CompTIA CAS-002 - CompTIA Advanced Security Practitioner (CASP) Exam
Page: 2 / 107
Total 532 questions
Question #6 (Topic: Topic 1)
The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged
the Chief Security Officers (CSO) request to harden the corporate networks perimeter.
The CEO argues that the company cannot protect its employees at home, so the risk at
work is no different. Which of the following BEST explains why this company should
proceed with protecting its corporate network boundary?
the Chief Security Officers (CSO) request to harden the corporate networks perimeter.
The CEO argues that the company cannot protect its employees at home, so the risk at
work is no different. Which of the following BEST explains why this company should
proceed with protecting its corporate network boundary?
A. The corporate network is the only network that is audited by regulators and customers.
B. The aggregation of employees on a corporate network makes it a more valuable target for attackers.
C. Home networks are unknown to attackers and less likely to be targeted directly.
D. Employees are more likely to be using personal computers for general web browsing when they are at home.
Answer: B
Question #7 (Topic: Topic 1)
The security administrator finds unauthorized tables and records, which were not present
before, on a Linux database server. The database server communicates only with one web
server, which connects to the database server via an account with SELECT only privileges.
Web server logs show the following:
90.76.165.40 - [08/Mar/2014:10:54:04] GET calendar.php?create%20table%20hidden
HTTP/1.1 200 5724
90.76.165.40 - [08/Mar/2014:10:54:05] GET ../../../root/.bash_history HTTP/1.1 200
5724
90.76.165.40 - [08/Mar/2014:10:54:04] GET index.php?user=<script>Create</script>
HTTP/1.1 200 5724
The security administrator also inspects the following file system locations on the database
server using the command ls -al /root
drwxrwxrwx 11 root root 4096 Sep 28 22:45 .
drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..
-rws------ 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .profile
-rw------- 25 root root 4096 Mar 8 09:30 .ssh
Which of the following attacks was used to compromise the database server and what can
the security administrator implement to detect such attacks in the future? (Select TWO).
before, on a Linux database server. The database server communicates only with one web
server, which connects to the database server via an account with SELECT only privileges.
Web server logs show the following:
90.76.165.40 - [08/Mar/2014:10:54:04] GET calendar.php?create%20table%20hidden
HTTP/1.1 200 5724
90.76.165.40 - [08/Mar/2014:10:54:05] GET ../../../root/.bash_history HTTP/1.1 200
5724
90.76.165.40 - [08/Mar/2014:10:54:04] GET index.php?user=<script>Create</script>
HTTP/1.1 200 5724
The security administrator also inspects the following file system locations on the database
server using the command ls -al /root
drwxrwxrwx 11 root root 4096 Sep 28 22:45 .
drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..
-rws------ 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .profile
-rw------- 25 root root 4096 Mar 8 09:30 .ssh
Which of the following attacks was used to compromise the database server and what can
the security administrator implement to detect such attacks in the future? (Select TWO).
A. Privilege escalation
B. Brute force attack
C. SQL injection
D. Cross-site scripting
E. Using input validation, ensure the following characters are sanitized: <>
F. Update crontab with: find / \( -perm -4000 \) –type f –print0 | xargs -0 ls –l | email.sh
G. Implement the following PHP directive: $clean_user_input = addslashes($user_input)
H. Set an account lockout policy
Answer: A,F
Question #8 (Topic: Topic 1)
A security officer is leading a lessons learned meeting. Which of the following should be
components of that meeting? (Select TWO).
components of that meeting? (Select TWO).
A. Demonstration of IPS system
B. Review vendor selection process
C. Calculate the ALE for the event
D. Discussion of event timeline
E. Assigning of follow up items
Answer: D,E
Question #9 (Topic: Topic 1)
select id, firstname, lastname from authors
User input= firstname= Hack;man
lastname=Johnson
Which of the following types of attacks is the user attempting?
User input= firstname= Hack;man
lastname=Johnson
Which of the following types of attacks is the user attempting?
A. XML injection
B. Command injection
C. Cross-site scripting
D. SQL injection
Answer: D
Question #10 (Topic: Topic 1)
The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce
business costs by outsourcing to a third party company in another country. Functions to be
outsourced include: business analysts, testing, software development and back office
functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is
concerned about the outsourcing plans. Which of the following risks are MOST likely to
occur if adequate controls are not implemented?
business costs by outsourcing to a third party company in another country. Functions to be
outsourced include: business analysts, testing, software development and back office
functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is
concerned about the outsourcing plans. Which of the following risks are MOST likely to
occur if adequate controls are not implemented?
A. Geographical regulation issues, loss of intellectual property and interoperability agreement issues
B. Improper handling of client data, interoperability agreement issues and regulatory issues
C. Cultural differences, increased cost of doing business and divestiture issues
D. Improper handling of customer data, loss of intellectual property and reputation damage
Answer: D
