This CASP quiz assesses knowledge in managing diverse IT environments, securing IP cameras, single sign-on processes, and firewall management for different departments. It is crucial for professionals aiming to validate their advanced-level security skills and preparedness for complex scenarios.
Create an IP camera network and deploy NIPS to prevent unauthorized access.
Create an IP camera network and only allow SSL access to the cameras.
Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras.
Create an IP camera network and restrict access to cameras from a single management host.
Rate this question:
Correctly assert the identity and authorization credentials of the end user.
Correctly assert the authentication and authorization credentials of the end user.
Protect the authentication credentials used to verify the end user identity to the secondary domain for unauthorized use.
Protect the authentication credentials used to verify the end user identity to the secondary domain for authorized use.
Protect the accounting credentials used to verify the end user identity to the secondary domain for unauthorized use.
Correctly assert the identity and authentication credentials of the end user.
Rate this question:
Put both departments behind the firewall and assign administrative control for each department to the corporate firewall.
Provide each department with a virtual firewall and assign administrative control to the physical firewall.
Put both departments behind the firewall and incorporate restrictive controls on each department’s network.
Provide each department with a virtual firewall and assign appropriate levels of management for the virtual device.
Rate this question:
Provide targeted security awareness training and impose termination for repeat violators.
Block desktop sharing and web conferencing applications and enable use only with approval.
Actively monitor the data traffic for each employee using desktop sharing or web conferencing applications.
Permanently block desktop sharing and web conferencing applications and do not allow its use at the company.
Rate this question:
Generate a new public key on both servers.
Replace the SSL certificate on dev1.xyz.com.
Generate a new private key password for both servers.
Replace the SSL certificate on pay.xyz.com.
Rate this question:
Deploy the following ACL to the HIPS: DENY - TCP - ANY - ANY – 445.
Run a TCP 445 port scan across the organization and patch hosts with open ports.
Add the following ACL to the corporate firewall: DENY - TCP - ANY - ANY - 445.
Force a signature update and full system scan from the enterprise anti-virus solution.
Rate this question:
Modify the company standard to account for higher security and meet with upper management for approval to implement the new standard.
Conduct a gap analysis and recommend appropriate non-technical mitigating controls, and incorporate the new controls into the standard.
Conduct a risk analysis on all current controls, and recommend appropriate mechanisms to increase overall security.
Modify the company policy to account for higher security, adapt the standard accordingly, and implement new technical controls.
Rate this question:
1
2
3
5
Rate this question:
Man in the middle attack; install an IPS in front of SIP proxy.
Man in the middle attack; use 802.1x to secure voice VLAN.
Denial of Service; switch to more secure H.323 protocol.
Denial of Service; use rate limiting to limit traffic.
Grey box testing performed by a major external consulting firm who have signed a NDA.
Black box testing performed by a major external consulting firm who have signed a NDA.
White box testing performed by the development and security assurance teams.
Grey box testing performed by the development and security assurance teams.
Rate this question:
Strategic architecture will be adversely impacted through the segregation of duties between the providers. Vendor management costs will remain unchanged. The risk position of the organization will decline as specialists now maintain the environment. The implementation of security controls and security updates will improve. Internal knowledge of IT systems will improve as providers maintain system documentation.
Strategic architecture will improve as more time can be dedicated to strategy. System stability will improve as providers use specialists and tested processes to maintain systems. Vendor management costs will increase and the organization’s flexibility to react to new market conditions will be reduced slightly. Internal knowledge of IT systems will improve as providers maintain system documentation. The risk position of the organization will remain unchanged.
Strategic architecture will not be impacted in the short term, but will be adversely impacted in the long term through the segregation of duties between the providers. Vendor management costs will stay the same and the organization’s flexibility to react to new market conditions will be improved through best of breed technology implementations. Internal knowledge of IT systems will decline over time. The implementation of security controls and security updates will not change.
Strategic architecture will be adversely impacted through the segregation of duties between the providers. Vendor management costs will increase and the organization’s flexibility to react to new market conditions will be reduced. Internal knowledge of IT systems will decline and decrease future platform development. The implementation of security controls and security updates will take longer as responsibility crosses multiple boundaries.
Rate this question:
Information disclosure policy
Awareness training
Job rotation
Option 4
Rate this question:
The hosting company should install a hypervisor-based firewall and allow customers to manage this on an as-needed basis.
