one virtual environment for the web servers and another virtual environment for the domain controllers.
D. Each data center should contain one virtual environment housing converted Windows 2000 virtual machines and converted RHEL3 virtual machines.
Correct Answer: C

QUESTION 15
A large bank deployed a DLP solution to detect and block customer and credit card data from leaving the organization via email. A disgruntled employee was able to successfully exfiltrate data through the corporate email gateway by embedding a word processing document containing sensitive data as an object in a CAD file. Which of the following BEST explains why it was not detected and blocked by the DLP solution? (Select TWO).
A. The product does not understand how to decode embedded objects.
B. The embedding of objects in other documents enables document encryption by default.
C. The process of embedding an object obfuscates the data.
D. The mail client used to send the email is not compatible with the DLP product.
E. The DLP product cannot scan multiple email attachments at the same time.
Correct Answer: AC

Best useful CompTIA CASP CAS-002 dumps exam practice materials in PDF format free download from lead4pass. The best and most updated CompTIA CASP https://www.lead4pass.com/CAS-002.html dumps pdf training resources which are the best for clearing CAS-002 exam test, and to get certified by CompTIA CASP, download one of the many PDF readers that are available for free.

High quality CompTIA CASP CAS-002 dumps vce youtube: https://youtu.be/UHKlO1Y4xjY

[New CompTIA Exam Dumps] Useful CompTIA Network+ N10-006 Dumps Exam Training Materials And Youtube Update

New CompTIA Network+ N10-006 dumps exam training materials in PDF format free download from lead4pass. “CompTIA Network+ certification” is the name of CompTIA Network+ https://www.lead4pass.com/N10-006.html exam dumps which covers all the knowledge points of the real CompTIA exam. Latest CompTIA Network+ N10-006 dumps pdf resources and vce youtube demo update free shared.

High quality CompTIA Network+ N10-006 dumps exam questions and answers free download from lead4pass. The best useful CompTIA Network+ N10-006 dumps pdf practice files and study guides update free try, pass CompTIA N10-006 exam test quickly and easily at first attempt.

Latest CompTIA N10-006 dumps pdf training materials: https://drive.google.com/open?id=0B_7qiYkH83VRY2RQR25WLWc3RjA

Latest CompTIA N10-005 dumps pdf training materials: https://drive.google.com/open?id=0B_7qiYkH83VRMnVzQ3RYbFpjWUk
N10-006 dumps
QUESTION 1
Which of the following 802.11g antennas broadcast an RF signal in a specific direction with a narrow path?
A. Omni-direction
B. Unidirectional
C. Patch
D. Yagi
Correct Answer: B

QUESTION 2
A network engineer needs to set up a topology that will not fail if there is an outage on a single piece of the topology.
However, the computers need to wait to talk on the network to avoid congestions. Which of the following topologies would the engineer implement?
A. Star
B. Bus
C. Ring
D. Mesh
Correct Answer: C

QUESTION 3
A network technician must allow use of HTTP from the internet to an internal resource running HTTP. This is an example of which of the following?
A. Dynamic DNS
B. Virtual Private networking (VPN)
C. Dynamic NAT
D. Port Forwarding
Correct Answer: D

QUESTION 4
Which of the following broadband WAN technologies would MOST likely be used to connect several remote branches that have no fiber or satellite connections? N10-006 dumps
A. OC12
B. POTS
C. WiMax
D. OC3
Correct Answer: B

QUESTION 5
Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the cause of this issue?
A. WPA2 security key
B. SSL certificates
C. CSMAjCA
D. RADIUS
Correct Answer: D

QUESTION 6
Which of the following is MOST likely to use an RJ-11 connector to connect a computer to an ISP using a POTS line?
A. Multilayer switch
B. Access point
C. Analog modem
D. DOCSIS modem
Correct Answer: C

QUESTION 7
A company is installing several APs for a new wireless system that requires users to authenticate to the domain. The network technician would like to authenticate to a central point. Which of the following would work BEST to achieve these results?
A. A TACACS+ device and a RADIUS server
B. A TACACS and a proxy server
C. A RADIUS server and an access point
D. A RADIUS server and a network controller
Correct Answer: C

QUESTION 8
Which of the following helps prevent routing loops?
A. Routing table
B. Default gateway
C. Routesummarization
D. Split horizon
Correct Answer: D

QUESTION 9
Which of the following would be used in an IP-based video conferencing deployment? N10-006 dumps (Select TWO).
A. RS-232
B. 56k modem
C. Bluetooth
D. Codec
E. SIP
Correct Answer: DE

QUESTION 10
A technician needs to set aside addresses in a DHCP pool so that certain servers always receive the same address.
Which of the following should be configured?
A. Leases
B. Helper addresses
C. Scopes
D. Reservations
Correct Answer: D

QUESTION 11
Which of the following ports is used to provide secure sessions over the web by default?
A. 22
B. 25
C. 80
D. 5004
Correct Answer: A

QUESTION 12
A company has implemented the capability to send all log files to a central location by utilizing an encrypted channel.
The log files are sent to this location in order to be reviewed. A recent exploit has caused the company\’s encryption to become unsecure. Which of the following would be required to resolve the exploit?
A. Utilize a FTP service
B. Install recommended updates
C. Send all log files through SMTP
D. Configure the firewall to block port 22
Correct Answer: B

QUESTION 13
A malicious student is blocking mobile devices from connecting to the internet when other students are in the classroom. N10-006 dumps
Which of the following is the malicious student implementing?
A. Removing the AP from the classroom
B. ACL
C. Jamming
D. Firewall
E. IPS
Correct Answer: C

QUESTION 14
While troubleshooting a network outage, a technician finds a 100-meter fiber cable with a small service loop and suspects it might be the cause of the outage. Which of the following is MOST likely the issue?
A. Maximum cable length exceeded
B. Dirty connectors
C. RF interference caused by impedance mismatch
D. Bend radius exceeded
Correct Answer: D

QUESTION 15
While implementing wireless access points into the network, one building is having connectivity issues due to light fixtures being replaced in the ceiling, while all other buildings\’ connectivity is performing as expected. Which of the following should be exchanged on the access points installed in the building with connectivity issues?
A. UTP patch cables
B. Antenna
C. Power adapter
D. Security standard
Correct Answer: B

The best and most updated useful CompTIA CompTIA Network+ https://www.lead4pass.com/N10-006.html dumps pdf training resources which are the best for clearing N10-006 exam test, and to get certified by CompTIA CompTIA Network+. 100% success and guarantee to pass.

High quality CompTIA Network+ N10-006 dumps vce youtube: https://youtu.be/wsV4zJ_KQgI