Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CASP > CASP Quiz 1 > Flashcards

CASP Quiz 1 Flashcards

1
Q

Which of the following is true about an unauthenticated SAMLv2 transaction?

A. The browser asks the SP for a resource. The SP provides the browser with an XHTML format. The browser asks the IdP to validate the user, and then provides the XHTML back to the SP for access.
B. The browser asks the IdP for a resource. The IdP provides the browser with an XHTML format. The browser asks the SP to validate the user, and then provides the XHTML to the IdP for access.
C. The browser asks the IdP to validate the user. The IdP sends an XHTML form to the SP and a cookie to the browser. The browser asks for a resource to the SP, which verifies the cookie and XHTML format for access.
D. The browser asks the SP to validate the user. The SP sends an XHTML form to the IdP. The IdP provides the XHTML form back to the SP, and then the browser asks the SP for a resource.

A

A. The browser asks the SP for a resource. The SP provides the browser with an XHTML format. The browser asks the IdP to validate the user, and then provides the XHTML back to the SP for access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A security audit has uncovered that some of the encryption keys used to secure the company B2B financial transactions with its partners may be too weak. The security administrator needs to implement a process to ensure that financial transactions will not be compromised if a weak encryption key is found. Which of the following should the security administrator implement?

A. Entropy should be enabled on all SSLv2 transactions.
B. AES256-CBC should be implemented for all encrypted data.
C. PFS should be implemented on all VPN tunnels.
D. PFS should be implemented on all SSH connections.

A

C. PFS should be implemented on all VPN tunnels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An administrator notices the following file in the Linux server’s /tmp directory.

-rwsr-xr-x. 4 root root 234223 Jun 6 22:52 bash*

Which of the following should be done to prevent further attacks of this nature?

A. Never mount the /tmp directory over NFS
B. Stop the rpcidmapd service from running
C. Mount all tmp directories nosuid, noexec
D. Restrict access to the /tmp directory

A

C. Mount all tmp directories nosuid, noexec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A company is planning to deploy an in-house Security Operations Center (SOC). One of the new requirements is to deploy a NIPS solution into the Internet facing environment. The SOC highlighted the following requirements: Perform fingerprinting on unfiltered inbound traffic to the company Monitor all inbound and outbound traffic to the DMZ’s. In which of the following places should the NIPS be placed in the network?

A. In front of the Internet firewall and in front of the DMZs
B. In front of the Internet firewall and in front of the internal firewall
C. In front of the Internet firewall and behind the internal firewall
D. Behind the Internet firewall and in front of the DMZs

A

A. In front of the Internet firewall and in front of the DMZs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An administrator is troubleshooting availability issues on a FCoE based storage array that uses deduplication. An administrator has access to the raw data from the SAN and wants to restore the data to different hardware. Which of the following issues may potentially occur?

A. The existing SAN may be read-only.
B. The existing SAN used LUN masking.
C. The new SAN is not FCoE based.
D. The data may not be in a usable format.

A

D. The data may not be in a usable format.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

During user acceptance testing, the security administrator believes to have discovered an issue in the login prompt of the company’s financial system. While entering the username and password, the program crashed and displayed the system command prompt. The security administrator believes that one of the fields may have been mistyped and wants to reproduce the issue to report it to the software developers. Which of the following should the administrator use to reproduce the issue?

A. The administrator should enter a username and use an offline password cracker in brute force mode.
B. The administrator should use a network analyzer to determine which packet caused the system to crash.
C. The administrator should extract the password file and run an online password cracker in brute force mode against the password file.
D. The administrator should run an online fuzzer against the login screen.

A

D. The administrator should run an online fuzzer against the login screen.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

There have been some failures of the company’s customer-facing website. A security engineer has analyzed the root cause to be the WAF. System logs show that the WAF has been down for 14 total hours over the past month in four separate situations. One of these situations was a two hour scheduled maintenance activity aimed to improve the stability of the WAF. Which of the following is the MTTR, based on the last month’s performance figures?

A. 3 hours
B. 3.5 hours
C. 4 hours
D. 4.666 hours

A

C. 4 hours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CASP (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions