CASP ? 328-349

20 Questions

Settings
CASP ? 328-349

CASP ? 328-349


Questions and Answers
  • 1. 
    328. Which of the following is an example of single sign-on?
    • A. 

      An administrator manages multiple platforms with the same username and hardware token. The same username and token is used across all the platforms.

    • B. 

      Multiple applications have been integrated with a centralized LDAP directory for authentication and authorization. A user has to authenticate each time the user accesses an application.

    • C. 

      A password is synchronized between multiple platforms and the user is required to authenticate with the same password across each platform.

    • D. 

      A web access control infrastructure performs authentication and passes attributes in a HTTP header to multiple applications.

  • 2. 
    329. Company XYZ has just purchased Company ABC through a new acquisition. A business decision has been made to integrate the two company’s networks, application, and several basic services. The initial integration of the two companies has specified the following requirements: Company XYZ requires access to the web intranet, file, print, secure FTP server, and authentication domain resources Company XYZ is being on boarded into Company ABC’s authentication domain Company XYZ is considered partially trusted Company XYZ does not want performance issues when accessing ABC’s systems Which of the following network security solutions will BEST meet the above requirements?
    • A. 

      Place a Company ABC managed firewall in Company XYZ’s hub site; then place Company ABC’s file, print, authentication, and secure FTP servers in a zone off the firewall. Ensure that Company ABC’s business partner firewalls are opened up for web intranet access and other required services.

    • B. 

      Place no restrictions on internal network connectivity between Company XYZ and Company ABC. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, Require Company XYZ to manage the router ACLs, controlling access to Company ABC resources, but with Company ABC approving the change control to the ACLs. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, print, secure FTP server, authentication servers and web intranet access.

    • C. 

      Place no restrictions on internal network connectivity between Company XYZ and Company ABC. Open up Company ABC’s business partner firewall to permit access to Company ABC’s file, print, secure FTP server, authentication servers and web intranet access.

    • D. 

      Place file, print, secure FTP server and authentication domain servers at Company XYZ’s hub site. Open up Company ABC’s business partner firewall to permit access to ABC’s web intranet access and other required services.

  • 3. 
    330. In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO).
    • A. 

      Erase all files on drive

    • B. 

      Install of standard image

    • C. 

      Remove and hold all drives

    • D. 

      Physical destruction

    • E. 

      Drive wipe

  • 4. 
    331. A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE).
    • A. 

      Security of data storage

    • B. 

      The cost of the solution

    • C. 

      System availability

    • D. 

      User authentication strategy

    • E. 

      PBX integration of the service

  • 5. 
    332.  The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients. Which of the following is MOST likely the cause of this problem?
    • A. 

      TCP sessions are traversing one firewall and return traffic is being sent through the secondary firewall and sessions are being dropped.

    • B. 

      TCP and UDP sessions are being balanced across both firewalls and connections are being dropped because the session IDs are not recognized by the secondary firewall.

    • C. 

      Prioritize UDP traffic and associated stateful UDP session information is traversing the passive firewall causing the connections to be dropped.

    • D. 

      The firewall administrator connected a dedicated communication cable between the firewalls in order to share a single state table across the cluster causing the sessions to be dropped.

  • 6. 
    333. Company XYZ is in negotiations to acquire Company ABC for $1.2millon. Due diligence activities have uncovered systemic security issues in the flagship product of Company ABC. It has been established that a complete product rewrite would be needed with average estimates indicating a cost of $1.6millon. Which of the following approaches should the risk manager of Company XYZ recommend?
    • A. 

      Transfer the risk

    • B. 

      Accept the risk

    • C. 

      Mitigate the risk

    • D. 

      Avoid the risk

  • 7. 
    334.  Which of the following are components defined within an Enterprise Security Architecture Framework? (Select THREE).
    • A. 

      Implementation run-sheets

    • B. 

      Solution designs

    • C. 

      Business capabilities

    • D. 

      Solution architectures

    • E. 

      Business requirements documents

    • F. 

      Reference models

    • G. 

      Business cases

    • H. 

      Business vision and drivers

  • 8. 
    335. An audit at a popular on-line shopping site reveals that a flaw in the website allows customers to purchase goods at a discounted rate. To improve security the Chief Information Security Officer (CISO) has requested that the web based shopping cart application undergo testing to validate user input in both free form text fields and drop down boxes. Which of the following is the BEST combination of tools and / or methods to use?
    • A. 

      Blackbox testing and fingerprinting

    • B. 

      Code review and packet analyzer

    • C. 

      Fuzzer and HTTP interceptor

    • D. 

      Enumerator and vulnerability assessment

  • 9. 
    336. An external auditor has found that IT security policies in the organization are not maintained and in some cases are nonexistent. As a result of the audit findings, the CISO has been tasked with the objective of establishing a mechanism to manage the lifecycle of IT security policies. Which of the following can be used to BEST achieve the CISO’s objectives?
    • A. 

      CoBIT

    • B. 

      UCF

    • C. 

      ISO 27002

    • D. 

      EGRC

  • 10. 
    337. In a SPML exchange, which of the following BEST describes the three primary roles?
    • A. 

      The Provisioning Service Target (PST) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the PST requests, and the Provisioning Service Target (PST) performs the provisioning.

