CAS-003 Free Practice Test

A company wants to extend its help desk availability beyond business hours. The Chief Information Officer (CIO) decides to augment the help desk with a third-party service that will answer calls and provide Tier 1 problem resolution, such as password resets and remote assistance. The security administrator implements the following firewall change:

The administrator provides the appropriate path and credentials to the third-party company. Which of the following technologies is MOST likely being used to provide access to the third company?

1. A. LDAP
2. B. WAYF
3. C. OpenID
4. D. RADIUS
5. E. SAML

Correct Answer: D

Company XYZ has purchased and is now deploying a new HTML5 application. The company wants to hire a penetration tester to evaluate the security of the client and server components of the
proprietary web application before launch. Which of the following is the penetration tester MOST likely to use while performing black box testing of the security of the company’s purchased
application? (Select TWO).

1. A. Code review
2. B. Sandbox
3. C. Local proxy
4. D. Fuzzer
5. E. Port scanner

Correct Answer: CD
C: Local proxy will work by proxying traffic between the web client and the web server. This is a tool that can be put to good effect in this case.
D: Fuzzing is another form of blackbox testing and works by feeding a program multiple input iterations that are specially written to trigger an internal error that might indicate a bug and crash it. Incorrect Answers:
A: A Code review refers to the examination of an application (the new HTML5 application in this case) that is designed to identify and assess threats to the organization. But this is not the most likely test to be carried out when performing black box testing.
B: Application sandboxing refers to the process of writing files to a temporary storage are (the socalled sandbox) so that you limit the ability of possible malicious code to execute on your computer.
E: Port scanning is used to scan TCP and UDP ports and report on their status. You can thus determine which services are running on a targeted computer.
References:
Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley & Sons, Indianapolis, 2012, pp. 147, 154, 168-169, 174

A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BEST mitigate the identified vulnerability?

1. A. Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME
2. B. Federate with an existing PKI provider, and reject all non-signed emails
3. C. Implement two-factor email authentication, and require users to hash all email messages upon receipt
4. D. Provide digital certificates to all systems, and eliminate the user group or shared mailboxes

Correct Answer: A

A systems administrator recently joined an organization and has been asked to perform a security assessment of controls on the organization’s file servers, which contain client data from a number of sensitive systems. The administrator needs to compare documented access requirements to the access implemented within the file system.
Which of the following is MOST likely to be reviewed during the assessment? (Select two.)

1. A. Access control list
2. B. Security requirements traceability matrix
3. C. Data owner matrix
4. D. Roles matrix
5. E. Data design document
6. F. Data access policies

Correct Answer: DF

An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are: Each lab must be on a separate network segment.
Labs must have access to the Internet, but not other lab networks.
Student devices must have network access, not simple access to hosts on the lab networks. Students must have a private certificate installed before gaining access.
Servers must have a private certificate installed locally to provide assurance to the students. All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?

1. A. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
2. B. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
3. C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
4. D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment

Correct Answer: C
IPSec VPN with mutual authentication meets the certificates requirements. RADIUS can be used with the directory service for the user authentication.
ACLs (access control lists) are the best solution for restricting access to network hosts. Incorrect Answers:
A: This solution has no provision for restricting access to hosts on the lab networks. B: This solution has no provision for restricting access to hosts on the lab networks. D: This solution has no provision for restricting access to hosts on the lab networks.