CompTIA Advanced Security Practitioner (CASP) v6.1 (CAS-002)

Page:    1 / 36   
Total 540 questions

A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organizations configuration management process using?

  • A. Agile
  • B. SDL
  • C. Waterfall
  • D. Joint application development


Answer : A

A company is facing penalties for failing to effectively comply with e-discovery requests.
Which of the following could reduce the overall risk to the company from this issue?

  • A. Establish a policy that only allows filesystem encryption and disallows the use of individual file encryption.
  • B. Require each user to log passwords used for file encryption to a decentralized repository.
  • C. Permit users to only encrypt individual files using their domain password and archive all old user passwords.
  • D. Allow encryption only by tools that use public keys from the existing escrowed corporate PKI.


Answer : D

Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZs hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal. Which of the following BEST describes the core concerns of the security architect?

  • A. Most of company XYZs customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.
  • B. The availability requirements in SLAs with each hosted customer would have to be re- written to account for the transfer of virtual machines between physical platforms for regular maintenance.
  • C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.
  • D. Not all of company XYZs customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.


Answer : C

A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organizations customer database. The database will be accessed by both the companys users and its customers. The procurement department has asked what security activities must be performed for the deal to proceed.
Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO).

  • A. Physical penetration test of the datacenter to ensure there are appropriate controls.
  • B. Penetration testing of the solution to ensure that the customer data is well protected.
  • C. Security clauses are implemented into the contract such as the right to audit.
  • D. Review of the organizations security policies, procedures and relevant hosting certifications.
  • E. Code review of the solution to ensure that there are no back doors located in the software.


Answer : C,D

The security engineer receives an incident ticket from the helpdesk stating that DNS lookup requests are no longer working from the office. The network team has ensured that Layer 2 and Layer 3 connectivity are working. Which of the following tools would a security engineer use to make sure the DNS server is listening on port 53?

  • A. PING
  • B. NESSUS
  • C. NSLOOKUP
  • D. NMAP


Answer : D

A security administrator wants to deploy a dedicated storage solution which is inexpensive, can natively integrate with AD, allows files to be selectively encrypted and is suitable for a small number of users at a satellite office. Which of the following would BEST meet the requirement?

  • A. SAN
  • B. NAS
  • C. Virtual SAN
  • D. Virtual storage


Answer : B

A large enterprise acquires another company which uses antivirus from a different vendor.
The CISO has requested that data feeds from the two different antivirus platforms be combined in a way that allows management to assess and rate the overall effectiveness of antivirus across the entire organization. Which of the following tools can BEST meet the
CISOs requirement?

  • A. GRC
  • B. IPS
  • C. CMDB
  • D. Syslog-ng
  • E. IDS


Answer : A

Company ABCs SAN is nearing capacity, and will cause costly downtimes if servers run out disk space. Which of the following is a more cost effective alternative to buying a new
SAN?

  • A. Enable multipath to increase availability
  • B. Enable deduplication on the storage pools
  • C. Implement snapshots to reduce virtual disk size
  • D. Implement replication to offsite datacenter


Answer : B

An external penetration tester compromised one of the client organizations authentication servers and retrieved the password database. Which of the following methods allows the penetration tester to MOST efficiently use any obtained administrative credentials on the client organizations other systems, without impacting the integrity of any of the systems?

  • A. Use the pass the hash technique
  • B. Use rainbow tables to crack the passwords
  • C. Use the existing access to change the password
  • D. Use social engineering to obtain the actual password


Answer : A

An organization is concerned with potential data loss in the event of a disaster, and created a backup datacenter as a mitigation strategy. The current storage method is a single NAS used by all servers in both datacenters. Which of the following options increases data availability in the event of a datacenter failure?

  • A. Replicate NAS changes to the tape backups at the other datacenter.
  • B. Ensure each server has two HBAs connected through two routes to the NAS.
  • C. Establish deduplication across diverse storage paths.
  • D. Establish a SAN that replicates between datacenters.


Answer : D

Which of the following BEST constitutes the basis for protecting VMs from attacks from other VMs hosted on the same physical platform?

  • A. Aggressive patch management on the host and guest OSs.
  • B. Host based IDS sensors on all guest OSs.
  • C. Different antivirus solutions between the host and guest OSs.
  • D. Unique Network Interface Card (NIC) assignment per guest OS.


Answer : A

A small companys Chief Executive Officer (CEO) has asked its Chief Security Officer
(CSO) to improve the companys security posture quickly with regard to targeted attacks.
Which of the following should the CSO conduct FIRST?

  • A. Survey threat feeds from services inside the same industry.
  • B. Purchase multiple threat feeds to ensure diversity and implement blocks for malicious traffic.
  • C. Conduct an internal audit against industry best practices to perform a qualitative analysis.
  • D. Deploy a UTM solution that receives frequent updates from a trusted industry vendor.


Answer : A

A security manager has received the following email from the Chief Financial Officer
(CFO):
While I am concerned about the security of the proprietary financial data in our ERP application, we have had a lot of turnover in the accounting group and I am having a difficult time meeting our monthly performance targets. As things currently stand, we do not allow employees to work from home but this is something I am willing to allow so we can get back on track. What should we do first to securely enable this capability for my group?
Based on the information provided, which of the following would be the MOST appropriate response to the CFO?

  • A. Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed.
  • B. Allow VNC access to corporate desktops from personal computers for the users working from home.
  • C. Allow terminal services access from personal computers after the CFO provides a list of the users working from home.
  • D. Work with the executive management team to revise policies before allowing any remote access.


Answer : D

Company XYZ provides cable television service to several regional areas. They are currently installing fiber-to-the-home in many areas with hopes of also providing telephone and Internet services. The telephone and Internet services portions of the company will each be separate subsidiaries of the parent company. The board of directors wishes to keep the subsidiaries separate from the parent company. However all three companies must share customer data for the purposes of accounting, billing, and customer authentication. The solution must use open standards, and be simple and seamless for customers, while only sharing minimal data between the companies. Which of the following solutions is BEST suited for this scenario?

  • A. The companies should federate, with the parent becoming the SP, and the subsidiaries becoming an IdP.
  • B. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SSP.
  • C. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SP.
  • D. The companies should federate, with the parent becoming the ASP, and the subsidiaries becoming an IdP.


Answer : C

The administrator is troubleshooting availability issues on an FCoE-based storage array that uses deduplication. The single controller in the storage array has failed, so the administrator wants to move the drives to a storage array from a different manufacturer in order to access the data. Which of the following issues may potentially occur?

  • A. The data may not be in a usable format.
  • B. The new storage array is not FCoE based.
  • C. The data may need a file system check.
  • D. The new storage array also only has a single controller.


Answer : A

Page:    1 / 36   
Total 540 questions