ERASED TEST, YOU MAY BE INTERESTED ON CASP Test d
COMMENTS |
STATISTICS |
RECORDS
|
|---|
TAKE THE TEST
|
Title of test:
CASP Test d Description: Weak point Author: haveri Other tests from this author Creation Date: 15/10/2024 Category: Others Number of questions: 21 |
Share the Test:
New Comment
No comments about this test.
Content:
|
A cloud security architect has been tasked with selecting the appropriate solution
given the following:
• The solution must allow the lowest RTO possible.
• The solution must have the least shared responsibility possible.
• Patching should be a responsibility of the CSP.
Which of the following solutions can BEST fulfil the requirements? Private PaaS SaaS IaaS. A mobile application developer is creating a global, highly scalable, secure chat application. The developer would like to ensure the application is not susceptible to on-path attacks while the user is traveling in potentially hostile regions. Which of the following would BEST achieve that goal? Deploy client certificates to all devices in the network. Configure certificate pinning inside the application Utilize the SAN certificate to enable a single certificate for all regions Enable HSTS on the application's server side for all communication. A security administrator sees several hundred entries in a web server security log that are similar to the following: The network source varies, but the URL, status, and user agent are the same. Which of the following would BEST protect the web server without blocking legitimate traffic? Automate the addition of bot IP addresses into a deny list for the web host Replace the file xmlrpc.php with a honeypot form to collect further IOCs. Block every subnet that is identified as having a bot that is a source of the traffic. Script the daily collection of the WHOIS ranges to add to the WAF as a denied ACL. An employee's device was missing for 96 hours before being reported. The employee called the help desk to ask for another device. Which of the following phases of the incident response cycle needs improvement? Investigation Resolution Preparation Containment. Due to internal resource constraints, the management team has asked the principal security architect to recommend a solution that shifts most of the responsibility for application-level controls to the cloud provider. In the shared responsibility model, which of the following levels of service meets this requirement? SaaS PaaS IaaS FaaS. Which of the following should be established when configuring a mobile device to protect user internet privacy, to ensure the connection is encrypted, and to keep user activity hidden? (Choose two.) RDP VDI Proxy MDM MAC address randomization Tunneling. A network administrator receives a ticket regarding an error from a remote worker who is trying to reboot a laptop. The laptop has not yet loaded the operating system, and the user is unable to continue the boot process. The administrator is able to provide the user with a recovery PIN, and the user is able to reboot the system and access the device as needed. Which of the following is the MOST likely cause of the error? Duration of the BitLocker lockout period Lockout of privileged access account Failure of TPM authentication Failure of the Kerberos time drift sync. Which of the following is the primary reason that a risk practitioner determines the security boundary prior to conducting a risk assessment? To determine the scope of the risk assessment To determine the business owner(s) of the system To determine which laws and regulations apply To decide between conducting a quantitative or qualitative analysis. A law firm experienced a breach in which access was gained to a secure server. During an investigation to determine how the breach occurred, an employee admitted to clicking on a spear-phishing link. A security analyst reviewed the event logs and found the following: • PAM had not been bypassed. • DLP did not trigger any alerts. • The antivirus was updated to the most current signatures. Which of the following MOST likely occurred? Exfilitration Exploitation Lateral movement Privilege escalation. A company hosts a large amount of data in blob storage for its customers. The company recently had a number of issues with this data being prematurely deleted before the scheduled backup processes could be completed. The management team has asked the security architect for a recommendation that allows blobs to be deleted occasionally, but only after a successful backup. Which of the following solutions will BEST meet this requirement? Implement soft delete for blobs Enable fast recovery on the storage account Make the blob immutable. Mirror the blobs at a local data center. To save time, a company that is developing a new VPN solution has decided to use the OpenSSL library within its proprietary software. Which of the following should the company consider to maximize risk reduction from vulnerabilities introduced by OpenSSL? Ensure the third-party library implements the TLS and disable weak ciphers. Compile third-party libraries into the main code statically instead of using dynamic loading. Implement an ongoing, third-party software and library review and regression testing. Include stable, long-term releases of