CompTIA CASP Test Trivia Questions! Quiz

30 Questions

Settings
CompTIA CASP Test Trivia Questions! Quiz

CASP? 31-60


Questions and Answers
  • 1. 
    • A. 

      Disable unnecessary wireless interfaces such as Bluetooth.

    • B. 

      Reduce the amount of sensitive data stored on the device.

    • C. 

      Require authentication before access is given to the device.

    • D. 

      Require that the compromised devices be remotely wiped.

  • 2. 
    32. Which of the following is the MOST cost-effective solution for sanitizing a DVD with sensitive information on it?
    • A. 

      Write over the data

    • B. 

      Purge the data

    • C. 

      Incinerate the DVD

    • D. 

      Shred the DVD

  • 3. 
    33. A network engineer at Company ABC observes the following raw HTTP request: GET /disp_reports.php?SectionEntered=57&GroupEntered=-1&report_type=alerts&to_date=01- 01-0101&Run= Run&UserEntered=dsmith&SessionID=5f04189bc&from_date=31-10-2010&TypesEntered=1 HTTP/1.1 Host: test.example.net Accept: */* Accept-LanguagE. en Connection: close CookiE. java14=1; java15=1; java16=1; js=1292192278001; Which of the following should be the engineer’s GREATEST concern?
    • A. 

      The HTTPS is not being enforced so the system is vulnerable.

    • B. 

      The numerical encoding on the session ID is limited to hexadecimal characters, making it susceptible to a brute force attack.

    • C. 

      Sensitive data is transmitted in the URL.

    • D. 

      The dates entered are outside a normal range, which may leave the system vulnerable to a denial of service attack.

  • 4. 
    34. Driven mainly by cost, many companies outsource computing jobs which require a large amount of processor cycles over a short duration to cloud providers. This allows the company to avoid a large investment in computing resources which will only be used for a short time. Assuming the provisioned resources are dedicated to a single company, which of the following is the MAIN vulnerability associated with on-demand provisioning?
    • A. 

      Traces of proprietary data which can remain on the virtual machine and be exploited

    • B. 

      Remnants of network data from prior customers on the physical servers during a compute job

    • C. 

      Exposure of proprietary data when in-transit to the cloud provider through IPSec tunnels

    • D. 

      Failure of the de-provisioning mechanism resulting in excessive charges for the resources

  • 5. 
    35. A security administrator needs a secure computing solution to use for all of the company’s security audit log storage, and to act as a central server to execute security functions from. Which of the following is the BEST option for the server in this scenario?
    • A. 

      A hardened Red Hat Enterprise Linux implementation running a software firewall

    • B. 

      Windows 7 with a secure domain policy and smartcard based authentication

    • C. 

      A hardened bastion host with a permit all policy implemented in a software firewall

    • D. 

      Solaris 10 with trusted extensions or SE Linux with a trusted policy

  • 6. 
    36. After implementing port security, restricting all network traffic into and out of a network, migrating to IPv6, installing NIDS, firewalls, spam and application filters, a security administer is convinced that the network is secure. The administrator now focuses on securing the hosts on the network, starting with the servers. Which of the following is the MOST complete list of end-point security software the administrator could plan to implement?
    • A. 

      Anti-malware/virus/spyware/spam software, as well as a host based firewall and strong, twofactor authentication.

    • B. 

      Anti-virus/spyware/spam software, as well as a host based IDS, firewall, and strong three-factor authentication.

    • C. 

      Anti-malware/virus/spyware/spam software, as well as a host based firewall and biometric authentication.

    • D. 

      Anti-malware/spam software, as well as a host based firewall and strong, three-factor authentication.

  • 7. 
    37. A security architect is assigned to a major software development project. The software development team has a history of writing bug prone, inefficient code, with multiple security flaws in every release. The security architect proposes implementing secure coding standards to the project manager. The secure coding standards will contain detailed standards for:
    • A. 

      Error handling, input validation, memory use and reuse, race condition handling, commenting, and preventing typical security problems.

    • B. 

      Error prevention, requirements validation, memory use and reuse, commenting typical security problems, and testing code standards.

    • C. 

      Error elimination, trash collection, documenting race conditions, peer review, and typical security problems.

    • D. 

      Error handling, input validation, commenting, preventing typical security problems, managing customers, and documenting extra requirements.

