CAS-002 Exam Questions

A production server has been compromised. Which of the following is the BEST way to preserve the non-volatile evidence?

A technician states that workstations that are on the network in location B are unable to validate certificates, while workstations that are on the main location A's network are ha...

A network engineer at Company ABC observes the following raw HTTP request: GET /disp_reports.php?SectionEntered=57&GroupEntered=- 1&report_type=alerts&to_date=01-01-0101&Run= Run&U...

An administrator is assessing the potential risk impact on an accounting system and categorizes it as follows: Administrative Files = {(Confidentiality, Moderate), (Integrity, Mode...

A company has purchased a new system, but security personnel are spending a great deal of time on system maintenance. A new third party vendor has been selected to maintain and man...

A security manager has provided a Statement of Work (SOW) to an external penetration testing firm for a web application security test. The web application starts with a very simple...

The IT department of a pharmaceutical research company is considering whether the company should allow or block access to social media websites during lunch time. The company is co...

A company currently does not use any type of authentication or authorization service for remote access. The new security policy states that all remote access must be locked down to...

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The network administrator reviews the tickets and compiles the fol...

A certain script was recently altered by the author to meet certain security requirements, and needs to be executed on several critical servers. Which of the following describes th...

A company which manufactures ASICs for use in an IDS wants to ensure that the ASICs' code is not prone to buffer and integer overflows. The ASIC technology is copyrighted and the c...

Which of the following attacks does Unicast Reverse Path Forwarding prevent?

A security administrator needs a secure computing solution to use for all of the company's security audit log storage, and to act as a central server to execute security functions...

Elaine is conducting an AAR after a hacker managed to breach the network security and steal data from the database server. Which of the following should not be part of the AAR?

Which of the following saves time and efforts of creating own programs and services by purchasing the products from a third-party vendor?

Which of the following is the process of salvaging data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally?

Which of the following are the primary rules to apply RBAC-based delegation for a user on a network? Each correct answer represents a complete solution. Choose all that apply.

Fred is a network administrator for an insurance company. Lately there has been an issue with the antivirus software not updating. What is the first thing Fred should do to solve t...

Which of the following are the benefits of public cloud computing? Each correct answer represents a complete solution. Choose three.

Mark wants to compress spreadsheets and PNG image files by using lossless data compression so that he can successfully recover original data whenever required. Which of the followi...

Which of the following is the predicted elapsed time between inherent failures of a system during operation?

Darryl is an administrator for a visualization company. He is concerned about security vulnerabilities associated with visualization. Which of the following are the most significan...

You work as a security administrator for uCertify Inc. You are conducting a security awareness campaign for the employees of the organization. What information will you provide to...

Which of the following steps are involved in a generic cost-benefit analysis process: Each correct answer represents a complete solution. Choose three.

John is setting up a public web server. He has decided to place it in the DMZ. Which firewall should have the tightest restrictions?

Which of the following statements are true about Mean Time to Repair (MTTR)? Each correct answer represents a complete solution. Choose three.

A security administrator of a large private firm is researching and putting together a proposal to purchase an IPS. The specific IPS type has not been selected, and the security ad...

Within a large organization, the corporate security policy states that personal electronic devices are not allowed to be placed on the company network. There is considerable pressu...

An online banking application has had its source code updated and is soon to be re-launched. The underlying infrastructure has not been changed. In order to ensure that the applica...

A small bank is introducing online banking to its customers through its new secured website. The firewall has three interfaces: one for the Internet connection, another for the DMZ...

Which of the following displays an example of a buffer overflow attack? A. <SCRIPT> </SCRIPT> B. Checksums-Sha1:7be9e9bac3882beab1abb002bb5cd2302c76c48d 1157 xfig_3.2.5.b-1.dsc e0e...

An employee was terminated and promptly escorted to their exit interview, after which the employee left the building. It was later discovered that this employee had started a consu...

A company has decided to use the SDLC for the creation and production of a new information system. The security administrator is training all users on how to protect company inform...

Company ABC has recently completed the connection of its network to a national high speed private research network. Local businesses in the area are seeking sponsorship from Compan...

A user logs into domain A using a PKI certificate on a smartcard protected by an 8 digit PIN. The credential is cached by the authenticating server in domain A. Later, the user att...

On Monday, the Chief Information Officer (CIO) of a state agency received an e-discovery request for the release of all emails sent and received by the agency board of directors fo...

An administrator is reviewing a recent security audit and determines that two users in finance also have access to the human resource data. One of those users fills in for any HR e...

An IT administrator has installed new DNS name servers (Primary and Secondary), which are used to host the company MX records and resolve the web server's public address. In order...

There has been a recent security breach which has led to the release of sensitive customer information. As part of improving security and reducing the disclosure of customer data,...

A large enterprise is expanding through the acquisition of a second corporation. Which of the following should be undertaken FIRST before connecting the networks of the newly forme...

The security team for Company XYZ has determined that someone from outside the organization has obtained sensitive information about the internal organization by querying the exter...

Which method(s) of risk analysis have both pros and cons attached?

What is the imaginary boundary that divides the trusted from the un-trusted components?

Volmetric intrusion detection systems are photoelectric, acoustical-seismic, ultrasonic, and microwave. Which can only be used in windowless rooms?

Sam was in a building that caught on fire where the fire suppression method is bad for many types of life. What type of method was being used?

It is law for there to be fire sprinkler or suppression systems in buildings. Which type of fire sprinkler has pipes that hold pressurized air in the pipes and does not release unt...

Which of the following authentication methods sends an encrypted challenge to the client and then sends it back to the server?

Channels allow for communication to travel from one computer to another. What channel type divides communication channels into individual and independent channels?

Which of the following potential vulnerabilities exists in the following code snippet? var myEmail = document.getElementById("formInputEmail").value; if (xmlhttp.readyState==4 && x...

The sales staff at a software development company has received the following requirements from a customer: "We need the system to notify us in advance of all software errors and re...