Improve CAS-002 Exam Study Guides With New Update Exam Questions

Q1. Noticing latency issues at its connection to the Internet, a company suspects that it is being targeted in a Distributed Denial of Service attack. A security analyst discovers numerous inbound monlist requests coming to the companyu2021s NTP servers. Which of the following mitigates this activity with the LEAST impact to existing operations?

A. Block in-bound connections to the companyu2021s NTP servers.

B. Block IPs making monlist requests.

C. Disable the companyu2021s NTP servers.

D. Disable monlist on the companyu2021s NTP servers.

Q2. Two universities are making their 802.11n wireless networks available to the other universityu2021s students. The infrastructure will pass the studentu2021s credentials back to the home school for authentication via the Internet.

The requirements are:

Mutual authentication of clients and authentication server

The design should not limit connection speeds Authentication must be delegated to the home school No passwords should be sent unencrypted

The following design was implemented:

WPA2 Enterprise using EAP-PEAP-MSCHAPv2 will be used for wireless security RADIUS proxy servers will be used to forward authentication requests to the home school The RADIUS servers will have certificates from a common public certificate authority

A strong shared secret will be used for RADIUS server authentication

Which of the following security considerations should be added to the design?

A. The transport layer between the RADIUS servers should be secured

B. WPA Enterprise should be used to decrease the network overhead

C. The RADIUS servers should have local accounts for the visiting students

D. Students should be given certificates to use for authentication to the network

Q3. A software development manager is taking over an existing software development project. The team currently suffers from poor communication, and this gap is resulting in an above average number of security-related bugs making it into production. Which of the following development methodologies involves daily stand-ups designed to improve communication?

A. Spiral

B. Agile

C. Waterfall

D. Rapid

Q4. A large bank deployed a DLP solution to detect and block customer and credit card data from leaving the organization via email. A disgruntled employee was able to successfully exfiltrate data through the corporate email gateway by embedding a word processing document containing sensitive data as an object in a CAD file. Which of the following BEST explains why it was not detected and blocked by the DLP solution? (Select TWO).

A. The product does not understand how to decode embedded objects.

B. The embedding of objects in other documents enables document encryption by default.

C. The process of embedding an object obfuscates the data.

D. The mail client used to send the email is not compatible with the DLP product.

E. The DLP product cannot scan multiple email attachments at the same time.

Q5. A new web based application has been developed and deployed in production. A security engineer decides to use an HTTP interceptor for testing the application. Which of the following problems would MOST likely be uncovered by this tool?

A. The tool could show that input validation was only enabled on the client side

B. The tool could enumerate backend SQL database table and column names

C. The tool could force HTTP methods such as DELETE that the server has denied

D. The tool could fuzz the application to determine where memory leaks occur

Q6. An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following controls should be implemented to mitigate the attack in the future?

A. Use PAP for secondary authentication on each RADIUS server

B. Disable unused EAP methods on each RADIUS server

C. Enforce TLS connections between RADIUS servers

D. Use a shared secret for each pair of RADIUS servers

Q7. Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets.

The information security team has been a part of the department meetings and come away with the following notes:

-Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application.

-Sales is asking for easy order tracking to facilitate feedback to customers.

-Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction.

-Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy.

-Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining.

The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption.

Which of the following departmentsu2021 request is in contrast to the favored solution?

A. Manufacturing

B. Legal

C. Sales

D. Quality assurance

E. Human resources

Q8. A company wishes to purchase a new security appliance. A security administrator has extensively researched the appliances, and after presenting security choices to the companyu2021s management team, they approve of the proposed solution. Which of the following documents should be constructed to acquire the security appliance?

A. SLA

B. RFQ

C. RFP

D. RFI

Q9. A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:

Customers to upload their log files to the u201cbig datau201d platform Customers to perform remote log search

Customers to integrate into the platform using an API so that third party business intelligence tools can be used for the purpose of trending, insights, and/or discovery

Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).

A. Secure storage and transmission of API keys

B. Secure protocols for transmission of log files and search results

C. At least two years retention of log files in case of e-discovery requests

D. Multi-tenancy with RBAC support

E. Sanitizing filters to prevent upload of sensitive log file contents

F. Encrypted storage of all customer log files

Q10. An external auditor has found that IT security policies in the organization are not maintained and in some cases are nonexistent. As a result of the audit findings, the CISO has been tasked with the objective of establishing a mechanism to manage the lifecycle of IT security policies. Which of the following can be used to BEST achieve the CISOu2021s objectives?

A. CoBIT

B. UCF

C. ISO 27002

D. eGRC