[June-2018]Braindump2go CAS-002 PDF and VCE Dumps 900Q Free Share(45-55).pdf

002html b require role based security on primary

Info icon This preview shows pages 3–5. Sign up to view the full content.

View Full Document Right Arrow Icon
B. Require role-based security on primary role, and only provide access to secondary roles on a case-by-case basis. C. Require separation of duties ensuring no single administrator has access to all systems. D. Require on-going auditing of administrative activities, and evaluate against risk-based metrics. Answer: B QUESTION 50 As part of a new wireless implementation, the Chief Information Officer's (CIO's) main objective is to immediately deploy a system that supports the 802.11r standard, which will help wireless VoIP devices in moving vehicles. However, the 802.11r standard was not ratified by the IETF. The wireless vendor's products do support the pre-ratification version of 802.11r. The security and network administrators have tested the product and do not see any security or compatibility issues; however, they are concerned that the standard is not yet final. Which of the following is the BEST way to proceed? A. Purchase the equipment now, but do not use 802.11r until the standard is ratified. B. Do not purchase the equipment now as the client devices do not yet support 802.11r. C. Purchase the equipment now, as long as it will be firmware upgradeable to the final 802.11r standard. D. Do not purchase the equipment now; delay the implementation until the IETF has ratified the final 802.11r standard. Answer: C QUESTION 51 A Chief Information Security Officer (CISO) has been trying to eliminate some IT security risks for several months. These risks are not high profile but still exist. Furthermore, many of these risks have been mitigated with innovative solutions. However, at this point in time, the budget is insufficient to deal with the risks. Which of the following risk strategies should be used? A. Transfer the risks B. Avoid the risks C. Accept the risks D. Mitigate the risks Answer: C QUESTION 52 A company is planning to deploy an in-house Security Operations Center (SOC). One of the new requirements is to deploy a NIPS solution into the Internet facing environment. The SOC highlighted the following requirements: Perform fingerprinting on unfiltered inbound traffic to the company Monitor all inbound and outbound traffic to the DMZ's In which of the following places should the NIPS be placed in the network?
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon