QUESTION 21
A company is evaluating a new marketing strategy
involving the use of social networking sites to reach its customers. The
marketing director wants to be able to report important company news, product
updates, and special promotions on the social websites. After an initial and
successful pilot period, other departments want to use the social websites to
post their updates as well. The Chief Information Officer (CIO) has asked the
company security administrator to document three negative security impacts of
allowing IT staff to post work related information on such websites. Which of
the following are the major risks the security administrator should report back
to the CIO? (Select THREE).
A. Brute force attacks
B. Malware infection
C. DDOS attacks
D. Phishing attacks
E. SQL injection attacks
F. Social engineering attacks
Answer: BDF
QUESTION 22
A telecommunication company has recently
upgraded their teleconference systems to multicast. Additionally, the security
team has instituted a new policy which requires VPN to access the company’s
video conference. All parties must be issued a VPN account and must connect to
the company’s VPN concentrator to participate in the remote meetings. Which of
the following settings will increase bandwidth utilization on the VPN
concentrator during the remote meetings?
A. IPSec transport mode is enabled
B. ICMP is
disabled
C. Split tunneling is disabled
D. NAT-traversal is
enabled
Answer: C
QUESTION 23
An Information Security Officer (ISO) has asked
a security team to randomly retrieve discarded computers from the warehouse
dumpster. The security team was able to retrieve two older computers and a
broken MFD network printer. The security team was able to connect the hard
drives from the two computers and the network printer to a computer equipped
with forensic tools. The security team was able to retrieve PDF files from the
network printer hard drive but the data on the two older hard drives was
inaccessible. Which of the following should the Warehouse Manager do to
remediate the security issue?
A. Revise the hardware and software maintenance
contract.
B. Degauss the printer hard drive to delete data.
C. Implement a new change control process.
D. Update the hardware
decommissioning procedures.
Answer: D
QUESTION 24
Which of the following precautions should be
taken to harden network devices in case of VMEscape?
A. Database servers should be on the same virtual server as
web servers in the DMZ network segment.
B. Web servers should be on the
same physical server as database servers in the network segment.
C. Virtual servers should only be on the same physical server as others in their
network segment.
D. Physical servers should only be on the same WAN as
other physical servers in their network.
Answer: C
QUESTION 25
Which of the following should be used with
caution because of its ability to provide access to block level data instead of
file level data?
A. CIFS
B. NFS
C. iSCSI
D. NAS
Answer: C
QUESTION 26
Which of the following can aid a buffer overflow
attack to execute when used in the creation of applications?
A. Secure cookie storage
B. Standard
libraries
C. State management
D. Input validation
Answer: B
QUESTION 27
The Chief Executive Officer (CEO) of a
corporation purchased the latest mobile device and wants to connect it to the
company’s internal network. The Chief Information Security Officer (CISO) was
told to research and recommend how to secure this device. Which of the following
recommendations should be implemented to keep the device from posing a security
risk to the company?
A. A corporate policy to prevent sensitive information from
residing on a mobile device and anti- virus software.
B. Encryption of the
non-volatile memory and a corporate policy to prevent sensitive information from
residing on a mobile device.
C. Encryption of the non-volatile memory and
a password or PIN to access the device.
D. A password or PIN to access the
device and a corporate policy to prevent sensitive information from residing on
a mobile device.
Answer: C
QUESTION 28
The Chief Executive Officer (CEO) of a
corporation decided to move all email to a cloud computing environment. The
Chief Information Security Officer (CISO) was told to research the risk involved
in this environment. Which of the following measures should be implemented to
minimize the risk of hosting email in the cloud?
A. Remind users that all emails with sensitive information
need be encrypted and physically inspect the cloud computing.
B. Ensure
logins are over an encrypted channel and obtain an NDA and an SLA from the cloud
provider.
C. Ensure logins are over an encrypted channel and remind users
to encrypt all emails that contain sensitive information.
D. Obtain an NDA
from the cloud provider and remind users that all emails with sensitive
information need be encrypted.
Answer: B
QUESTION 29
The Chief Executive Officer (CEO) of a
corporation purchased the latest mobile device and wants to connect it to the
internal network. The Chief Information Security Officer (CISO) was told to
research and recommend how to secure this device. Which of the following should
be implemented, keeping in mind that the CEO has stated that this access is
required?
