CAS-002 Exam Questions

A recently hired security administrator is advising developers about the secure integration of a legacy in-house application with a new cloud based processing system. The systems m...

A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user continue to operate on the network as normal. However, they would lik...

An administrator has enabled salting for users' passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetr...

The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15% per year in each of the last four years, but that this year's growth has slo...

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled: Caller 1, IP 172.16.35.217,...

The following has been discovered in an internally developed application: Error - Memory allocated but not freed: char *myBuffer = malloc(BUFFER_SIZE); if (myBuffer != NULL) { *myB...

A medical device manufacturer has decided to work with another international organization to develop the software for a new robotic surgical platform to be introduced into hospital...

After the install process, a software application executed an online activation process. After a few months, the system experienced a hardware failure. A backup image of the system...

A bank is in the process of developing a new mobile application. The mobile client renders content and communicates back to the company servers via REST/JSON calls. The bank wants...

The network administrator at an enterprise reported a large data leak. One compromised server was used to aggregate data from several critical application servers and send it out t...

A company that must comply with regulations is searching for a laptop encryption product to use for its 40,000 end points. The product must meet regulations but also be flexible en...

A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the BEST description of why...

A firm's Chief Executive Officer (CEO) is concerned that IT staff lacks the knowledge to identify complex vulnerabilities that may exist in a payment system being internally develo...

A company provides on-demand cloud computing resources for a sensitive project. The company implements a fully virtualized datacenter and terminal server access with two-factor aut...

A system worth $100,000 has an exposure factor of eight percent and an ARO of four. Which of the following figures is the system's SLE?

VPN users cannot access the active FTP server through the router but can access any server in the data center. Additional network information: DMZ network - 192.168.5.0/24 (FTP ser...

Company policy requires that all company laptops meet the following baseline requirements: Software requirements: Antivirus Anti-malware Anti-spyware Log monitoring Full-disk encry...

A security manager looked at various logs while investigating a recent security breach in the data center from an external source. Each log below was collected from various securit...

A storage as a service company implements both encryption at rest as well as encryption in transit of customers' data. The security administrator is concerned with the overall secu...

After reviewing a company's NAS configuration and file system access logs, the auditor is advising the security administrator to implement additional security controls on the NFS e...

An IT auditor is reviewing the data classification for a sensitive system. The company has classified the data stored in the sensitive system according to the following matrix: DAT...

A security auditor suspects two employees of having devised a scheme to steal money from the company. While one employee submits purchase orders for personal items, the other emplo...

During an incident involving the company main database, a team of forensics experts is hired to respond to the breach. The team is in charge of collecting forensics evidence from t...

A security administrator has noticed that an increased number of employees' workstations are becoming infected with malware. The company deploys an enterprise antivirus system as w...

Company policy requires that all unsupported operating systems be removed from the network. The security administrator is using a combination of network based tools to identify suc...

A new IT company has hired a security consultant to implement a remote access system, which will enable employees to telecommute from home using both company issued as well as pers...

The IT director has charged the company helpdesk with sanitizing fixed and removable media. The helpdesk manager has written a new procedure to be followed by the helpdesk staff. T...

Since the implementation of IPv6 on the company network, the security administrator has been unable to identify the users associated with certain devices utilizing IPv6 addresses,...

ABC Corporation has introduced token-based authentication to system administrators due to the risk of password compromise. The tokens have a set of HMAC counter-based codes and are...

A security manager is looking into the following vendor proposal for a cloud-based SIEM solution. The intention is that the cost of the SIEM solution will be justified by having re...

A software developer and IT administrator are focused on implementing security in the organization to protect OSI layer 7. Which of the following security technologies would BEST m...

The finance department for an online shopping website has discovered that a number of customers were able to purchase goods and services without any payments. Further analysis cond...

A bank has decided to outsource some existing IT functions and systems to a third party service provider. The third party service provider will manage the outsourced systems on the...

An investigator wants to collect the most volatile data first in an incident to preserve the data that runs the highest risk of being lost. After memory, which of the following BES...

A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedul...

A company has noticed recently that its corporate information has ended up on an online forum. An investigation has identified that internal employees are sharing confidential corp...

An employee is performing a review of the organization's security functions and noticed that there is some cross over responsibility between the IT security team and the financial...

A security services company is scoping a proposal with a client. They want to perform a general security audit of their environment within a two week period and consequently have t...

An insurance company has an online quoting system for insurance premiums. It allows potential customers to fill in certain details about their car and obtain a quote. During an inv...

A security tester is testing a website and performs the following manual query: The following response is received in the payload: "ORA-000001: SQL command not properly ended" Whic...

An organization has several production critical SCADA supervisory systems that cannot follow the normal 30-day patching policy. Which of the following BEST maximizes the protection...

An administrator believes that the web servers are being flooded with excessive traffic from time to time. The administrator suspects that these traffic floods correspond to when a...

A trucking company delivers products all over the country. The executives at the company would like to have better insight into the location of their drivers to ensure the shipment...

A company has adopted a BYOD program. The company would like to protect confidential information. However, it has been decided that when an employee leaves, the company will not co...

An organization uses IP address block 203.0.113.0/24 on its internal network. At the border router, the network administrator sets up rules to deny packets with a source address in...

Using SSL, an administrator wishes to secure public facing server farms in three subdomains: dc1.east.company.com, dc2.central.company.com, and dc3.west.company.com. Which of the f...

A security administrator is assessing a new application. The application uses an API that is supposed to encrypt text strings that are stored in memory. How might the administrator...

An international shipping company discovered that deliveries left idle are being tampered with. The company wants to reduce the idle time associated with international deliveries b...

The telecommunications manager wants to improve the process for assigning company-owned mobile devices and ensuring data is properly removed when no longer needed. Additionally, th...