    • B. 

      The Provisioning Service Provider (PSP) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the PSP requests, and the Provisioning Service Provider (PSP) performs the provisioning.

    • C. 

      The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Target (PST) responds to the RA requests, and the Provisioning Service Provider (PSP) performs the provisioning.

    • D. 

      The Request Authority (RA) entity makes the provisioning request, the Provisioning Service Provider (PSP) responds to the RA requests, and the Provisioning Service Target (PST) performs the provisioning.

  • 11. 
    339. A Security Administrator has some concerns about the confidentiality of data when using SOAP. Which of the following BEST describes the Security Administrator’s concerns?
    • A. 

      The SOAP header is not encrypted and allows intermediaries to view the header data. The body can be partially or completely encrypted.

    • B. 

      The SOAP protocol supports weak hashing of header information. As a result the header and body can easily be deciphered by brute force tools.

    • C. 

      The SOAP protocol can be easily tampered with, even though the header is encrypted.

    • D. 

      The SOAP protocol does not support body or header encryption which allows assertions to be viewed in clear text by intermediaries.

  • 12. 
    340. Which of the following protocols only facilitates access control?
    • A. 

      XACML

    • B. 

      Kerberos

    • C. 

      SPML

    • D. 

      SAML

  • 13. 
    341.  Company ABC will test connecting networks with Company XYZ as part of their upcoming merger and are both concerned with minimizing security exposures to each others network throughout the test. Which of the following is the FIRST thing both sides should do prior to connecting the networks?
    • A. 

      Create a DMZ to isolate the two companies and provide a security inspection point for all intercompany network traffic.

    • B. 

      Determine the necessary data flows between the two companies.

    • C. 

      Implement a firewall that restricts everything except the IPSec VPN traffic connecting the two companies.

    • D. 

      Implement inline NIPS on the connection points between the two companies.

  • 14. 
    342.  -- Exhibit – -- Exhibit -- Company management has indicated that instant messengers (IM) add to employee productivity. Management would like to implement an IM solution, but does not have a budget for the project. The security engineer creates a feature matrix to help decide the most secure product. Click on the Exhibit button. Which of the following would the security engineer MOST likely recommend based on the table?
    • A. 

      Product A

    • B. 

      Product B

    • C. 

      Product C

    • D. 

      Product D

  • 15. 
    343. An administrator attempts to install the package "named.9.3.6-12-x86_64.rpm" on a server. Even though the package was downloaded from the official repository, the server states the package cannot be installed because no GPG key is found. Which of the following should the administrator perform to allow the program to be installed?
    • A. 

      Download the file from the program publisher's website.

    • B. 

      Generate RSA and DSA keys using GPG.

    • C. 

      Import the repository's public key.

    • D. 

      Run sha1sum and verify the hash.

  • 16. 
    344. Two storage administrators are discussing which SAN configurations will offer the MOST confidentiality. Which of the following configurations would the administrators use? (Select TWO).
    • A. 

      Deduplication

    • B. 

      Zoning

    • C. 

      Snapshots

    • D. 

      Multipathing

    • E. 

      LUN masking

  • 17. 
    345. When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard. Which of the following BEST describes why this is necessary?
    • A. 

      The user needs a non-repudiation data source in order for the application to generate the key pair.

    • B. 

      The user is providing entropy so the application can use random data to create the key pair.

    • C. 

      The user is providing a diffusion point to the application to aid in creating the key pair.

    • D. 

      The application is requesting perfect forward secrecy from the user in order to create the key pair.

  • 18. 
    347. A medium-sized company has recently launched an online product catalog. It has decided to keep the credit card purchasing in-house as a secondary potential income stream has been identified in relation to sales leads. The company has decided to undertake a PCI assessment in order to determine the amount of effort required to meet the business objectives. Which compliance category would this task be part of?
    • A. 

      Government regulation

    • B. 

      Industry standard

    • C. 

      Company guideline

    • D. 

      Company policy

  • 19. 
    348. Company XYZ recently acquired a manufacturing plant from Company ABC which uses a different manufacturing ICS platform. Company XYZ has strict ICS security regulations while Company ABC does not. Which of the following approaches would the network security administrator for Company XYZ MOST likely proceed with to integrate the new manufacturing plant?
    • A. 

      Conduct a network vulnerability assessment of acquired plant ICS platform and correct all identified flaws during integration.

    • B. 

      Convert the acquired plant ICS platform to the Company XYZ standard ICS platform solely to eliminate potential regulatory conflicts.

    • C. 

      Conduct a risk assessment of the acquired plant ICS platform and implement any necessary or required controls during integration.

    • D. 

      Require Company ABC to bring their ICS platform into regulatory compliance prior to integrating the new plant into Company XYZ’s network.

  • 20. 
    349.  An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendor’s RFP responses is in-line with the security and other requirements. Which of the following should the security administrator do to ensure the firewall platform is appropriate for the Association?
    • A. 

      Correlate current industry research with the RFP responses to ensure validity.

    • B. 

      Create a lab environment to evaluate each of the three firewall platforms.

    • C. 

      Benchmark each firewall platform’s capabilities and experiences with similar sized companies.

    • D. 

      Develop criteria and rate each firewall platform based on information in the RFP responses.