CompTIA CAS-002 問題集

質問 1：
The administrator is troubleshooting availability issues on an FCoE-based storage array that uses deduplication. The single controller in the storage array has failed, so the administrator wants to move the drives to a storage array from a different manufacturer in order to access the data. Which of the following issues may potentially occur?
A. The data may need a file system check.
B. The data may not be in a usable format.
C. The new storage array also only has a single controller.
D. The new storage array is not FCoE based.
正解：B

質問 2：
A critical system audit shows that the payroll system is not meeting security policy due to missing OS security patches. Upon further review, it appears that the system is not being patched at all. The vendor states that the system is only supported on the current OS patch level. Which of the following compensating controls should be used to mitigate the vulnerability of missing OS patches on this system?
A. Isolate the system on a secure network to limit its contact with other systems
B. Implement an application layer firewall to protect the payroll system interface
C. Perform reconciliation of all payroll transactions on a daily basis
D. Monitor the system's security log for unauthorized access to the payroll application
正解：A

質問 3：
An IT Manager is concerned about errors made during the deployment process for a new model of tablet. Which of the following would suggest best practices and configuration parameters that technicians could follow during the deployment process?
A. Guideline
B. Procedure
C. Policy
D. Corporate standard
E. Automated workflow
正解：A

質問 4：
An administrator has a system hardening policy to only allow network access to certain services, to always use similar hardware, and to protect from unauthorized application configuration changes.
Which of the following technologies would help meet this policy requirement? (Select TWO).
A. Host firewall
B. Virtualization
C. Solid state drives
D. Management interface
E. Spam filter
正解：A,B

質問 5：
A medical device manufacturer has decided to work with another international organization to develop the software for a new robotic surgical platform to be introduced into hospitals within the next 12 months. In order to ensure a competitor does not become aware, management at the medical device manufacturer has decided to keep it secret until formal contracts are signed. Which of the following documents is MOST likely to contain a description of the initial terms and arrangement and is not legally enforceable?
A. SOA
B. MOU
C. SLA
D. OLA
E. BPA
正解：B

質問 6：
ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone?
A. Require multi-factor authentication when accessing the console at the physical VM host.
B. Ensure hypervisor layer firewalling between all VM hosts regardless of security zone.
C. Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s).
D. Organize VM hosts into containers based on security zone and restrict access using an ACL.
正解：D

質問 7：
A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs:
1. The banker accesses the CRM system, a redirect is performed back to the organization's internal systems.
2 . A lookup is performed of the identity and a token is generated, signed and encrypted.
3 . A redirect is performed back to the CRM system with the token.
4. The CRM system validates the integrity of the payload, extracts the identity and performs a lookup.
5 . If the banker is not in the system and automated provisioning request occurs.
6 . The banker is authenticated and authorized and can access the system.
This is an example of which of the following?
A. Service provider initiated SAML 1.1
B. OpenID federated single sign on
C. Service provider initiated SAML 2.0
D. Identity provider initiated SAML 1.0
正解：C

質問 8：
In order for a company to boost profits by implementing cost savings on non-core business activities, the IT manager has sought approval for the corporate email system to be hosted in the cloud. The compliance officer has been tasked with ensuring that data lifecycle issues are taken into account. Which of the following BEST covers the data lifecycle end- to-end?
A. Securing virtual environments, appliances, and equipment that handle email
B. Information classification, vendor selection, and the RFP process
C. Creation and secure destruction of mail accounts, emails, and calendar items
D. Data provisioning, processing, in transit, at rest, and de-provisioning
正解：D