ERASED TEST, YOU MAY BE INTERESTED ON CASP Test C
COMMENTS |
STATISTICS |
RECORDS
|
|---|
TAKE THE TEST
|
Title of test:
CASP Test C Description: Weak point Author: haveri Other tests from this author Creation Date: 17/10/2024 Category: Others Number of questions: 18 |
Share the Test:
New Comment
No comments about this test.
Content:
|
Company A acquired Company B. During an initial assessment, the companies
discover they are using the same SSO system. To help users with
the transition. Company A is requiring the following:
• Before the merger is complete, users from both companies should use a single
set of usernames and passwords.
• Users in the same departments should have the same set of rights and
privileges, but they should have different sets of rights and privileges if
they have different IPs.
• Users from Company B should be able to access Company A's available
resources.
Which of the following are the BEST solutions? (Choose two.) Installing Company A’s Kerberos systems in Company B's network Implementing attribute-based access control Establishing one-way trust from Company B to Company A Installing new Group Policy Object policies Enabling SAML Updating login scripts. A security researcher has been given an executable that was captured by a honeypot. Which of the following should the security researcher implement to test the executable? SAST OSINT DAST OWASP. A security architect is given the following requirements to secure a rapidly changing enterprise with an increasingly distributed and remote workforce: ✑ Cloud-delivered services ✑ Full network security stack ✑ SaaS application security management ✑ Minimal latency for an optimal user experience ✑ Integration with the cloud IAM platform Which of the following is the BEST solution? NGFW SASE Routing and Remote Access Service (RRAS) Managed Security Service Provider (MSSP). An analyst has prepared several possible solutions to a successful attack on the company. The solutions need to be implemented with the LEAST amount of downtime. Which of the following should the analyst perform? mplement all the solutions at once in a virtual lab and then run the attack simulation. Collect the metrics and then choose the best solution based on the metrics. Implement all the solutions at once in a virtual lab and then collect the metrics. After collection, run the attack simulation. Choose the best solution based on the best metrics. mplement every solution one at a time in a virtual lab, running a metric collection each time. After the collection, run the attack simulation, roll back each solution, and then implement the next. Choose the best solution based on the best metrics mplement every solution one at a time in a virtual lab, running an attack simulation each time while collecting metrics. Roll back each solution and then implement the next. Choose the best solution based on the best metrics. An organization is establishing a new software assurance program to vet applications before they are introduced into the production environment. Unfortunately, many of the applications are provided only as compiled binaries. Which of the following should the organization use to analyze these applications? (Choose two.) SAST IDE SAST IAST Regression testing Third-party dependency management Fuzz testing. An organization is moving its intellectual property data from on premises to a CSP and wants to secure the data from theft. Which of the following can be used to mitigate this risk? A third-party, data integrity monitoring solution Additional application firewall rules specific to the migration An additional layer of encryption A complete backup that is created before moving the data. When a remote employee traveled overseas, the employee’s laptop and several mobile devices with proprietary tools were stolen. The security team requires technical controls be in place to ensure no electronic data is compromised or changed. Which of the following BEST meets this requirement? Next-generation endpoint detection and response agent Passwordless smart card authorization with biometrics Mobile device management with remote wipe capabilities Full disk encryption with centralized key management. A product manager at a new company needs to ensure the development team produces high-quality code on time. The manager has decided to implement an agile development approach instead of waterfall. Which of the following are reasons to choose an agile development approach? (Choose two.) Budgeting and creating a timeline for the entire project is often more straightforward using an agile approach rather than waterfall. The product manager gives the developers more autonomy to write quality code prior to deployment. The scope of work is expected to evolve during the lifetime of project development The product manager would like to produce code in linear phases. The product manager prefers to have code iteratively tested throughout development An agile approach incorporates greater application security in the development process than a waterfall approach does. A company has moved its sensitive workloads to the cloud and needs to ensure high availability and resiliency of its web-based application. The cloud architecture team was given the following requirements: • The application must run at 70% capacity at all times • The application must sustain DoS and DDoS attacks. • Services must recover automatically. Which of the following should the cloud architecture team implement? (Choose three.) WAF Continous snapshots Autoscaling Read-only replicas Containerization CND Encryption BCP. Prior to a risk assessment inspection, the Chief Information Officer tasked the systems administrator with analyzing and reporting any configuration issues on the information systems, and then verifying existing security settings. Which of the following would be BEST to use? CMDB XCCDF SCAP CVSS. Real-time, safety-critical systems MOST often use serial busses that: have deterministic behavior and are deployed with encryption. have non-deterministic behavior and are not deployed with encryption. have deterministic behavior and are not deployed with encryption have non-deterministic behavior and are deployed with encryption. A user experiences an HTTPS connection error when trying to access an Internet banking website from a corporate laptop. The user then opens a browser on a mobile phone and is able to access the same Internet banking website without issue. Which of the following security configurations is MOST likely the cause of the error? Client authentication TLS 1.2 Certificate pinning HSTS. A software developer is working on a piece of code required by a new software package. The code should use a protocol to verify the validity of a remote identity. Which of the following should the developer implement in the code? RSA HSTS CRL OCSP. A city government's IT director was notified by the city council that the following cybersecurity requirements must be met to be awarded a large federal grant: • Logs for all critical devices must be retained for 365 days to enable monitoring and threat hunting. • All privileged user access must be tightly controlled and tracked to mitigate compromised accounts. • Ransomware threats and zero-day vulnerabilities must be quickly identified. Which of the following technologies would BEST satisfy these requirements? (Choose three.) SIEM Cloud sandbox Zero trust network access Log aggregator NGFW PAM Endpoint protection. A company wants to use a process to embed a sign of ownership covertly inside a proprietary document without adding any identifying attributes. Which of the following would be BEST to use as part of the process to support copyright protections of the document? Steganography E-signature Watermarking Cryptography. A security engineer is implementing a server-side TLS configuration that provides forward secrecy and authenticated encryption with associated data. Which of the following algorithms, when combined into a cipher suite, will meet these requirements? (Choose three.) EDE RC4 CBC RSA DH AES ECDSA GCM. An organization recently recovered from an attack that featured an adversary injecting malicious logic into OS bootloaders on endpoint devices. Therefore, the organization decided to require the use of TPM for measured boot and attestation, monitoring each component from the UEFI through the full loading of OS components. Which of the following TPM structures enables this storage functionality? Platform configuration registers Clock/counter structures Command tag structures with MAC schemes Endorsement tickets. A security engineer is reviewing a record of events after a recent data breach incident that involved the following: ✑ A hacker conducted reconnaissance and developed a footprint of the company's Internet-facing web application assets. ✑ A vulnerability in a third-party library was exploited by the hacker, resulting in the compromise of a local account. ✑ The hacker took advantage of the account's excessive privileges to access a data store and exfiltrate the data without detection. Which of the following is the BEST solution to help prevent this type of attack from being successful in the future? Software composition analysis User behavior analysis Web application firewall Secure web gateway Dynamic analysis. |
Report abuse