CAS-002 Online Practice Questions and Answers

A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs:

1.

The banker accesses the CRM system, a redirect is performed back to the organization's internal systems.

2.

A lookup is performed of the identity and a token is generated, signed and encrypted.

3.

A redirect is performed back to the CRM system with the token.

4.

The CRM system validates the integrity of the payload, extracts the identity and performs a lookup.

5.

If the banker is not in the system and automated provisioning request occurs.

6.

The banker is authenticated and authorized and can access the system. This is an example of which of the following?

A. Service provider initiated SAML 2.0

B. Identity provider initiated SAML 1.0

C. OpenID federated single sign on

D. Service provider initiated SAML 1.1

Due to a new regulatory requirement, ABC Company must now encrypt all WAN transmissions. When speaking with the network administrator, the security administrator learns that the existing routers have the minimum processing power to do the required level of encryption. Which of the following solutions minimizes the performance impact on the router?

A. Deploy inline network encryption devices

B. Install an SSL acceleration appliance

C. Require all core business applications to use encryption

D. Add an encryption module to the router and configure IPSec

A security company is developing a new cloud-based log analytics platform. Its purpose is to allow:

Customers to upload their log files to the "big data" platform Customers to perform remote log search Customers to integrate into the platform using an API so that third party business intelligence tools can be used for the purpose of trending, insights, and/or discovery

Which of the following are the BEST security considerations to protect data from one customer being disclosed to other customers? (Select THREE).

A. Secure storage and transmission of API keys

B. Secure protocols for transmission of log files and search results

C. At least two years retention of log files in case of e-discovery requests

D. Multi-tenancy with RBAC support

E. Sanitizing filters to prevent upload of sensitive log file contents

F. Encryption of logical volumes on which the customers' log files reside

When Company A and Company B merged, the network security administrator for Company A was tasked with joining the two networks. Which of the following should be done FIRST?

A. Implement a unified IPv6 addressing scheme on the entire network.

B. Conduct a penetration test of Company B's network.

C. Perform a vulnerability assessment on Company B's network.

D. Perform a peer code review on Company B's application.

An organization uses IP address block 203.0.113.0/24 on its internal network. At the border router, the network administrator sets up rules to deny packets with a source address in this subnet from entering the network, and to deny packets with a destination address in this subnet from leaving the network. Which of the following is the administrator attempting to prevent?

A. BGP route hijacking attacks

B. Bogon IP network traffic

C. IP spoofing attacks

D. Man-in-the-middle attacks

E. Amplified DDoS attacks

During a software development project review, the cryptographic engineer advises the project manager that security can be greatly improved by significantly slowing down the runtime of a hashing algorithm and increasing the entropy by passing the input and salt back during each iteration. Which of the following BEST describes what the engineer is trying to achieve?

A. Monoalphabetic cipher

B. Confusion

C. Root of trust

D. Key stretching

E. Diffusion

An industry organization has implemented a system to allow trusted authentication between all of its partners. The system consists of a web of trusted RADIUS servers communicating over the Internet. An attacker was able to set up a malicious server and conduct a successful man-in-the-middle attack. Which of the following controls should be implemented to mitigate the attack in the future?

A. Use PAP for secondary authentication on each RADIUS server

B. Disable unused EAP methods on each RADIUS server

C. Enforce TLS connections between RADIUS servers

D. Use a shared secret for each pair of RADIUS servers

An organization must comply with a new regulation that requires the organization to determine if an external attacker is able to gain access to its systems from outside the network. Which of the following should the company conduct to meet the regulation's criteria?

A. Conduct a compliance review

B. Conduct a vulnerability assessment

C. Conduct a black box penetration test

D. Conduct a full system audit

There has been a recent security breach which has led to the release of sensitive customer information. As part of improving security and reducing the disclosure of customer data, a training company has been employed to educate staff. Which of the following should be the primary focus of the privacy compliance training program?

A. Explain how customer data is gathered, used, disclosed, and managed.

B. Remind staff of the company's data handling policy and have staff sign an NDA.

C. Focus on explaining the "how" and "why" customer data is being collected.

D. Republish the data classification and the confidentiality policy.

Driven mainly by cost, many companies outsource computing jobs which require a large amount of processor cycles over a short duration to cloud providers. This allows the company to avoid a large investment in computing resources which will only be used for a short time.

Assuming the provisioned resources are dedicated to a single company, which of the following is the MAIN vulnerability associated with on-demand provisioning?

A. Traces of proprietary data which can remain on the virtual machine and be exploited

B. Remnants of network data from prior customers on the physical servers during a compute job

C. Exposure of proprietary data when in-transit to the cloud provider through IPSec tunnels

D. Failure of the de-provisioning mechanism resulting in excessive charges for the resources