third-party libraries instead of using newer versions. A pharmaceutical company was recently compromised by ransomware. Given the following EDR output from the process investigation: On which of the following devices and processes did the ransomware originate? cpt-ws002, DearCry.exe cpt-ws026, NO-AV.exe cpt-ws002, NO-AV.exe cpt-ws018, powershell.exe cpt-ws026, DearCry.exe. A client is adding scope to a project. Which of the following processes should be used when requesting updates or corrections to the client's systems? The security engineer asks the project manager to review the updates for the client's system. The implementation engineer requests direct approval from the systems engineer and the Chief Information Security Officer The change control board must review and approve a submission. The information system security officer provides the systems engineer with the system updates. A third-party organization has implemented a system that allows it to analyze customers’ data and deliver analysis results without being able to see the raw data. Which of the following is the organization implementing? Asynchronous keys Data lake Homomorphic encryption Machine learning. A company processes sensitive cardholder information that is stored in an internal production database and accessed by internet-facing web servers. The company's Chief Information Security Officer (CISO) is concerned with the risks related to sensitive data exposure and wants to implement tokenization of sensitive information at the record level. The company implements a one-to-many mapping of primary credit card numbers to temporary credit card numbers. Which of the following should the CISO consider in a tokenization system? Data field watermarking Salted hashing Single-use translation Field tagging. A security consultant is designing an infrastructure security solution for a client company that has provided the following requirements: • Access to critical web services at the edge must be redundant and highly available. • Secure access services must be resilient to a proprietary zero-day vulnerability in a single component. • Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff. Which of the following solutions BEST meets these requirements? Two separate secure access solutions orchestrated by SOAR with components provided by the same vendor for compatibility Reverse TLS proxy configuration using OpenVPN/OpenSSL with scripted failover functionality that connects critical web services out to endpoint computers. Implementation of multiple IPSec VPN solutions with diverse endpoint configurations enabling user optionality in the selection of a remote access provider Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks. A managed security provider (MSP) is engaging with a customer who was working through a complete digital transformation. Part of this transformation involves a move to cloud servers to ensure a scalable, high- performance, online user experience. The current architecture includes: • Directory servers • Web servers • Database servers • Load balancers • Cloud-native VPN concentrator • Remote access server The MSP must secure this environment similarly to the infrastructure on premises. Which of the following should the MSP put in place to BEST meet this objective? (Choose three.) Web application firewall Containers External vulnerability scans Virtual next-generation firewall Content delivery network Software-defined WAN. A security consultant has been asked to recommend a secure network design that would: • Permit an existing OPC server to communicate with a new Modbus server that is controlling electrical relays. • Limit operational disruptions. Due to the limitations within the Modbus protocol, which of the following configurations should the security engineer recommend as part of the solution? Restrict outbound traffic so that only the OPC server is permitted to reach the Modbus server on port 102. Restrict inbound traffic so that only the OPC server is permitted to reach the Modbus server on port 502. Restrict inbound traffic so that only the OPC server is permitted to reach the Modbus server on port 135. Restrict outbound traffic so that only the OPC server is permitted to reach the Modbus server on port 5000. A security architect is analyzing an old application that is not covered for maintenance anymore because the software company is no longer in business. Which of the following techniques should have been implemented to prevent these types of risks? Software audits Code reviews Supply chain visibility Source code escrows. A software company wants to build a platform by integrating with another company's established product. Which of the following provisions would be MOST important to include when drafting an agreement between the two companies? Source code escrow Safe harbor considerations Shared responsibility Data sovereignty. A security engineer performed an assessment on a recently deployed web application. The engineer was able to exfiltrate a company report by visiting the following URL: www.intranet.abc.com/get-files.jsp?file=report.pdf Which of the following mitigation techniques would be BEST for the security engineer to recommend? DLP Firewall WAF Input validation. |
Report abuse