  • 8. 
    38.  A number of security incidents have been reported involving mobile web-based code developed by a consulting company. Performing a root cause analysis, the security administrator of the consulting company discovers that the problem is a simple programming error that results in extra information being loaded into the memory when the proper format is selected by the user. After repeating the process several times, the security administrator is able to execute unintentional instructions through this method. Which of the following BEST describes the problem that is occurring, a good mitigation technique to use to prevent future occurrences, and why it a security concern?
    • A. 

      Problem: Cross-site scripting Mitigation TechniquE. Input validation Security Concern: Decreases the company’s profits and cross-site scripting can enable malicious actors to compromise the confidentiality of network connections or interrupt the availability of the network.

    • B. 

      Problem: Buffer overflow Mitigation TechniquE. Secure coding standards Security Concern: Exposes the company to liability buffer overflows and can enable malicious actors to compromise the confidentiality/availability of the data.

    • C. 

      Problem: SQL injection Mitigation TechniquE. Secure coding standards Security Concern: Exposes the company to liability SQL injection and can enable malicious actors to compromise the confidentiality of data or interrupt the availability of a system.

    • D. 

      Problem: Buffer overflow Mitigation TechniquE. Output validation Security Concern: Exposing the company to public scrutiny buffer overflows can enable malicious actors to interrupt the availability of a system.

  • 9. 
    39.  A security administrator has been conducting a security assessment of Company XYZ for the past two weeks. All of the penetration tests and other assessments have revealed zero flaws in the systems at Company XYZ. However, Company XYZ reports that it has been the victim of numerous security incidents in the past six months. In each of these incidents, the criminals have managed to exfiltrate large volumes of data from the secure servers at the company. Which of the following techniques should the investigation team consider in the next phase of their assessment in hopes of uncovering the attack vector the criminals used?
    • A. 

      Vulnerability assessment

    • B. 

      Code review

    • C. 

      Social engineering

    • D. 

      Reverse engineering

  • 10. 
    40.  A security manager at Company ABC, needs to perform a risk assessment of a new mobile device which the Chief Information Officer (CIO) wants to immediately deploy to all employees in the company. The product is commercially available, runs a popular mobile operating system, and can connect to IPv6 networks wirelessly. The model the CIO wants to procure also includes the upgraded 160GB solid state hard drive. The producer of the device will not reveal exact numbers but experts estimate that over 73 million of the devices have been sold worldwide. Which of the following is the BEST list of factors the security manager should consider while performing a risk assessment?
    • A. 

      Ability to remotely wipe the devices, apply security controls remotely, and encrypt the SSD; the track record of the vendor in publicizing and correcting security flaws in their products; predicted costs associated with maintaining, integrating and securing the devices.

    • B. 

      Ability to remotely administer the devices, apply security controls remotely, and remove the SSD; the track record of the vendor in securely implementing IPv6 with IPSec; predicted costs associated with securing the devices.

    • C. 

      Ability to remotely monitor the devices, remove security controls remotely, and decrypt the SSD; the track record of the vendor in publicizing and preventing security flaws in their products; predicted costs associated with maintaining, destroying and tracking the devices.

    • D. 

      Ability to remotely sanitize the devices, apply security controls locally, encrypt the SSD; the track record of the vendor in adapting the open source operating system to their platform; predicted costs associated with inventory management, maintaining, integrating and securing the devices.

  • 11. 
    41.  A newly-appointed risk management director for the IT department at Company XYZ, a major pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and well-written report from the independent contractor who performed a security assessment of the system. The report details what seems to be a manageable volume of infrequently exploited security vulnerabilities. The likelihood of a malicious attacker exploiting one of the vulnerabilities is low; however, the director still has some reservations about approving the system because of which of the following?
    • A. 

      The resulting impact of even one attack being realized might cripple the company financially.

    • B. 

      Government health care regulations for the pharmaceutical industry prevent the director from approving a system with vulnerabilities.

    • C. 

      The director is new and is being rushed to approve a project before an adequate assessment has been performed.

    • D. 

      The director should be uncomfortable accepting any security vulnerabilities and should find time to correct them before the system is deployed.

  • 12. 
    42. A small company has a network with 37 workstations, 3 printers, a 48 port switch, an enterprise class router, and a firewall at the boundary to the ISP. The workstations have the latest patches and all have up-to-date anti-virus software. User authentication is a two-factor system with fingerprint scanners and passwords. Sensitive data on each workstation is encrypted. The network is configured to use IPv4 and is a standard Ethernet network. The network also has a captive portal based wireless hot-spot to accommodate visitors. Which of the following is a problem with the security posture of this company?
    • A. 

      No effective controls in place

    • B. 

      No transport security controls are implemented

    • C. 

      Insufficient user authentication controls are implemented

    • D. 

      IPv6 is not incorporated in the network

  • 13. 
    43. Statement: “The system shall implement measures to notify system administrators prior to a security incident occurring.” Which of the following BEST restates the above statement to allow it to be implemented by a team of software developers?
    • A. 

      The system shall cease processing data when certain configurable events occur.

    • B. 

      The system shall continue processing in the event of an error and email the security administrator the error logs.

    • C. 

      The system shall halt on error.

    • D. 

      The system shall throw an error when specified incidents pass a configurable threshold.

  • 14. 
    44. A corporate executive lost their smartphone while on an overseas business trip. The phone was equipped with file encryption and secured with a strong passphrase. The phone contained over 60GB of proprietary data. Given this scenario, which of the following is the BEST course of action?
    • A. 

      File an insurance claim and assure the executive the data is secure because it is encrypted.

    • B. 

      Immediately implement a plan to remotely wipe all data from the device.

    • C. 

      Have the executive change all passwords and issue the executive a new phone.

    • D. 

      Execute a plan to remotely disable the device and report the loss to the police.

  • 15. 
    45. A user logs into domain A using a PKI certificate on a smartcard protected by an 8 digit PIN. The credential is cached by the authenticating server in domain A. Later, the user attempts to access a resource in domain B. This initiates a request to the original authenticating server to somehow attest to the resource server in the second domain that the user is in fact who they claim to be. Which of the following is being described?
    • A. 

      Authentication

    • B. 

      Authorization

    • C. 

      SAML

    • D. 

      Kerberos

  • 16. 
    46. A certain script was recently altered by the author to meet certain security requirements, and needs to be executed on several critical servers. Which of the following describes the process of ensuring that the script being used was not altered by anyone other than the author?
    • A. 

      Digital encryption

    • B. 

      Digital signing

    • C. 

      Password entropy

    • D. 

      Code signing

  • 17. 
    47. A company has asked their network engineer to list the major advantages for implementing a virtual environment in regards to cost. Which of the following would MOST likely be selected?
    • A. 

      Ease of patch testing

    • B. 

      Reducing physical footprint

    • C. 

      Reduced network traffic

    • D. 

      Isolation of applications

  • 18. 
    48. The security administrator has been tasked with providing a solution that would not only eliminate the need for physical desktops, but would also centralize the location of all desktop applications, without losing physical control of any network devices. Which of the following would the security manager MOST likely implement?
    • A. 

      VLANs

    • B. 

      VDI

    • C. 

      PaaS

    • D. 

      IaaS

  • 19. 
    49. A company has decided to relocate and the security manager has been tasked to perform a site survey of the new location to help in the design of the physical infrastructure. The current location has video surveillance throughout the building and entryways. The following requirements must be met: Able to log entry of all employees in and out of specific areas Access control into and out of all sensitive areas Tailgating prevention Which of the following would MOST likely be implemented to meet the above requirements and provide a secure solution? (Select TWO).
    • A. 

      Discretionary Access control

    • B. 

      Man trap

    • C. 

      Visitor logs

    • D. 

      Proximity readers

    • E. 

      Motion detection sensors

  • 20. 
    50. Which of the following refers to programs running in an isolated space to run untested code and prevents the code from making permanent changes to the OS kernel and other data on the host machine?
    • A. 

      Input Validation

    • B. 

      Application hardening

    • C. 

      Code signing

    • D. 

      Application sandboxing

  • 21. 
    51. The company is about to upgrade a financial system through a third party, but wants to legally ensure that no sensitive information is compromised throughout the project. The project manager must also make sure that internal controls are set to mitigate the potential damage that one individual’s actions may cause. Which of the following needs to be put in place to make certain both organizational requirements are met? (Select TWO).
    • A. 

      Separation of duties

    • B. 

      Forensic tasks

    • C. 

      MOU

    • D. 

      OLA

    • E. 

      NDA

    • F. 

      Job rotation

  • 22. 
    52.  The security administrator is worried about possible SPIT attacks against the VoIP system. Which of the following security controls would MOST likely need to be implemented to detect this type of attack?
    • A. 

      SIP and SRTP traffic analysis

    • B. 

      QoS audit on Layer 3 devices

    • C. 