A. Mitigate and Transfer
B. Accept and
Transfer
C. Transfer and Avoid
D. Avoid and Mitigate
Answer: A
QUESTION 30
The Chief Executive Officer (CEO) of a
corporation purchased the latest mobile device and connected it to the internal
network. The CEO proceeded to download sensitive financial documents through
their email. The device was then lost in transit to a conference. The CEO
notified the company helpdesk about the lost device and another one was shipped
out, after which the helpdesk ticket was closed stating the issue was resolved.
This data breach was not properly reported due to insufficient training
surrounding which of the following processes?
A. E-Discovery
B. Data handling
C. Incident
response
D. Data recovery and storage
Answer: C
http://www.passleader.com/cas-001.html
QUESTION 31
An employee was terminated and promptly escorted
to their exit interview, after which the employee left the building. It was
later discovered that this employee had started a consulting business using
screen shots of their work at the company which included live customer data.
This information had been removed through the use of a USB device. After this
incident, it was determined a process review must be conducted to ensure this
issue does not recur. Which of the following business areas should primarily be
involved in this discussion? (Select TWO).
A. Database Administrator
B. Human Resources
C. Finance
D. Network Administrator
E. IT Management
Answer: BE
QUESTION 32
A technician states that workstations that are
on the network in location B are unable to validate certificates, while
workstations that are on the main location A’s network are having no issues.
Which of the following methods allows a certificate to be validated by a single
server that returns the validity of that certificate?
A. XACML
B. OCSP
C. ACL
D. CRL
Answer: B
QUESTION 33
A system administrator needs to develop a policy
for when an application server is no longer needed. Which of the following
policies would need to be developed?
A. Backup policy
B. De-provisioning policy
C. Data retention policy
D. Provisioning policy
Answer: C
QUESTION 34
A web administrator develops a web form for
users to respond to the company via a web page. Which of the following should be
practiced to avoid a security risk?
A. SQL injection
B. XSS scripting
C. Click
jacking
D. Input validation
Answer: D
QUESTION 35
A large enterprise is expanding through the
acquisition of a second corporation. Which of the following should be undertaken
FIRST before connecting the networks of the newly formed entity?
A. A system and network scan to determine if all of the
systems are secure.
B. Implement a firewall/DMZ system between the
networks.
C. Develop a risk analysis for the merged networks.
D. Conduct a complete review of the security posture of the acquired
corporation.
Answer: C
QUESTION 36
The company is considering issuing non-standard
tablet computers to executive management. Which of the following is the FIRST
step the security manager should perform?
A. Apply standard security policy settings to the
devices.
B. Set up an access control system to isolate the devices from
the network.
C. Integrate the tablets into standard remote access
systems.
D. Develop the use case for the devices and perform a risk
analysis.
Answer: D
QUESTION 37
When authenticating over HTTP using SAML, which
of the following is issued to the authenticating user?
A. A symmetric key
B. A PKI ticket
C. An X.509
certificate
D. An assertion ticket
Answer: D
QUESTION 38
Which of the following activities could reduce
the security benefits of mandatory vacations?
A. Have a replacement employee run the same applications as
the vacationing employee.
B. Have a replacement employee perform tasks in
a different order from the vacationing employee.
C. Have a replacement
employee perform the job from a different workstation than the vacationing
employee.
D. Have a replacement employee run several daily scripts
developed by the vacationing employee.
Answer: D
QUESTION 39
A database is hosting information assets with a
computed CIA aggregate value of high. The database is located within a secured
network zone where there is flow control between the client and datacenter
networks. Which of the following is the MOST likely threat?
A. Inappropriate administrator access
B. Malicious
code
C. Internal business fraud
D. Regulatory compliance
Answer: A
QUESTION 40
An organization recently upgraded its wireless
infrastructure to support WPA2 and requires all clients to use this method.
After the upgrade, several critical wireless clients fail to connect because
they are only WEP compliant. For the foreseeable future, none of the affected
clients have an upgrade path to put them into compliance with the WPA2
requirement. Which of the following provides the MOST secure method of
integrating the non-compliant clients into the network?
A. Create a separate SSID and WEP key to support the legacy
clients and enable detection of rogue APs.
B. Create a separate SSID and
WEP key on a new network segment and only allow required communication
paths.
C. Create a separate SSID and require the legacy clients to connect
to the wireless network using certificate-based 802.1x.
D. Create a
separate SSID and require the use of dynamic WEP keys.
Answer: B