CASP C Missed Questions

A developer wants to maintain integrity to each module of a program and ensure controls are in place to detect unauthorized code modification. Which of the following would be BEST for the developer to perform? (Choose Two.). Implement certificate-based authentication. Verify MD5 hashes. Utilize code signing by a trusted third party. Encrypt with 3DES. Make the DACL read-only. Compress the program with a password.

Which of the following BEST describe the importance of maintaining chain of custody in forensic evidence collection? (Choose two.). It ensures the integrity of the collected evidence. It ensures confidentiality and the need-to-know basis of forensically acquired evidence. It authenticates personnel who come into contact with evidence after collection. It attests to how recently evidence was collected by recording data/time attributes. It provides automated attestation for the integrity of the collected evidence. It increases the likelihood that evidence will be deemed admissible in court.

A security researcher has been given an executable that was captured by a honeypot. Which of the following should the security researcher implement to test the executable?. DAST. OSINT. SAST. OWASP.

A significant weather event caused all systems to fail over to the disaster recovery site sucessfully. However, successful data replication has not occurred in the last six months, which has resulted in the service being unavailable. Which of the following would BEST prevent this scenario from happening again?. Performing department disaster recovery walk-throughs. Implement scheduled, full interruption tests. Backing up system log reviews. Performing routine tabletop exercises.

In comparison to other types of alternative processing sites that may be invoked as a part of disaster recovery, cold sites are different because they: have basic utility coverage, including power and water. provide workstations and read-only domain controllers. are generally the least costly to sustain. are the quickest way to restore business. are geographically separated from the company's primary facilities.

Which of the following is used to asses compliance with internal and external requirements?. RACI matrix. After-action report. Business continuity plan. Audit Report.

A security analyst is using data provided from a recent penetration test to calculate CVSS scores to prioritize remdiation. Which of the following metric groups would the analyst need to determine to get the overall scores? (Choose three.). Base. Confidentiality. Integrity. Impact. Environmental. Availability. Attack vector. Temporal.

A penetration tester is testing a company's login form for a web application using a list of known usernames and a common password list. According to a brute-force utility, the penetration tester needs to provide the tool with the proper headers, POST URL with variable names, and the error string returned with an improper login. Which of the following would BEST help the tester to gather information? (Choose two.). The inspect feature from the web browser. An HTTP interceptor. The website certificate viewed via the web browser. The new source feature of the web browser. The logs from the web server. A tcpdump from the the web server.

A security engineer is implementing a server-side TLS configuration that provides forward secrecy and authenticated encryption with associated data. Which of the following algorithms, when combined into a cipher suite, will meet these requirements? (Choose Three.). RC4. ECDSA. EDE. CBC. AES. GCM. DH. RSA.

Which of the following describes the system responisible for storing private encryption/decrytion files with a third party to ensure these files are stored safely?. TPM. Key Escrow. Code Signing. Trust models.

A software developer was just informed by the security team that the company's product has several vulnerabilities. Most of these vulnerabilities were traced to code, as it was in the software before the developer started on the program and is not tracked for licensing purposes. Which of the following would the developer MOST likely do to mitigate the risks and prevent further issues like these from occurring?. Perform reverse engineering on the code and rewrite the code in a more secure manner. Perform software composition analysis and remediate vulnerabilities found in the software. Perform fuzz testing and implement DAST in the code repositories to find vulnerabilities prior to deployment. Perform supply chain analysis and require third-party suppliers to implement vulnerability management programs.

A company created an external, PHP-based web application for its customers. A security researcher reports that the application has the HEARTBLEED vulnerability. Which of the following would BEST resolve and mitigate the issue? (Choose two.). Fixing the PHP code. Changing the web server from HTTPS to HTTP. Changing the code from PHP to ColdFusion. Using SSLv3. Updating the OpenSSL library. Deploying a WAF signature.

During a recent security incident investigation, a security analyst mistakenly turned off the infected machine prior to consulting with a forensic analyst. Upon rebooting the machine, a malicious script that was running as a background process was no longer present. Which of the following should the security analyst have followed?. Order of volatility. Secure Storage. Verification. Chain of Custody.

A security manager wants to transition the organization to a zero trust architecture. To meet this requirement, the security manager has instructed administrators to remove trusted zones, role-based access, and one-time authentication. Which of the following will need to be implemented to achieve this objective? (Choose three.). Firewall. Least privilege. PKI. IaaS. VPN. Continous integration. Continuous validation. Policy automation.

An auditor needs to scan documents at rest for sensitive text. These documents contain both text and images. Which of the following software functionalities must be enabled in the DLP solution for the auditor be able to fully read these documents? (Choose two.). Regular expression pattern matching. Baseline image matching. Advanced rasterization. Optical Character recognition functionality. Document interpolation. Watermarking.

An organization is establishing a new software assurance program to vet applications before they are introduced into the production environment. Unfortunately, many of the applications are provided only as compiled binaries. Which of the following should the organization use to analyze these applications? (Choose two.). SAST. Third-part dependency management. Regression Testing. IDE SAST. Fuzz testing. IAST.

A server in a manufacturing environment is running an end-of-life operating system. The vulnerability management team is recommending that the server be upgraded to a supported operating system, but the ICS software running over the server is not compatible with modem operating system. Which of the following compensating controls should be implemented to BEST protect the server?. Application allow list. HIPS. Host-based firewall. Antivirus.

An analsyst has prepared several possible solutions to a successful attack on the company. The solutions need to be implemented with the LEAST amount of downtime. Which of the following should the analyst perform?. Implement every solution one at a time in a virtual lab, running an attack simulation each time while collecting metrics. Roll back each solution and then implement the next. Choose the best solution based on the best metrics. Implement all the solutions at once in a virtual lab and then run the attack simulation. Collect the metrics and then choose the best solution based on the metrics. Implement all the solutions at once in a virtual lab and then collect the metrics. After collection, run the attack simulation. Choose the best solution based on the metrics. Implement every solution one at a time in a virtual lab, running a metric collection each time. After the collection, run the attack simulation, roll back each solution, and then implement the next. Choose the best solution based on the best metrics.

A company wants to improve its active protection capabilities against unknown and zero-day malware. Which of the following is the MOST secure solution?. Endpoint log collection. Application allow list. Sandbox detonation. HIDS. NIDS.

A security administrator needs to implement an X.509 solution for multiple sites within the human resources department. This solution would need to secure all subdomains associated with the domain name of the main human resources web server. Which of the following would need to be implemented to properly secure the sites and provide easier private key management?. Digital signature. Registration authority. Certficate pinning. Certificate revocation list. Wildcard certificate.

Prior to a risk assessment inspection, the Chief Information Officer tasked the systems administrator with analyzing and reporting any configuration issues on the information systems, and then verifying existing security settings. Which of the following would be BEST to use?. SCAP. XCCDF. CMDB. CVSS.