QUESTION 21
A company is evaluating a new marketing strategy involving the use of social networking sites to reach its customers. The marketing director wants to be able to report important company news, product updates, and special promotions on the social websites. After an initial and successful pilot period, other departments want to use the social websites to post their updates as well. The Chief Information Officer (CIO) has asked the company security administrator to document three negative security impacts of allowing IT staff to post work related information on such websites. Which of the following are the major risks the security administrator should report back to the CIO? (Select THREE).
A. Brute force attacks
B. Malware infection
C. DDOS attacks
D. Phishing attacks
E. SQL injection attacks
F. Social engineering attacks
Answer: BDF
QUESTION 22
A telecommunication company has recently upgraded their teleconference systems to multicast. Additionally, the security team has instituted a new policy which requires VPN to access the company’s video conference. All parties must be issued a VPN account and must connect to the company’s VPN concentrator to participate in the remote meetings. Which of the following settings will increase bandwidth utilization on the VPN concentrator during the remote meetings?
A. IPSec transport mode is enabled
B. ICMP is disabled
C. Split tunneling is disabled
D. NAT-traversal is enabled
Answer: C
QUESTION 23
An Information Security Officer (ISO) has asked a security team to randomly retrieve discarded computers from the warehouse dumpster. The security team was able to retrieve two older computers and a broken MFD network printer. The security team was able to connect the hard drives from the two computers and the network printer to a computer equipped with forensic tools. The security team was able to retrieve PDF files from the network printer hard drive but the data on the two older hard drives was inaccessible. Which of the following should the Warehouse Manager do to remediate the security issue?
A. Revise the hardware and software maintenance contract.
B. Degauss the printer hard drive to delete data.
C. Implement a new change control process.
D. Update the hardware decommissioning procedures.
Answer: D
QUESTION 24
Which of the following precautions should be taken to harden network devices in case of VMEscape?
A. Database servers should be on the same virtual server as web servers in the DMZ network segment.
B. Web servers should be on the same physical server as database servers in the network segment.
C. Virtual servers should only be on the same physical server as others in their network segment.
D. Physical servers should only be on the same WAN as other physical servers in their network.
Answer: C
QUESTION 25
Which of the following should be used with caution because of its ability to provide access to block level data instead of file level data?
A. CIFS
B. NFS
C. iSCSI
D. NAS
Answer: C
QUESTION 26
Which of the following can aid a buffer overflow attack to execute when used in the creation of applications?
A. Secure cookie storage
B. Standard libraries
C. State management
D. Input validation
Answer: B
QUESTION 27
The Chief Executive Officer (CEO) of a corporation purchased the latest mobile device and wants to connect it to the company’s internal network. The Chief Information Security Officer (CISO) was told to research and recommend how to secure this device. Which of the following recommendations should be implemented to keep the device from posing a security risk to the company?
A. A corporate policy to prevent sensitive information from residing on a mobile device and anti- virus software.
B. Encryption of the non-volatile memory and a corporate policy to prevent sensitive information from residing on a mobile device.
C. Encryption of the non-volatile memory and a password or PIN to access the device.
D. A password or PIN to access the device and a corporate policy to prevent sensitive information from residing on a mobile device.
Answer: C
QUESTION 28
The Chief Executive Officer (CEO) of a corporation decided to move all email to a cloud computing environment. The Chief Information Security Officer (CISO) was told to research the risk involved in this environment. Which of the following measures should be implemented to minimize the risk of hosting email in the cloud?
A. Remind users that all emails with sensitive information need be encrypted and physically inspect the cloud computing.
B. Ensure logins are over an encrypted channel and obtain an NDA and an SLA from the cloud provider.
C. Ensure logins are over an encrypted channel and remind users to encrypt all emails that contain sensitive information.
D. Obtain an NDA from the cloud provider and remind users that all emails with sensitive information need be encrypted.
Answer: B
QUESTION 29
The Chief Executive Officer (CEO) of a corporation purchased the latest mobile device and wants to connect it to the internal network. The Chief Information Security Officer (CISO) was told to research and recommend how to secure this device. Which of the following should be implemented, keeping in mind that the CEO has stated that this access is required?
