CAS-002 | 10 Tips For Rebirth CAS-002 practice test

Q1. A security administrator is tasked with securing a company's headquarters and branch offices move to unified communications. The Chief Information Officer (CIO) wants to integrate the corporate users' email, voice mail, telephony, presence and corporate messaging to internal computers, mobile users, and devices. Which of the following actions would BEST meet the CIO's goals while providing maximum unified communications security?

A. Create presence groups, restrict IM protocols to the internal networks, encrypt remote

A. devices, and restrict access to services to local network and VPN clients.

B. Enable discretionary email forwarding restrictions, utilize QoS and Secure RTP, allow external IM protocols only over TLS, and allow port 2000 incoming to the internal firewall interface for secure SIP

C. Set presence to invisible by default, restrict IM to invite only, implement QoS on SIP and RTP traffic, discretionary email forwarding, and full disk encryption.

D. Establish presence privacy groups, restrict all IM protocols, allow secure RTP on session border gateways, enable full disk encryptions, and transport encryption for email security.

Answer: A

Q2. An organization has just released a new mobile application for its customers. The application has an inbuilt browser and native application to render content from existing websites and the organizationu2021s new web services gateway. All rendering of the content is performed on the mobile application.

The application requires SSO between the application, the web services gateway and legacy UI. Which of the following controls MUST be implemented to securely enable SSO?

A. A registration process is implemented to have a random number stored on the client.

B. The identity is passed between the applications as a HTTP header over REST.

C. Local storage of the authenticated token on the mobile application is secured.

D. Attestation of the XACML payload to ensure that the client is authorized.

Answer: C

Q3. An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:

1. Each lab must be on a separate network segment.

2. Labs must have access to the Internet, but not other lab networks.

3. Student devices must have network access, not simple access to hosts on the lab networks.

4. Students must have a private certificate installed before gaining access.

5. Servers must have a private certificate installed locally to provide assurance to the students.

6. All students must use the same VPN connection profile.

Which of the following components should be used to achieve the design in conjunction with directory services?

A. L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment

B. SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment

C. IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment

D. Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment

Answer: C

Q4. A bank provides single sign on services between its internally hosted applications and externally hosted CRM. The following sequence of events occurs:

1. The banker accesses the CRM system, a redirect is performed back to the organizationu2021s internal systems.

2. A lookup is performed of the identity and a token is generated, signed and encrypted.

3. A redirect is performed back to the CRM system with the token.

4. The CRM system validates the integrity of the payload, extracts the identity and performs a lookup.

5. If the banker is not in the system and automated provisioning request occurs.

6. The banker is authenticated and authorized and can access the system. This is an example of which of the following?

A. Service provider initiated SAML 2.0

B. Identity provider initiated SAML 1.0

C. OpenID federated single sign on

D. Service provider initiated SAML 1.1

Answer:: A

Q5. A business wants to start using social media to promote the corporation and to ensure that customers have a good experience with their products. Which of the following security items should the company have in place before implementation? (Select TWO).

A. The company must dedicate specific staff to act as social media representatives of the company.

B. All staff needs to be instructed in the proper use of social media in the work environment.

C. Senior staff blogs should be ghost written by marketing professionals.

D. The finance department must provide a cost benefit analysis for social media.

E. The security policy needs to be reviewed to ensure that social media policy is properly implemented.

F. The company should ensure that the company has sufficient bandwidth to allow for social media traffic.

Answer: A,E

Q6. An administrator is notified that contract workers will be onsite assisting with a new project. The administrator wants each worker to be aware of the corporate policy pertaining to USB storage devices. Which of the following should each worker review and understand before beginning work?

A. Interconnection Security Agreement

B. Memorandum of Understanding

C. Business Partnership Agreement

D. Non-Disclosure Agreement

Answer: C

Q7. Company XYZ is in negotiations to acquire Company ABC for $1.2millon. Due diligence activities have uncovered systemic security issues in the flagship product of Company ABC. It has been established that a complete product rewrite would be needed with average estimates indicating a cost of $1.6millon. Which of the following approaches should the risk manager of Company XYZ recommend?

A. Transfer the risk

B. Accept the risk

C. Mitigate the risk

D. Avoid the risk

Answer: D

Q8. The finance department for an online shopping website has discovered that a number of customers were able to purchase goods and services without any payments. Further analysis conducted by the security investigations team indicated that the website allowed customers to update a payment amount for shipping. A specially crafted value could be entered and cause a roll over, resulting in the shipping cost being subtracted from the balance and in some instances resulted in a negative balance. As a result, the system processed the negative balance as zero dollars. Which of the following BEST describes the application issue?

A. Race condition

B. Click-jacking

C. Integer overflow

D. Use after free

E. SQL injection

Answer: C

Q9. A small company hosting multiple virtualized client servers on a single host is considering adding a new host to create a cluster. The new host hardware and operating system will be different from the first host, but the underlying virtualization technology will be compatible. Both hosts will be connected to a shared iSCSI storage solution. Which of the following is the hosting company MOST likely trying to achieve?

A. Increased customer data availability

B. Increased customer data confidentiality

C. Increased security through provisioning

D. Increased security through data integrity

Answer: A

Q10. In developing a new computing lifecycle process for a large corporation, the security team is developing the process for decommissioning computing equipment. In order to reduce the potential for data leakage, which of the following should the team consider? (Select TWO).

A. Erase all files on drive

B. Install of standard image

C. Remove and hold all drives

D. Physical destruction

E. Drive wipe

Answer: D,E