aiotestking uk

CAS-002 Exam Questions - Online Test


CAS-002 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. - (Topic 2) 

A software developer and IT administrator are focused on implementing security in the organization to protect OSI layer 7. Which of the following security technologies would BEST meet their requirements? (Select TWO). 

A. NIPS 

B. HSM 

C. HIPS 

D. NIDS 

E. WAF 

Answer: C,E 

Q2. - (Topic 4) 

Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZ’s hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal. Which of the following BEST describes the core concerns of the security architect? 

A. Most of company XYZ’s customers are willing to accept the risks of unauthorized disclosure and access to information by outside users. 

B. The availability requirements in SLAs with each hosted customer would have to be re-written to account for the transfer of virtual machines between physical platforms for regular maintenance. 

C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer. 

D. Not all of company XYZ’s customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings. 

Answer:

Q3. - (Topic 2) 

An organization has implemented an Agile development process for front end web application development. A new security architect has just joined the company and wants to integrate security activities into the SDLC. 

Which of the following activities MUST be mandated to ensure code quality from a security perspective? (Select TWO). 

A. Static and dynamic analysis is run as part of integration 

B. Security standards and training is performed as part of the project 

C. Daily stand-up meetings are held to ensure security requirements are understood 

D. For each major iteration penetration testing is performed 

E. Security requirements are story boarded and make it into the build 

F. A security design is performed at the end of the requirements phase 

Answer: A,D 

Q4. - (Topic 5) 

A security administrator is investigating the compromise of a software distribution website. Forensic analysis shows that several popular files are infected with malicious code. However, comparing a hash of the infected files with the original, non-infected files which were restored from backup, shows that the hash is the same. Which of the following explains this? 

A. The infected files were using obfuscation techniques to evade detection by antivirus software. 

B. The infected files were specially crafted to exploit a collision in the hash function. 

C. The infected files were using heuristic techniques to evade detection by antivirus software. 

D. The infected files were specially crafted to exploit diffusion in the hash function. 

Answer:

491. - (Topic 5) 

The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary? 

A. The corporate network is the only network that is audited by regulators and customers. 

B. The aggregation of employees on a corporate network makes it a more valuable target for attackers. 

C. Home networks are unknown to attackers and less likely to be targeted directly. 

D. Employees are more likely to be using personal computers for general web browsing when they are at home. 

Q5. - (Topic 3) 

A developer is coding the crypto routine of an application that will be installed on a standard headless and diskless server connected to a NAS housed in the datacenter. The developer has written the following six lines of code to add entropy to the routine: 

1 - If VIDEO input exists, use video data for entropy 2 - If AUDIO input exists, use audio data for entropy 3 - If MOUSE input exists, use mouse data for entropy 4 - IF KEYBOARD input exists, use keyboard data for entropy 5 - IF IDE input exists, use IDE data for entropy 6 - IF NETWORK input exists, use network data for entropy 

Which of the following lines of code will result in the STRONGEST seed when combined? 

A. 2 and 1 

B. 3 and 5 

C. 5 and 2 

D. 6 and 4 

Answer:

Q6. CORRECT TEXT - (Topic 3) 

Answer: 192.18.1.0/24 any 192.168.20.0/24 3389 any 

Q7. - (Topic 5) 

A mature organization with legacy information systems has incorporated numerous new processes and dependencies to manage security as its networks and infrastructure are modernized. The Chief Information Office has become increasingly frustrated with frequent releases, stating that the organization needs everything to work completely, and the vendor should already have those desires built into the software product. The vendor has been in constant communication with personnel and groups within the organization to understand its business process and capture new software requirements from users. Which of the following methods of software development is this organization’s configuration management process using? 

A. Agile 

B. SDL 

C. Waterfall 

D. Joint application development 

Answer:

Q8. CORRECT TEXT - (Topic 2) 

Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range. 

Instructions: Click on the simulation button to refer to the Network Diagram for Company A. 

Click on Router 1, Router 2, and the Firewall to evaluate and configure each device. 

Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces. 

Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network. 

Answer: Please check the explanation part for the solution. 

Q9. - (Topic 4) 

The lead systems architect on a software development project developed a design which is optimized for a distributed computing environment. The security architect assigned to the project has concerns about the integrity of the system, if it is deployed in a commercial cloud. Due to poor communication within the team, the security risks of the proposed design are not being given any attention. A network engineer on the project has a security background and is concerned about the overall success of the project. Which of the following is the BEST course of action for the network engineer to take? 

A. Address the security concerns through the network design and security controls. 

B. Implement mitigations to the security risks and address the poor communications on the team with the project manager. 

C. Document mitigations to the security concerns and facilitate a meeting between the architects and the project manager. 

D. Develop a proposal for an alternative architecture that does not leverage cloud computing and present it to the lead architect. 

Answer:

Q10. - (Topic 4) 

The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following: 

90.76.165.40 – - [08/Mar/2014:10:54:04] “GET calendar.php?create%20table%20hidden HTTP/1.1” 200 5724 

90.76.165.40 – - [08/Mar/2014:10:54:05] “GET ../../../root/.bash_history HTTP/1.1” 200 90.76.165.40 – - [08/Mar/2014:10:54:04] “GET index.php?user=<script>Create</script> HTTP/1.1” 200 5724 

The security administrator also inspects the following file system locations on the database server using the command ‘ls -al /root’ 

drwxrwxrwx 11 root root 4096 Sep 28 22:45 . 

drwxr-xr-x 25 root root 4096 Mar 8 09:30 .. 

-rws------ 25 root root 4096 Mar 8 09:30 .bash_history 

-rw------- 25 root root 4096 Mar 8 09:30 .bash_history 

-rw------- 25 root root 4096 Mar 8 09:30 .profile 

-rw------- 25 root root 4096 Mar 8 09:30 .ssh 

Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO). 

A. Privilege escalation 

B. Brute force attack 

C. SQL injection 

D. Cross-site scripting 

E. Using input validation, ensure the following characters are sanitized. <> 

F. Update crontab with: find / \( -perm -4000 \) –type f –print0 | xargs -0 ls –l | email.sh 

G. Implement the following PHP directive: $clean_user_input = addslashes($user_input) 

H. Set an account lockout policy 

Answer: A,F