CASP ? 91-120

30 Questions | Total Attempts: 313

SettingsSettingsSettings
CASP Quizzes & Trivia

CASP? 90-120


Questions and Answers
  • 1. 
    91. The sales division within a large organization purchased touch screen tablet computers for all 250 sales representatives in an effort to showcase the use of technology to its customers and increase productivity. This includes the development of a new product tracking application that works with the new platform. The security manager attempted to stop the deployment because the equipment and application are non-standard and unsupported within the organization. However, upper management decided to continue the deployment. Which of the following provides the BEST method for evaluating the potential threats?
    • A. 

      Conduct a vulnerability assessment to determine the security posture of the new devices and the application.

    • B. 

      Benchmark other organization’s that already encountered this type of situation and apply all relevant learning’s and industry best practices.

    • C. 

      Work with the business to understand and classify the risk associated with the full lifecycle of the hardware and software deployment.

    • D. 

      Develop a standard image for the new devices and migrate to a web application to eliminate locally resident data.

  • 2. 
    92. Based on the results of a recent audit, a company rolled out a standard computer image in an effort to provide consistent security configurations across all computers. Which of the following controls provides the GREATEST level of certainty that unauthorized changes are not occurring?
    • A. 

      Schedule weekly vulnerability assessments

    • B. 

      Implement continuous log monitoring

    • C. 

      Scan computers weekly against the baseline

    • D. 

      Require monthly reports showing compliance with configuration and updates

  • 3. 
    93. Due to a new regulation, a company has to increase active monitoring of security-related events to 24 hours a day. The security staff only has three full time employees that work during normal business hours. Instead of hiring new security analysts to cover the remaining shifts necessary to meet the monitoring requirement, the Chief Information Officer (CIO) has hired a Managed Security Service (MSS) to monitor events. Which of the following should the company do to ensure that the chosen MSS meets expectations?
    • A. 

      Develop a memorandum of understanding on what the MSS is responsible to provide.

    • B. 

      Create internal metrics to track MSS performance.

    • C. 

      Establish a mutually agreed upon service level agreement.

    • D. 

      Issue a RFP to ensure the MSS follows guidelines.

  • 4. 
    94. The company’s marketing department needs to provide more real-time interaction with its partners and consumers and decides to move forward with a presence on multiple social networking sites for sharing information. Which of the following minimizes the potential exposure of proprietary information?
    • A. 

      Require each person joining the company’s social networking initiative to accept a nondisclosure agreement.

    • B. 

      Establish a specific set of trained people that can release information on the organization’s behalf.

    • C. 

      Require a confidential statement be attached to all information released to the social networking sites.

    • D. 

      Establish a social media usage policy and provide training to all marketing employees.

  • 5. 
    95. Company Z is merging with Company A to expand its global presence and consumer base. This purchase includes several offices in different countries. To maintain strict internal security and compliance requirements, all employee activity may be monitored and reviewed. Which of the following would be the MOST likely cause for a change in this practice?
    • A. 

      The excessive time it will take to merge the company’s information systems.

    • B. 

      Countries may have different legal or regulatory requirements.

    • C. 

      Company A might not have adequate staffing to conduct these reviews.

    • D. 

      The companies must consolidate security policies during the merger.

  • 6. 
    96. An administrator wants to virtualize the company's web servers, application servers, and database servers. Which of the following should be done to secure the virtual host machines? (Select TWO).
    • A. 

      Establish VLANs for each virtual guest's NIC on the virtual switch.

    • B. 

      Enable virtual switch layer 2 security precautions.

    • C. 

      Only access hosts through a secure management interface.

    • D. 

      Distribute guests to hosts by application role or trust zone.

    • E. 

      Restrict physical and network access to the host console.

  • 7. 
    97. A security incident happens three times a year on a company's web server costing the company $1,500 in downtime, per occurrence. The web server is only for archival access and is scheduled to be decommissioned in five years. The cost of implementing software to prevent this incident would be $15,000 initially, plus $1,000 a year for maintenance. Which of the following is the MOST cost-effective manner to deal with this risk?
    • A. 

      Avoid the risk

    • B. 

      Transfer the risk

    • C. 

      Accept the risk

    • D. 

      Mitigate the risk

  • 8. 
    98. An administrator is assessing the potential risk impact on an accounting system and categorizes it as follows: Administrative Files = {(Confidentiality, Moderate), (Integrity, Moderate), (Availability, Low)} Vendor Information = {(Confidentiality, Moderate), (Integrity, Low), (Availability, Low)} Payroll Data = {(Confidentiality, High), (Integrity, Moderate), (Availability, Low)} Which of the following is the aggregate risk impact on the accounting system?
    • A. 

      {(Confidentiality, Moderate), (Integrity, Moderate), (Availability, Moderate)}

    • B. 

      {(Confidentiality, High), (Integrity, Low), (Availability, Low)}

    • C. 

      {(Confidentiality, High), (Integrity, Moderate), (Availability, Low)}

    • D. 

      {(Confidentiality, Moderate), (Integrity, Moderate), (Availability, Low)}

  • 9. 
    99. An administrator is reviewing a recent security audit and determines that two users in finance also have access to the human resource data. One of those users fills in for any HR employees on vacation, the other user only works in finance. Which of the following policies is being violated by the finance user according to the audit results?
    • A. 

      Mandatory vacation

    • B. 

      Non-disclosure

    • C. 

      Job rotation

    • D. 

      Least privilege

  • 10. 
    100. After a security incident, an administrator revokes the SSL certificate for their web server www.company.com. Later, users begin to inform the help desk that a few other servers are generating certificate errors: ftp.company.com, mail.company.com, and partners.company.com. Which of the following is MOST likely the reason for this?
    • A. 

      Each of the servers used the same EV certificate.

    • B. 

      The servers used a wildcard certificate.

    • C. 

      The web server was the CA for the domain.

    • D. 

      Revoking a certificate can only be done at the domain level.

  • 11. 
    Virtual hosts with different security requirements should be:
    • A. 

      Encrypted with a one-time password.

    • B. 

      Stored on separate physical hosts.

    • C. 

      Moved to the cloud.

    • D. 

      Scanned for vulnerabilities regularly.

  • 12. 
    Corporate policy states that the systems administrator should not be present during system audits. The security policy that states this is:
    • A. 

      Separation of duties.

    • B. 

      Mandatory vacation.

    • C. 

      Non-disclosure agreement.

    • D. 

      Least privilege.

  • 13. 
    When Company A and Company B merged, the network security administrator for Company A was tasked with joining the two networks. Which of the following should be done FIRST?
    • A. 

      Implement a unified IPv6 addressing scheme on the entire network.

    • B. 

      Conduct a penetration test of Company B’s network.

    • C. 

      Perform a vulnerability assessment on Company B’s network.

    • D. 

      Perform a peer code review on Company B’s application.

  • 14. 
    104. A legacy system is not scheduled to be decommissioned for two years and requires the use of the standard Telnet protocol. Which of the following should be used to mitigate the security risks of this system?
    • A. 

      Migrate the system to IPv6.

    • B. 

      Migrate the system to RSH.

    • C. 

      Move the system to a secure VLAN.

    • D. 

      Use LDAPs for authentication.

  • 15. 
    105. An ISP is peering with a new provider and wishes to disclose which autonomous system numbers should be allowed through BGP for network transport. Which of the following should contain this information?
    • A. 

      Memorandum of Understanding

    • B. 

      Interconnection Security Agreement

    • C. 

      Operating Level Agreement

    • D. 

      Service Level Agreement

  • 16. 
    106. A wholesaler has decided to increase revenue streams by selling direct to the public through an on-line system. Initially this will be run as a short term trial and if profitable, will be expanded and form part of the day to day business. The risk manager has raised two main business risks for the initial trial: 1. IT staff has no experience with establishing and managing secure on-line credit card processing. 2. An internal credit card processing system will expose the business to additional compliance requirements. Which of the following is the BEST risk mitigation strategy?
    • A. 

      Transfer the risks to another internal department, who have more resources to accept the risk.

    • B. 

      Accept the risks and log acceptance in the risk register. Once the risks have been accepted close them out.

    • C. 

      Transfer the initial risks by outsourcing payment processing to a third party service provider.

    • D. 

      Mitigate the risks by hiring additional IT staff with the appropriate experience and certifications.

  • 17. 
    107. A large enterprise is expanding through the acquisition of a second corporation. Which of the following should be undertaken FIRST before connecting the networks of the newly formed entity?
    • A. 

      A system and network scan to determine if all of the systems are secure.

    • B. 

      Implement a firewall/DMZ system between the networks.

    • C. 

      Develop a risk analysis for the merged networks.

    • D. 

      Conduct a complete review of the security posture of the acquired corporation.

  • 18. 
    108. The company is considering issuing non-standard tablet computers to executive management. Which of the following is the FIRST step the security manager should perform?
    • A. 

      Apply standard security policy settings to the devices.

    • B. 

      Set up an access control system to isolate the devices from the network.

    • C. 

      Integrate the tablets into standard remote access systems.

    • D. 

      Develop the use case for the devices and perform a risk analysis.

  • 19. 
    109. When authenticating over HTTP using SAML, which of the following is issued to the authenticating user?
    • A. 

      A symmetric key

    • B. 

      A PKI ticket

    • C. 

      An X.509 certificate

    • D. 

      An assertion ticket

  • 20. 
    110. Which of the following activities could reduce the security benefits of mandatory vacations?
    • A. 

      Have a replacement employee run the same applications as the vacationing employee.

    • B. 

      Have a replacement employee perform tasks in a different order from the vacationing employee.

    • C. 

      Have a replacement employee perform the job from a different workstation than the vacationing employee.

    • D. 

      Have a replacement employee run several daily scripts developed by the vacationing employee.

  • 21. 
    111. A database is hosting information assets with a computed CIA aggregate value of high. The database is located within a secured network zone where there is flow control between the client and datacenter networks. Which of the following is the MOST likely threat?
    • A. 

      Inappropriate administrator access

    • B. 

      Malicious code

    • C. 

      Internal business fraud

    • D. 

      Regulatory compliance

  • 22. 
    112. An organization recently upgraded its wireless infrastructure to support WPA2 and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only WEP compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the WPA2 requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?
    • A. 

      Create a separate SSID and WEP key to support the legacy clients and enable detection of rogue APs.

    • B. 

      Create a separate SSID and WEP key on a new network segment and only allow required communication paths.

    • C. 

      Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.

    • D. 

      Create a separate SSID and require the use of dynamic WEP keys.

  • 23. 
    113. The Chief Information Security Officer (CISO) is researching ways to reduce the risk associated with administrative access of six IT staff members while enforcing separation of duties. In the case where an IT staff member is absent, each staff member should be able to perform all the necessary duties of their IT co-workers. Which of the following policies should the CISO implement to reduce the risk?
    • A. 

      Require the use of an unprivileged account, and a second shared account only for administrative purposes.

    • B. 

      Require role-based security on primary role, and only provide access to secondary roles on a case-by-case basis.

    • C. 

      Require separation of duties ensuring no single administrator has access to all systems.

    • D. 

      Require on-going auditing of administrative activities, and evaluate against risk-based metrics.

  • 24. 
    114. A company has a primary DNS server at address 192.168.10.53 and a secondary server at 192.168.20.53. An administrator wants to secure a company by only allowing secure zone transfers to the secondary server. Which of the following should appear in the primary DNS configuration file to accomplish this?
    • A. 

      Key company-key.{ algorithm hmac-rc4; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; };

    • B. 

      Key company-key.{ algorithm hmac-md5; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; key company-key.{ algorithm hmac-md5; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.10.53; }

    • C. 

      Key company-key.{ algorithm hmac-md5; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.20.53; }

    • D. 

      Key company-key.{ algorithm hmac-rc4; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.10.53; } algorithm hmac-rc4; secret "Hdue8du9jdknkhdoLksdlkeYEIks83K="; }; allow transfer { 192.168.10.53; }

  • 25. 
    115. An employee of a company files a complaint with a security administrator. While sniffing network traffic, the employee discovers that financially confidential emails were passing between two warehouse users. The two users deny sending confidential emails to each other. Which of the following security practices would allow for non-repudiation and prevent network sniffers from reading the confidential mail? (Select TWO).
    • A. 

      Transport encryption

    • B. 

      Authentication hashing

    • C. 

      Digital signature

    • D. 

      Legal mail hold

    • E. 

      TSIG code signing