A. Mitigate and Transfer
B. Accept and Transfer
C. Transfer and Avoid
D. Avoid and Mitigate
Answer: A
QUESTION 30
The Chief Executive Officer (CEO) of a corporation purchased the latest mobile device and connected it to the internal network. The CEO proceeded to download sensitive financial documents through their email. The device was then lost in transit to a conference. The CEO notified the company helpdesk about the lost device and another one was shipped out, after which the helpdesk ticket was closed stating the issue was resolved. This data breach was not properly reported due to insufficient training surrounding which of the following processes?
A. E-Discovery
B. Data handling
C. Incident response
D. Data recovery and storage
Answer: C
http://www.passleader.com/cas-001.html
QUESTION 31
An employee was terminated and promptly escorted to their exit interview, after which the employee left the building. It was later discovered that this employee had started a consulting business using screen shots of their work at the company which included live customer data. This information had been removed through the use of a USB device. After this incident, it was determined a process review must be conducted to ensure this issue does not recur. Which of the following business areas should primarily be involved in this discussion? (Select TWO).
A. Database Administrator
B. Human Resources
C. Finance
D. Network Administrator
E. IT Management
Answer: BE
QUESTION 32
A technician states that workstations that are on the network in location B are unable to validate certificates, while workstations that are on the main location A’s network are having no issues. Which of the following methods allows a certificate to be validated by a single server that returns the validity of that certificate?
A. XACML
B. OCSP
C. ACL
D. CRL
Answer: B
QUESTION 33
A system administrator needs to develop a policy for when an application server is no longer needed. Which of the following policies would need to be developed?
A. Backup policy
B. De-provisioning policy
C. Data retention policy
D. Provisioning policy
Answer: C
QUESTION 34
A web administrator develops a web form for users to respond to the company via a web page. Which of the following should be practiced to avoid a security risk?
A. SQL injection
B. XSS scripting
C. Click jacking
D. Input validation
Answer: D
QUESTION 35
A large enterprise is expanding through the acquisition of a second corporation. Which of the following should be undertaken FIRST before connecting the networks of the newly formed entity?
A. A system and network scan to determine if all of the systems are secure.
B. Implement a firewall/DMZ system between the networks.
C. Develop a risk analysis for the merged networks.
D. Conduct a complete review of the security posture of the acquired corporation.
Answer: C
QUESTION 36
The company is considering issuing non-standard tablet computers to executive management. Which of the following is the FIRST step the security manager should perform?
A. Apply standard security policy settings to the devices.
B. Set up an access control system to isolate the devices from the network.
C. Integrate the tablets into standard remote access systems.
D. Develop the use case for the devices and perform a risk analysis.
Answer: D
QUESTION 37
When authenticating over HTTP using SAML, which of the following is issued to the authenticating user?
A. A symmetric key
B. A PKI ticket
C. An X.509 certificate
D. An assertion ticket
Answer: D
QUESTION 38
Which of the following activities could reduce the security benefits of mandatory vacations?
A. Have a replacement employee run the same applications as the vacationing employee.
B. Have a replacement employee perform tasks in a different order from the vacationing employee.
C. Have a replacement employee perform the job from a different workstation than the vacationing employee.
D. Have a replacement employee run several daily scripts developed by the vacationing employee.
Answer: D
QUESTION 39
A database is hosting information assets with a computed CIA aggregate value of high. The database is located within a secured network zone where there is flow control between the client and datacenter networks. Which of the following is the MOST likely threat?
A. Inappropriate administrator access
B. Malicious code
C. Internal business fraud
D. Regulatory compliance
Answer: A
QUESTION 40
An organization recently upgraded its wireless infrastructure to support WPA2 and requires all clients to use this method. After the upgrade, several critical wireless clients fail to connect because they are only WEP compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them into compliance with the WPA2 requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?
A. Create a separate SSID and WEP key to support the legacy clients and enable detection of rogue APs.
B. Create a separate SSID and WEP key on a new network segment and only allow required communication paths.
C. Create a separate SSID and require the legacy clients to connect to the wireless network using certificate-based 802.1x.
D. Create a separate SSID and require the use of dynamic WEP keys.
Answer: B
