Casp F Missed Questions

An organization handles sensitive information that must be displayed on call center technicians' screens to verify the identities of remote callers. The technicians use three randomly selected fields of information to complete the identity verification process. Some of the fields contain PII that are unique identifiers for the remote callers. Which of the following should be implemented to identify remote callers while also reducing the risk that technicians could improperly use he idenfication information?. Data Masking. Encryption. Scrubbing. Tokenization. Substitution.

A company recently migrated its critical web application to a cloud provider's environment. As part of the company's risk management program, the company intends to conduct an external penetration test. According to the scope of the work and the rules of the engagement, the penetration tester will validate the web application's security and check for opportunities to expose sensitive company information in the newly migrated cloud environment. Which of the following should be the first consideration prior to engaging in the test?. Prepare a redundant server to ensure the critical web application's availability during the test. Ensure the latest patches and signatures are deployed on the web server. Create an NDA between the external penetration tester and the company. Obtain agreement between the company and the cloud provider to conduct penetration testing.

A security architect is implementing a SOAR solution in an organization's cloud production environment to support detection capabilities. Which of the following will be the most likely benefit?. Improved security operations center performance. Increased risk visability. Optimized cloud resource utilization. Automated firewall log collection tasks.

Company A is merging with Company B. Company A is a small, local company. Company B has a large, global presence. The two companies have a lot of duplication in their IT systems, processes, and procedures. On the new Chief information Officer's (CIO's) first day, a fire breaks out at company B's main data center. Which of the following actions should the CIO take first?. Review the incident response plans, and engage the disaster recovery plan while relying on the IT leaders from both companies. Determine whether the incident response plan has been tested at both companies, and use it to respond. Ensure, hot, warm, and mobile disaster recovery sites are available, and give an update to the companies' leadership teams. Initiate Company A's IT systems processes and procedures, assess the damage, and perform BIA.

A common industrial protocol has the following characteristics: - Provides for no authentication/security - Is often implemented in a client/server relationship - Is implemented as either RTU or TCP/IP Which of the following is being described?. Profinet. Modbus. Zigbee. Z-wave.

A security review of the architecture for an application migration was recently completed. The following observations were made: - External inbound access is blocked. - A large amount of storage is available. - Memory and CPU usage are low. - The load balancer has only a single server assigned. - Multiple APIs are integrated. Which of the following needs to be addressed?. Performance. Availability. Automation. Scalability.

Which of the following is the best reason for obtaining file hashes from a confiscated laptop?. To generate unique identifiers for each file. To prevent metadata tampering on each file. To later validate the integrity of each file. To preserve the chain of custody of files.

Which of the following is the best reason for obtaining file hashes from a confiscated laptop?. To generate unique identifies for each file. To prevent metadata tampering on each file. To later validate the integrity of each file. To preserve the chain of custody of files.

A company's software developer have indicated that the security team takes too long to perform application security tasks. A security analyst plans to improve the situation by implementing security into the SDLC. The developers have the following requirements: 1. The solution must be able to initiate SQL injection and reflected XSS attacks. 2. The solution must ensure the application is not susceptible to memory leaks. Which of the following should be implemented to meet these requirements? (Choose two.). DAST. HTTP interceptor. Side-channel analysis. Protocol Scanner. SAST. Fuzz Testing. SCAP.

A company recently deployed new servers to create an additional cluster to support a new application. The corporate security policy states that all new servers must be resilient. The new cluster has a high-availability configuration for a smooth failover. The failover was successful following a recent power outage, but both clusters lost critical data, which impacted recovery time. Which of the following needs to be configured to help ensure minimal delays when power outages occur in the future?. Caching. Containerization. High availability. Replication. Redundancy.

An organizational developed a containerized application. The organization wants to run the application and automatically scale it based on demand. The security operations team would like to use container orchestration but does not want to assume patching responsibilities. Which of the following service models best meets these requirements?. SaaS. IaaS. PaaS. MaaS.

An incident response team completed recovery from offline backup for several workstations. The workstations were subjected to a ransomware attack after users fell victim to a spear-phishing campaign, despite a robust training program. Which of the following questions should be considered during the lessons-learned phase to most likely reduce the risk recurrence? (Choose Two.). What measurable user behaviors were exhibited that contributed to the compromise?. Which methods can be implemented to increase speed of offline backup recovery?. Which user roles are most often targeted by spear phishing attacks?. What internal and external stakeholders need to be notified of the breach?. Which technical controls, if implemented, would provide defense when user training fails?. Are there opportunities for legal recourse against originators of the spear-phishing campaign?.

A risk assesment determined that company data was leaked to the general public during a migration. Which of the following best explains the root cause of this issue?. Implement logging of cloud activities to company SIEM. Misconfiguration of acess controls on cloud storage containers. Failure to implement full disk encryption to on-premise data storage. Incomplete firewall rules between the CSP and on-premise.

A security engineer is assessing a new tool to segment data and communications between domains. The assessment must determine how data transmission controls can be bypassed without detection. Which of the following techniques should the security engineer use?. Convert channel analysis. Fuzz Testing. Protocol analysis. Machine-learning statistical analysis.

An organization developed a containerized application. The organization wants to run the application in the cloud and automatically scale it based on demand. The security operations team would like to use container orchestration but does not want to assume patching responisibilities. Which of the following service models best meets these requirements?. PaaS. SaaS. MaaS. IaaS.