Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CASP+ > casp6 > Flashcards

casp6 Flashcards

1
Q
  1. An organization wants to perform a scan of all its systems against best practice security configurations. Which of the following SCAP standards, when combined, will enable the organization to view each of the configuration checks in a machine-readable checklist format for fill automation? (Choose two.)
    A. ARF
    B. XCCDF
    C. CPE
    D. CVE

E. CVSS
F. OVAL

A

B. XCCDF
F. OVAL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. A company’s SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign.
    Which of the following should the company use to make this determination?
    A. Threat hunting
    B. A system penetration test
    C. Log analysis within the SIEM tool
    D. The Cyber Kill Chain
A

B. A system penetration test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. A security architect is implementing a web application that uses a database back end. Prior to production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put onto place to prevent these attacks. Which of the following sources could the architect consult to address this security concern?
    A. SDLC
    B. OVAL
    C. IEEE
    D. OWASP
A

B. OVAL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. A security engineer was auditing an organization’s current software development practice and discovered that multiple open-source libraries were integrated into the organization’s software. The organization currently performs SAST and DAST on the software it develops.
    Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?
    A. Perform additional SAST/DAST on the open-source libraries
    B. Implement the SDLC security guidelines
    C. Track the library versions and monitor the CVE website for related vulnerabilities
    D. Perform unit testing of the open-source libraries
A

C. Track the library versions and monitor the CVE website for related vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. The company has decided to purchase a license for software that is used to operate a mission-critical process. The third-party developer is new to the industry but is delivering what the company needs at this time.
    Which of the following BEST describes the reason why utilizing a source code escrow will reduce the operational risk to the company if the third-party stops supporting the software?
    A. The company will have access to the latest version to continue development.
    B. The company will be able to force the third-party to continue support
    C. The company will be able to manage third-party developer’s development process
    D. The company will be paid by the third-party developer to hire a new development team.
A

A. The company will have access to the latest version to continue development.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. A developer wants to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users.
    Which of the following would be BEST for the developer to perform? (Choose two)
    A. Utilize code signing by a trusted third party
    B. Implement certificate-based authentication
    C. Verify MD5 hashes
    D. Compress the program with a password
    E. Encrypt with 3DES
    F. Make the DACL read-only
A

A. Utilize code signing by a trusted third party
B. Implement certificate-based authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. A vulnerability analyst identified a zero-day vulnerability in a company’s internally developed software. Since the current vulnerability management system does not have any checks for this vulnerability, an engineer has been asked to create one.

Which of the following would be BEST suited to meet these requirements?
A. ARF
B. ISACs
C. Node.js
D. OVAL

A

D. OVAL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software. Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run in serial to restore nominal performance. The ISP wants this process to be automated.
    Which of the following techniques would be BEST suited for this requirement?
    A. Deploy SOAR utilities and runbooks.
    B. Replace the associated hardware.
    C. Provide the contractors with direct access to satellite telemetry data.
    D. Reduce link latency on the affected ground and satellite segments.
A

A. Deploy SOAR utilities and runbooks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key. Which of the following would BEST secure the REST API connection to the database while preventing the use of a hard-coded string in the request string?
    A. Implement a VPN for all APIs.
    B. Sign the key with DSA.
    C. Deploy MFA for the service accounts.
    D. Utilize HMAC for the keys.
A

A. Implement a VPN for all APIs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
    ERR_SSL_VERSION_OR_CIPHER_MISMATCH
    Which of the following is MOST likely the root cause?
    A. The client application is testing PFS.
    B. The client application is configured to use ECDHE.

C. The client application is configured to use RC4.
D. The client application is configured to use AES-256 in GCM

A

C. The client application is configured to use RC4.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. A local government that is investigating a data exfiltration claim was asked to review the fingerprint of the malicious user’s actions. An investigator took a forensic image of the VM and downloaded the image to a secured USB drive to share with the government.

Which of the following should be taken into consideration during the process of releasing the drive to the government?
A. Encryption in transit
B. Legal issues
C. Chain of custody
D. Order of Stability
E. Key Exchange

A

C. Chain of custody

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. A forensic investigator would use the foremost command for:
    A. Cloning disks
    B. Analyzing network-captured packets
    C. Recovering lost files
    D. Extracting feature such as email address
A

C. Recovering lost files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the organization was able to successfully apply mitigations to reduce the likelihood of impact.
    Which of the following should the organization perform NEXT?
    A. Assess the residual risk.
    B. Update the organization’s threat model.
    C. Move to the next risk in the register.
    D. Recalculate the magnitude of impact.
A

A. Assess the residual risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. A software house is developing a new application. The application has the following requirements: Reduce the number of credential requests as much as possible

Integrate with social networks Authenticate users
Which of the following is the BEST federation method to use for the application?
A. WS-Federation
B. OpenID
C. Oauth
D. SAML

A

A. WS-Federation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. A company is looking for a solution to hide data stored in databases. The solution must meet the following requirements:
    Be efficient at protecting the production environment Not require any change to the application
    Act at the presentation layer
    Which of the following techniques should be used?
    A. Masking
    B. Tokenization
    C. Algorithmic
    D. Random substitution
A

A. Masking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence. Which of the following techniques would BEST support this?
    A. Configuring systemd services to run automatically at startup
    B. Creating a backdoor
    C. Exploiting an arbitrary code execution exploit
    D. Moving laterally to a more authoritative server/service
A

B. Creating a backdoor

17
Q
  1. A vulnerability scanner detected an obsolete version of an open-source file-sharing application on one of a company’s Linux servers. While the software version is no longer supported by the OSS community, the company’s Linux vendor backported fixes, applied them for all current vulnerabilities, and agrees to support the software in the future.
    Based on this agreement, this finding is BEST categorized as a:
    A. true positive.
    B. true negative.
    C. false positive.
    D. false negative
A

C. false positive.

18
Q
  1. A company’s employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email travelling.
    Which of the following is the MOST likely explanation? (Select TWO.)
    A. Outdated escalation attack
    B. Privilege escalation attack
    C. VPN on the mobile device
    D. Unrestricted email administrator accounts
    E. Chief use of UDP protocols
    F. Disabled GPS on mobile devices
A

C. VPN on the mobile device
F. Disabled GPS on mobile devices

19
Q
  1. A Chief information Security Officer (CISO) has launched an effort to create a rebuilt BCP/DR plan for the entire company. As part of the initiative, the security team must gather data supporting operational importance for the applications used by the business and determine the order in which the application must be back online.
    Which of the following be the FIRST step taken by the team?

A. Perform a review of all policies and procedures related to BCP and DR and create an educational module that can be assigned to at employees to provide training on BCP/DR events.
B. Create an SLA for each application that states when the application will come back online and distribute this information to the business units.
C. Have each business unit conduct a BIA and categorize the application according to the cumulative data gathered.
D. Implement replication of all servers and application data to back up datacenters that are geographically separate from the central datacenter and release an updated BPA to all clients.

A

C. Have each business unit conduct a BIA and categorize the application according to the cumulative data gathered.

20
Q
  1. Immediately following the report of a potential breach, a security engineer creates a forensic image of the server in question as part of the organization incident response procedure.
    Which of the must occur to ensure the integrity of the image?
    A. The image must be password protected against changes.
    B. A hash value of the image must be computed.
    C. The disk containing the image must be placed in a seated container.
    D. A duplicate copy of the image must be maintained
A

C. The disk containing the image must be placed in a seated container.

CASP+ (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions