Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CASP+ > casp3 > Flashcards

casp3 Flashcards

1
Q
  1. A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.
    Which of the following scan types will provide the systems administrator with the MOST accurate information?
    A. A passive, credentialed scan
    B. A passive, non-credentialed scan
    C. An active, non-credentialed scan
    D. An active, credentialed scan
A

A. A passive, credentialed scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. A pharmaceutical company recently experienced a security breach within its customer-facing web portal. The attackers performed a SQL injection attack and exported tables from the company’s managed database, exposing customer information.
    The company hosts the application with a CSP utilizing the IaaS model. Which of the following parties is ultimately responsible for the breach?
    A. The pharmaceutical company
    B. The cloud software provider
    C. The web portal software vendor
    D. The database software vendor
A

A. The pharmaceutical company

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. A host on a company’s network has been infected by a worm that appears to be spreading via SMB. A security analyst has been tasked with containing the incident while also maintaining evidence for a subsequent investigation and malware analysis.
    Which of the following steps would be best to perform FIRST?
    A. Turn off the infected host immediately.
    B. Run a full anti-malware scan on the infected host.
    C. Modify the smb.conf file of the host to prevent outgoing SMB connections.
    D. Isolate the infected host from the network by removing all network connections.
A

D. Isolate the infected host from the network by removing all network connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Which of the following represents the MOST significant benefit of implementing a passwordless authentication solution?
    A. Biometric authenticators are immutable.
    B. The likelihood of account compromise is reduced.
    C. Zero trust is achieved.
    D. Privacy risks are minimized
A

B. The likelihood of account compromise is reduced.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. As part of the customer registration process to access a new bank account, customers are required to upload a number of documents, including their passports and driver’s licenses. The process also requires customers to take a current photo of themselves to be compared against provided documentation.
    Which of the following BEST describes this process?
    A. Deepfake
    B. Know your customer
    C. Identity proofing
    D. Passwordless
A

C. Identity proofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. A user from the sales department opened a suspicious file attachment. The sales department then contacted the
    SOC to investigate a number of unresponsive systems, and the team successfully identified the file and the origin of the attack.
    Which of the following is the NEXT step of the incident response plan?
    A. Remediation
    B. Containment
    C. Response
    D. Recovery
A

B. Containment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. An organization is developing a disaster recovery plan that requires data to be backed up and available at a moment’s notice.
    Which of the following should the organization consider FIRST to address this requirement?
    A. Implement a change management plan to ensure systems are using the appropriate versions.
    B. Hire additional on-call staff to be deployed if an event occurs.
    C. Design an appropriate warm site for business continuity.
    D. Identify critical business processes and determine associated software and hardware requirements.
A

A. Implement a change management plan to ensure systems are using the appropriate versions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. A Chief Information Officer (CIO) wants to implement a cloud solution that will satisfy the following requirements: Support all phases of the SDLC.
    Use tailored website portal software.
    Allow the company to build and use its own gateway software. Utilize its own data management platform.
    Continue using agent-based security tools.
    Which of the following cloud-computing models should the CIO implement?
    A. SaaS
    B. PaaS
    C. MaaS
    D. IaaS
A

D. IaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. A security analyst detected a malicious PowerShell attack on a single server. The malware used the Invoke- Expression function to execute an external malicious script. The security analyst scanned the disk with an antivirus application and did not find any IOCs. The security analyst now needs to deploy a protection solution against this type of malware.
    Which of the following BEST describes the type of malware the solution should protect against?
    A. Worm
    B. Logic bomb
    C. Fileless
    D. Rootkit
A

B. Logic bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. A development team created a mobile application that contacts a company’s back-end APIs housed in a PaaS environment. The APIs have been experiencing high processor utilization due to scraping activities. The security engineer needs to recommend a solution that will prevent and remedy the behavior.

Which of the following would BEST safeguard the APIs? (Choose two.)
A. Bot protection
B. OAuth 2.0
C. Input validation
D. Autoscaling endpoints
E. Rate limiting
F. CSRF protection

A

D. Autoscaling endpoints
E. Rate limiting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. An organization’s existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently, the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.
    Which of the following designs would be BEST for the CISO to use?
    A. Adding a second redundant layer of alternate vendor VPN concentrators

B. Using Base64 encoding within the existing site-to-site VPN connections
C. Distributing security resources across VPN sites
D. Implementing IDS services with each VPN concentrator
E. Transitioning to a container-based architecture for site-based services

A

A. Adding a second redundant layer of alternate vendor VPN concentrators

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents. Which of the following BEST describes this kind of risk response?
    A. Risk rejection
    B. Risk mitigation
    C. Risk transference
    D. Risk avoidance
A

C. Risk transference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. A security consultant needs to set up wireless security for a small office that does not have Active Directory. Despite the lack of central account management, the office manager wants to ensure a high level of defense to prevent brute-force attacks against wireless authentication.
    Which of the following technologies would BEST meet this need?
    A. Faraday cage
    B. WPA2 PSK
    C. WPA3 SAE
    D. WEP 128 bit
A

C. WPA3 SAE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.
    Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?
    A. NAC to control authorized endpoints
    B. FIM on the servers storing the data

C. A jump box in the screened subnet
D. A general VPN solution to the primary network

A

A. NAC to control authorized endpoints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. A networking team was asked to provide secure remote access to all company employees. The team decided to use client-to-site VPN as a solution. During a discussion, the Chief Information Security Officer raised a security concern and asked the networking team to route the Internet traffic of remote users through the main office infrastructure. Doing this would prevent remote users from accessing the Internet through their local networks while connected to the VPN.
    Which of the following solutions does this describe?
    A. Full tunneling
    B. Asymmetric routing
    C. SSH tunneling
    D. Split tunneling
A

A. Full tunneling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Company A acquired Company В. During an audit, a security engineer found Company B’s environment was inadequately patched. In response, Company A placed a firewall between the two environments until Company B’s infrastructure could be integrated into Company A’s security program.
    Which of the following risk-handling techniques was used?
    A. Accept
    B. Avoid
    C. Transfer
    D. Mitigate
A

D. Mitigate

17
Q
  1. A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence.
    Which of the following offers an authoritative decision about whether the evidence was obtained legally?
    A. Lawyers
    B. Court
    C. Upper management team
    D. Police
A

B. Court

18
Q
  1. Technicians have determined that the current server hardware is outdated, so they have decided to throw it out. Prior to disposal, which of the following is the BEST method to use to ensure no data remnants can be recovered?
    A. Drive wiping
    B. Degaussing
    C. Purging
    D. Physical destruction
A

D. Physical destruction

19
Q
  1. Which of the following protocols is a low power, low data rate that allows for the creation of PAN networks?
    A. Zigbee
    B. CAN
    C. DNP3
    D. Modbus
A

A. Zigbee

20
Q
  1. While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
    Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?
    A. Pay the ransom within 48 hours
    B. Isolate the servers to prevent the spread
    C. Notify law enforcement.
    D. Request that the affected servers be restored immediately.
A

B. Isolate the servers to prevent the spread

CASP+ (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions