CASP ? 328-349

1. 335. An audit at a popular on-line shopping site reveals that a flaw in the website allows customers to purchase goods at a discounted rate. To improve security the Chief Information Security Officer (CISO) has requested that the web based shopping cart application undergo testing to validate user input in both free form text fields and drop down boxes. Which of the following is the BEST combination of tools and / or methods to use?

Blackbox testing and fingerprinting

Code review and packet analyzer

Fuzzer and HTTP interceptor

Enumerator and vulnerability assessment

2. 342. -- Exhibit – -- Exhibit -- Company management has indicated that instant messengers (IM) add to employee productivity. Management would like to implement an IM solution, but does not have a budget for the project. The security engineer creates a feature matrix to help decide the most secure product. Click on the Exhibit button. Which of the following would the security engineer MOST likely recommend based on the table?

Product A

Product B

Product C

Product D

3. 345. When generating a new key pair, a security application asks the user to move the mouse and type random characters on the keyboard. Which of the following BEST describes why this is necessary?

The user needs a non-repudiation data source in order for the application to generate the keypair.

The user is providing entropy so the application can use random data to create the key pair.

The user is providing a diffusion point to the application to aid in creating the key pair.

The application is requesting perfect forward secrecy from the user in order to create the keypair.

4. 332. The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients. Which of the following is MOST likely the cause of this problem?

TCP sessions are traversing one firewall and return traffic is being sent through the secondaryfirewall and sessions are being dropped.

Prioritize UDP traffic and associated stateful UDP session information is traversing the passivefirewall causing the connections to be dropped.

5. 330. In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO).

Erase all files on drive

Install of standard image

Remove and hold all drives

Physical destruction

Drive wipe

Submit

6. 347. A medium-sized company has recently launched an online product catalog. It has decided to keep the credit card purchasing in-house as a secondary potential income stream has been identified in relation to sales leads. The company has decided to undertake a PCI assessment in order to determine the amount of effort required to meet the business objectives. Which compliance category would this task be part of?

Government regulation

Industry standard

Company guideline

Company policy

7. 340. Which of the following protocols only facilitates access control?

XACML

Kerberos

SPML

SAML

8. 349. An Association is preparing to upgrade their firewalls at five locations around the United States. Each of the three vendor's RFP responses is in-line with the security and other requirements. Which of the following should the security administrator do to ensure the firewall platform is appropriate for the Association?

Correlate current industry research with the RFP responses to ensure validity.

Create a lab environment to evaluate each of the three firewall platforms.

Benchmark each firewall platform’s capabilities and experiences with similar sized companies.

Develop criteria and rate each firewall platform based on information in the RFP responses.

9. 336. An external auditor has found that IT security policies in the organization are not maintained and in some cases are nonexistent. As a result of the audit findings, the CISO has been tasked with the objective of establishing a mechanism to manage the lifecycle of IT security policies. Which of the following can be used to BEST achieve the CISO's objectives?

CoBIT

UCF

ISO 27002

EGRC

10. 339. A Security Administrator has some concerns about the confidentiality of data when using SOAP. Which of the following BEST describes the Security Administrator's concerns?

The SOAP protocol can be easily tampered with, even though the header is encrypted.

The SOAP protocol does not support body or header encryption which allows assertions to beviewed in clear text by intermediaries.

11. 328. Which of the following is an example of single sign-on?

A password is synchronized between multiple platforms and the user is required to authenticatewith the same password across each platform.

A web access control infrastructure performs authentication and passes attributes in a HTTPheader to multiple applications.

12. 348. Company XYZ recently acquired a manufacturing plant from Company ABC which uses a different manufacturing ICS platform. Company XYZ has strict ICS security regulations while Company ABC does not. Which of the following approaches would the network security administrator for Company XYZ MOST likely proceed with to integrate the new manufacturing plant?

Conduct a network vulnerability assessment of acquired plant ICS platform and correct allidentified flaws during integration.

Convert the acquired plant ICS platform to the Company XYZ standard ICS platform solely toeliminate potential regulatory conflicts.

Conduct a risk assessment of the acquired plant ICS platform and implement any necessary orrequired controls during integration.

Require Company ABC to bring their ICS platform into regulatory compliance prior tointegrating the new plant into Company XYZ’s network.

13. 329. Company XYZ has just purchased Company ABC through a new acquisition. A business decision has been made to integrate the two company's networks, application, and several basic services. The initial integration of the two companies has specified the following requirements: Company XYZ requires access to the web intranet, file, print, secure FTP server, and authentication domain resources Company XYZ is being on boarded into Company ABC's authentication domain Company XYZ is considered partially trusted Company XYZ does not want performance issues when accessing ABC's systems Which of the following network security solutions will BEST meet the above requirements?

14. 341. Company ABC will test connecting networks with Company XYZ as part of their upcoming merger and are both concerned with minimizing security exposures to each others network throughout the test. Which of the following is the FIRST thing both sides should do prior to connecting the networks?

Create a DMZ to isolate the two companies and provide a security inspection point for all intercompanynetwork traffic.

Determine the necessary data flows between the two companies.

Implement a firewall that restricts everything except the IPSec VPN traffic connecting the twocompanies.

Implement inline NIPS on the connection points between the two companies.

15. 333. Company XYZ is in negotiations to acquire Company ABC for $1.2millon. Due diligence activities have uncovered systemic security issues in the flagship product of Company ABC. It has been established that a complete product rewrite would be needed with average estimates indicating a cost of $1.6millon. Which of the following approaches should the risk manager of Company XYZ recommend?

Transfer the risk

Accept the risk

Mitigate the risk

Avoid the risk

16. 331. A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE).

Security of data storage

The cost of the solution

System availability

User authentication strategy

PBX integration of the service

Submit

17. 343. An administrator attempts to install the package "named.9.3.6-12-x86_64.rpm" on a server. Even though the package was downloaded from the official repository, the server states the package cannot be installed because no GPG key is found. Which of the following should the administrator perform to allow the program to be installed?

Download the file from the program publisher's website.

Generate RSA and DSA keys using GPG.

Import the repository's public key.

Run sha1sum and verify the hash.

18. 337. In a SPML exchange, which of the following BEST describes the three primary roles?

19. 344. Two storage administrators are discussing which SAN configurations will offer the MOST confidentiality. Which of the following configurations would the administrators use? (Select TWO).

Deduplication

Zoning

Snapshots

Multipathing

LUN masking