CompTIA Advanced Security Practitioner (CASP) (CAS-002) Free Practice Test

Question 1

Joe, a penetration tester, is tasked with testing the security robustness of the protocol between a mobile web application and a RESTful application server. Which of the following security tools would be required to assess the security between the mobile web application and the RESTful application server? (Select TWO).

A. Password cracker

B. HTTP interceptor

C. Jailbroken mobile device

D. Network enumerator

E. Reconnaissance tools

F. Vulnerability scanner

Correct Answer: B,F

Question 2

A company has implemented data retention policies and storage quotas in response to their legal department's requests and the SAN administrator's recommendation. The retention policy states all email data older than 90 days should be eliminated. As there are no technical controls in place, users have been instructed to stick to a storage quota of
500Mb of network storage and 200Mb of email storage. After being presented with an e- discovery request from an opposing legal council, the security administrator discovers that the user in the suit has 1Tb of files and 300Mb of email spanning over two years. Which of the following should the security administrator provide to opposing council?

A. Provide the 1Tb of files on the network and the 300Mb of email files regardless of age.

B. Provide the first 200Mb of e-mail and the first 500Mb of files as per policy.

C. Delete email over the policy threshold and hand over the remaining emails and all of the files.

D. Delete files and email exceeding policy thresholds and turn over the remaining files and email.

Correct Answer: A

Question 3

A software development manager is taking over an existing software development project.
The team currently suffers from poor communication due to a long delay between requirements documentation and feature delivery. This gap is resulting in an above average number of security-related bugs making it into production. Which of the following development methodologies is the team MOST likely using now?

A. Waterfall

B. Agile

C. Scrum

D. Spiral

Correct Answer: A

Question 4

A medium-sized company has recently launched an online product catalog. It has decided to keep the credit card purchasing in-house as a secondary potential income stream has been identified in relation to sales leads. The company has decided to undertake a PCI assessment in order to determine the amount of effort required to meet the business objectives. Which compliance category would this task be part of?

A. Government regulation

B. Company guideline

C. Company policy

D. Industry standard

Correct Answer: D

Question 5

A security administrator notices a recent increase in workstations becoming compromised by malware. Often, the malware is delivered via drive-by downloads, from malware hosting websites, and is not being detected by the corporate antivirus. Which of the following solutions would provide the BEST protection for the company?

A. Deploy a cloud-based content filter and enable the appropriate category to prevent further infections.

B. Deploy a WAF to inspect and block all web traffic which may contain malware and exploits.

C. Deploy a web based gateway antivirus server to intercept viruses before they enter the network.

D. Increase the frequency of antivirus downloads and install updates to all workstations.

Correct Answer: A

Question 6

A company that must comply with regulations is searching for a laptop encryption product to use for its 40,000 end points. The product must meet regulations but also be flexible enough to minimize overhead and support in regards to password resets and lockouts.
Which of the following implementations would BEST meet the needs?

A. A partition-based software encryption product with a low-level boot protection and authentication

B. A file-based encryption product using profiles to target areas on the file system to encrypt

C. A full-disk hardware-based encryption product with a low-level boot protection and authentication

D. A container-based encryption product that allows the end users to select which files to encrypt

Correct Answer: B

Question 7

An application present on the majority of an organization's 1,000 systems is vulnerable to a buffer overflow attack. Which of the following is the MOST comprehensive way to resolve the issue?

A. Deploy custom NIPS signatures to detect and block the attacks.

B. Run the application in terminal services to reduce the threat landscape.

C. Validate and deploy the appropriate patch.

D. Deploy custom HIPS signatures to detect and block the attacks.

Correct Answer: C

Question 8

-- Exhibit --

-- Exhibit --
Company management has indicated that instant messengers (IM) add to employee productivity. Management would like to implement an IM solution, but does not have a budget for the project. The security engineer creates a feature matrix to help decide the most secure product. Click on the Exhibit button.
Which of the following would the security engineer MOST likely recommend based on the table?

A. Product C

B. Product D

C. Product A

D. Product B

Correct Answer: A

Question 9

The security administrator at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years. The security administrator is only able to find one year's worth of email records on the server and is now concerned about the possible legal implications of not complying with the request. Which of the following should the security administrator check BEFORE responding to the request?

A. The company data retention policies and guidelines

B. The company data privacy policies

C. The company backup logs and archives

D. The company data retention procedures

Correct Answer: C

Question 10

An organization has had six security incidents over the past year against their main web application. Each time the organization was able to determine the cause of the incident and restore operations within a few hours to a few days. Which of the following provides the MOST comprehensive method for reducing the time to recover?

A. Conduct a loss analysis to determine which systems to focus time and money towards increasing security.

B. Develop an incident response team, require training for incident remediation, and provide incident reporting and tracking metrics.

C. Create security metrics that provide information on response times and requirements to determine the best place to focus time and money.

D. Implement a knowledge management process accessible to the help desk and finance departments to estimate cost and prioritize remediation.

Correct Answer: B

Question 11

Which of the following BEST explains SAML?

A. A security verification model built on SSO and SSL-based services, which allows for the exchange of PKI data between users and supports XACML.

B. A security model built on the transfer of assertions over XML and SOAP-based protocols, which allows for seamless SSO and the open exchange of data.

C. A security attestation model built on XML and SOAP-based services, which allows for the exchange of A&A data between systems and supports Federated Identity Management.

D. An XML and SOAP-based protocol, which enables the use of PKI for code signing and SSO by using SSL and SSH to establish a trust model.

Correct Answer: C

Question 12

A small customer focused bank with implemented least privilege principles, is concerned about the possibility of branch staff unintentionally aiding fraud in their day to day interactions with customers. Bank staff has been encouraged to build friendships with customers to make the banking experience feel more personal. The security and risk team have decided that a policy needs to be implemented across all branches to address the risk. Which of the following BEST addresses the security and risk team's concerns?

A. Information disclosure policy

B. Job rotation

C. Awareness training

D. Separation of duties

Correct Answer: C

Question 13

A large organization has gone through several mergers, acquisitions, and de-mergers over the past decade. As a result, the internal networks have been integrated but have complex dependencies and interactions between systems. Better integration is needed in order to simplify the underlying complexity. Which of the following is the MOST suitable integration platform to provide event-driven and standards-based secure software architecture?

A. Service oriented architecture (SOA)

B. Enterprise service bus (ESB)

C. Federated identities

D. Object request broker (ORB)

Correct Answer: B

Question 14

Three companies want to allow their employees to seamlessly connect to each other's wireless corporate networks while keeping one consistent wireless client configuration.
Each company wants to maintain its own authentication infrastructure and wants to ensure that an employee who is visiting the other two companies is authenticated by the home office when connecting to the other companies' wireless network. All three companies have agreed to standardize on 802.1x EAP-PEAP-MSCHAPv2 for client configuration. Which of the following should the three companies implement?

A. The three companies should agree on a single SSID and configure a hierarchical RADIUS system which implements trust delegation.

B. The three companies should implement a central portal-based single sign-on and agree to use the same CA when issuing client certificates.

C. All three companies should use the same wireless vendor to facilitate the use of a shared cloud based wireless controller.

D. The three companies should implement federated authentication through Shibboleth connected to an LDAP backend and agree on a single SSID.

Correct Answer: A

Welcome to TestSimulate

CompTIA Advanced Security Practitioner (CASP) (CAS-002) Free Practice Test