The hosting company should manage the hypervisor-based firewall; while allowing customers to configure their own host-based firewall.
Customers should purchase physical firewalls to protect their guest hosts and have the hosting company manage these if requested.
The hosting company should install a host-based firewall on customer guest hosts and offer to administer host firewalls for customers if requested.
Rate this question:
Switch to TLS in the DMZ. Implement NIPS on the internal network, and HIPS on the DMZ.
Switch IPSec to tunnel mode. Implement HIPS on the internal network, and NIPS on the DMZ.
Disable AH. Enable ESP on the internal network, and use NIPS on both networks.
Enable ESP on the internal network, and place NIPS on both networks.
Rate this question:
2 and 1
3 and 5
5 and 2
6 and 4
Rate this question:
A T&M contract
An RFP
A FFP agreement
A new RFQ
Rate this question:
X.509 subject name
PTR DNS record
EV certificate OID extension
Kerberos principal name
WWN record name
Rate this question:
Remove acquired companies Internet access.
Federate identity management systems.
Install firewalls between the businesses.
Re-image all end user computers to a standard image.
Develop interconnection policy.
Conduct a risk analysis of each acquired company’s networks.
Rate this question:
Establish an emergency response call tree.
Create an inventory of applications.
Backup the router and firewall configurations.
Maintain a list of critical systems.
Update all network diagrams.
Rate this question:
DDoS, DNS poisoning, Boink, Teardrop
Reflective XSS, HTTP exhaustion, Teardrop
SQL Injection, DOM based XSS, HTTP exhaustion
SQL Injection, CSRF, Clickjacking
Rate this question:
Internal auditors have approved the outsourcing arrangement.
Penetration testing can be performed on the externally facing web system.
Ensure there are security controls within the contract and the right to audit.
A physical site audit is performed on Company XYZ’s management / operation.
Rate this question:
From the server, establish an SSH tunnel to the Mac and VPN to 192.168.10.200.
From the Mac, establish a remote desktop connection to 192.168.10.10 using Network Layer Authentication and the CredSSP security provider.
From the Mac, establish a VPN to the Linux server and connect the VNC to 127.0.0.1.
From the Mac, establish a SSH tunnel to the Linux server and connect the VNC to 127.0.0.1.
Rate this question:
Restore the CIO's email from an email server backup and provide the last 90 days from the date of the subpoena request.
Inform the litigators that the CIOs information has been deleted as per corporate policy.
Restore the CIO's email from an email server backup and provide the last 90 days from the date of the CIO resignation.
Restore the CIO's email from an email server backup and provide whatever is available up to the last 12 months from the subpoena date.
Rate this question:
PKI based authorization
Transport encryption
Data at rest encryption
Code signing
Rate this question:
The administrator has a PERL script running which disrupts the NIC by restarting the CRON process every 65 seconds.
The Java developers accounted for network latency only for the read portion of the processing and not the write process.
The virtual file system on the SAN is experiencing a race condition between the reads and writes of network files.
The Linux file system in use cannot write files as fast as they can be read by the Java program resulting in the errors.
Rate this question:
Attestation
PKI
Biometrics
Federated IDs
Rate this question:
Device fingerprinting
Switchport analyzer
Grey box testing
Penetration testing
Rate this question:
The system shall use a pseudo-random number generator seeded the same every time.
The system shall generate a pseudo-random number upon invocation by the existing Java program.
The system shall generate a truly random number based upon user PKI certificates.
The system shall implement a pseudo-random number generator for use by corporate customers.
Rate this question:
Ensure the process functions in a secure manner from customer input to audit review.
Security solutions result in zero additional processing latency.
Ensure the process of storing audit records is in compliance with applicable laws.
Web transactions are conducted in a secure network channel.
Rate this question:
Construct a library of re-usable security patterns
Construct a security control library
Introduce an ESA framework
Include SRTM in the SDLC
Rate this question:
Notify the transaction system vendor of the security vulnerability that was discovered.
Use a protocol analyzer to reverse engineer the transaction system’s protocol.
Contact the computer science students and threaten disciplinary action if they continue their actions.
Install a NIDS in front of all the transaction system terminals.
Rate this question:
Quiz Review Timeline (Updated): Mar 21, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.