CASP Cert

casp-cert

Question 1 of 1

Time Left

169231

120

block

The Chief Information Security Officer (CISO) at a software development company is concerned about the lack of introspection during a testing cycle of the company’s flagship product. Testing was conducted by a small offshore consulting firm and the report by the consulting firm clearly indicates that limited test cases were used and many of the code paths remained untested. The CISO raised concerns about the testing results at the monthly risk committee meeting, highlighting the need to get to the bottom of the product behaving unexpectedly in only some large enterprise deployments. The Security Assurance and Development teams highlighted their availability to redo the testing if required. Which of the following will provide the MOST thorough testing?

Select the correct answer(s).

(0/0)

169232

120

none

A security code reviewer has been engaged to manually review a legacy application. A number of systemic issues have been uncovered relating to buffer overflows and format string vulnerabilities. The reviewer has advised that future software projects utilize managed code platforms if at all possible. Which of the following languages would suit this recommendation? (Select TWO).

Select the correct answer(s).

(0/0)

169233

120

none

A bank now has a major initiative to virtualize as many servers as possible, due to power and rack space capacity at both data centers. The bank has prioritized by virtualizing older servers first as the hardware is nearing end-of-life. The two initial migrations include: Windows 2000 hosts: domain controllers and front-facing web servers RHEL3 hosts: front-facing web servers Which of the following should the security consultant recommend based on best practices?

Select the correct answer(s).

(0/0)

169234

120

none

After being informed that the company DNS is unresponsive, the system administrator issues the following command from a Linux workstation: - - - - SSH –p 2020 -l user dnsserver.company.com Once at the command prompt, the administrator issues the below commanD. Service bind restart The system returns the below response: Unable to restart BIND Which of the following is true about the above situation?

Select the correct answer(s).

(0/0)

166931

120

none

Which of the following attacks does Unicast Reverse Path Forwarding prevent?

Select the correct answer(s).

(0/0)

169235

120

none

Which of the following is an example of single sign-on?

Select the correct answer(s).

(0/0)

166932

120

none

Which of the following authentication types is used primarily to authenticate users through the use of tickets?

Select the correct answer(s).

(0/0)

169236

120

none

Company XYZ has just purchased Company ABC through a new acquisition. A business decision has been made to integrate the two company’s networks, application, and several basic services. The initial integration of the two companies has specified the following requirements: - - - - Company XYZ requires access to the web intranet, file, print, secure FTP server, and authentication domain resources Company XYZ is being on boarded into Company ABC’s authentication domain Company XYZ is considered partially trusted Company XYZ does not want performance issues when accessing ABC’s systems Which of the following network security solutions will BEST meet the above requirements?

Select the correct answer(s).

(0/0)

166933

120

none

A security consultant is evaluating forms which will be used on a company website. Which of the following techniques or terms is MOST effective at preventing malicious individuals from successfully exploiting programming flaws in the website?

Select the correct answer(s).

(0/0)

169237

120

none

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO).

Select the correct answer(s).

(0/0)

169238

120

none

A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE).

Select the correct answer(s).

(0/0)

166935

120

none

A security audit has uncovered that some of the encryption keys used to secure the company B2B financial transactions with its partners may be too weak. The security administrator needs to implement a process to ensure that financial transactions will not be compromised if a weak encryption key is found. Which of the following should the security administrator implement?

Select the correct answer(s).

(0/0)

169239

120

none

The security administrator has just installed an active\passive cluster of two firewalls for enterprise perimeter defense of the corporate network. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients. Which of the following is MOST likely the cause of this problem?

Select the correct answer(s).

(0/0)

166936

120

none

A company provides on-demand virtual computing for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two-factor authentication for access to sensitive data. The security administrator at the company has uncovered a breach in data confidentiality. Sensitive data was found on a hidden directory within the hypervisor. Which of the following has MOST likely occurred?

Select the correct answer(s).

(0/0)

169240

120

none

Company XYZ is in negotiations to acquire Company ABC for $1.2millon. Due diligence activities have uncovered systemic security issues in the flagship product of Company ABC. It has been established that a complete product rewrite would be needed with average estimates indicating a cost of $1.6millon. Which of the following approaches should the risk manager of Company XYZ recommend?

CASP Cert

Question 1 of 1

Time Left

Select the correct answer(s).

(0/0)

Select the correct answer(s).

(0/0)

Select the correct answer(s).

(0/0)

Select the correct answer(s).

(0/0)

Which of the following attacks does Unicast Reverse Path Forwarding prevent?

Select the correct answer(s).

(0/0)

Which of the following is an example of single sign-on?

Select the correct answer(s).

(0/0)

Which of the following authentication types is used primarily to authenticate users through the use of tickets?

Select the correct answer(s).

(0/0)

Select the correct answer(s).

(0/0)

A security consultant is evaluating forms which will be used on a company website. Which of the following techniques or terms is MOST effective at preventing malicious individuals from successfully exploiting programming flaws in the website?

Select the correct answer(s).

(0/0)

In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO).

Select the correct answer(s).

(0/0)

A Security Manager is part of a team selecting web conferencing systems for internal use. The system will only be used for internal employee collaboration. Which of the following are the MAIN concerns of the security manager? (Select THREE).

Select the correct answer(s).

(0/0)

Select the correct answer(s).

(0/0)

Select the correct answer(s).

(0/0)

Select the correct answer(s).

(0/0)

Select the correct answer(s).

(0/0)

Results

Correct

0

Incorrect

0

Skipped

0

Overall Percentage

0%