      IP and MAC filtering logs

    • D. 

      Email spam filter log

  • 23. 
    53.  The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The network administrator reviews the tickets and compiles the following information for the security administrator: ------ Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0 Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0 Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0 All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router interface’s MAC is 00-01-42-32-ab-1a ------ The security administrator brings a laptop to the finance office, connects it to one of the wall jacks, starts up a network analyzer, and notices the following: 09:05:10.937590 arp reply 172.16.34.1 is-at 0:12:3f:f1:da:52 (0:12:3f:f1:da:52) 09:05:15.934840 arp reply 172.16.34.1 is-at 0:12:3f:f1:da:52 (0:12:3f:f1:da:52) 09:05:19.931482 arp reply 172.16.34.1 is-at 0:12:3f:f1:da:52 (0:12:3f:f1:da:52) Which of the following can the security administrator determine from the above information?
    • A. 

      A man in the middle attack is underway - implementing static ARP entries is a possible solution.

    • B. 

      An ARP flood attack targeted at the router is causing intermittent communication – implementing IPS is a possible solution.

    • C. 

      The default gateway is being spoofed - implementing static routing with MD5 is a possible solution.

    • D. 

      The router is being advertised on a separate network - router reconfiguration is a possible solution.

  • 24. 
    54.  On Monday, the Chief Information Officer (CIO) of a state agency received an e-discovery request for the release of all emails sent and received by the agency board of directors for the past five years. The CIO has contacted the email administrator and asked the administrator to provide the requested information by end of day on Friday. Which of the following has the GREATEST impact on the ability to fulfill the e-discovery request?
    • A. 

      Data retention policy

    • B. 

      Backup software and hardware

    • C. 

      Email encryption software

    • D. 

      Data recovery procedures

  • 25. 
    55. A company is evaluating a new marketing strategy involving the use of social networking sites to reach its customers. The marketing director wants to be able to report important company news, product updates, and special promotions on the social websites. After an initial and successful pilot period, other departments want to use the social websites to post their updates as well. The Chief Information Officer (CIO) has asked the company security administrator to document three negative security impacts of allowing IT staff to post work related information on such websites. Which of the following are the major risks the security administrator should report back to the CIO? (Select THREE).
    • A. 

      Brute force attacks

    • B. 

      Malware infection

    • C. 

      DDOS attacks

    • D. 

      Phishing attacks

    • E. 

      SQL injection attacks

    • F. 

      Social engineering attacks

  • 26. 
    56. A telecommunication company has recently upgraded their teleconference systems to multicast. Additionally, the security team has instituted a new policy which requires VPN to access the company’s video conference. All parties must be issued a VPN account and must connect to the company’s VPN concentrator to participate in the remote meetings. Which of the following settings will increase bandwidth utilization on the VPN concentrator during the remote meetings?
    • A. 

      IPSec transport mode is enabled

    • B. 

      ICMP is disabled

    • C. 

      Split tunneling is disabled

    • D. 

      NAT-traversal is enabled

  • 27. 
    57. An Information Security Officer (ISO) has asked a security team to randomly retrieve discarded computers from the warehouse dumpster. The security team was able to retrieve two older computers and a broken MFD network printer. The security team was able to connect the hard drives from the two computers and the network printer to a computer equipped with forensic tools. The security team was able to retrieve PDF files from the network printer hard drive but the data on the two older hard drives was inaccessible. Which of the following should the Warehouse Manager do to remediate the security issue?
    • A. 

      Revise the hardware and software maintenance contract.

    • B. 

      Degauss the printer hard drive to delete data.

    • C. 

      Implement a new change control process.

    • D. 

      Update the hardware decommissioning procedures.

  • 28. 
    • A. 

      Database servers should be on the same virtual server as web servers in the DMZ network segment.

    • B. 

      Web servers should be on the same physical server as database servers in the network segment.

    • C. 

      Virtual servers should only be on the same physical server as others in their network segment.

    • D. 

      Physical servers should only be on the same WAN as other physical servers in their network.

  • 29. 
    59. Which of the following should be used with caution because of its ability to provide access to block level data instead of file level data?
    • A. 

      CIFS

    • B. 

      NFS

    • C. 

      ISCSI

    • D. 

      NAS

  • 30. 
    60. Which of the following can aid a buffer overflow attack to execute when used in the creation of applications?
    • A. 

      Secure cookie storage

    • B. 

      Standard libraries

    • C. 

      State management

    • D. 

      Input validation