CASP+ Practice Tests. Nadean H. Tanner
Читать онлайн книгу.
situation that affects the CIA triad of an IT asset can include an internal and external risk source. A breach of physical security can be instigated by_________________.untrusted insiders or trusted outsiderstrusted insiders or untrusted outsidershidden costsservice deterioration
4 Your organization provides cloud computing for a highly classified project. You implemented a virtual data center with multifactor authentication. Using the SIEM, you discovered a breach affecting confidential data. Sensitive information was found within the hypervisor. What has most probably occurred?You found a token and a RAM exploit that was used to move data.You found a local admin who could move data to their hard drive.A vulnerable server was unpatched, and the attacker was able to use VMEscape for access.A guest account used privilege escalation to move data from one virtual token to another.
5 An internal auditor has completed the annual audit of the company's financial records. The report has found several lapses in security policies and procedures, including proper disposal and sanitation of financial transactions. What would be their recommendation?You should wait for an external audit.You should recommend a separation of duties.You should institute job rotation.You should implement mandatory training.
6 An analyst has been attempting to acquire a budget for a new security tool. Which of the following should the analyst give to management to support the request?Threat reports and a trend analysisInterconnection security agreement (ISA)Master service agreement (MSA)Request for information (RFI)
7 An audit found a lack of security controls regarding employee termination. The current company policy states that the terminated employee's account is disabled within one hour of termination. The audit found that more than 10 percent of terminated employees still have active accounts. What is the BEST course of action?Review the termination requirements.Implement a monthly review of terminated employees.Update the policy to accommodate the delay.Review the termination policy with managers.
8 Several servers went offline since an update was pushed out. Other servers without that patch are still operational but vulnerable to attack. As the security administrator, you must ensure that critical servers are patched while minimizing downtime. What is the best strategy to minimize risk?All updates are tested in a lab before deployment.All systems in production are patched automatically.Production servers are patched only when updates are released.All updates are tested after being installed in a live environment.
9 Your organization is in the middle of a risk assessment for a new network infrastructure upgrade. All planning is complete, and your plan must include which security controls are to be put in place during each stage of the upgrade. What risk response is most likely being considered while creating an SLA contract with a third party?Accepting riskIdentifying riskTransferring riskMitigating risk
10 Your company hired a new CISO, and the first order of business is to perform a risk assessment on a new mobile device that is to be given to all employees. The device is commercially available and runs a popular operating system. What are the most important security factors that you should consider while conducting this risk assessment?Remote wipe and controls, encryption, and vendor track recordEncryption, IPV6, cost, and colorRemote wipe, maintenance, and inventory managementRemote monitoring, cost, SSD, and vendor track record
11 Your CISO wants you to conduct a risk assessment for a vital new healthcare system that needs to be in place in a month. As you conduct the assessment, you find a vulnerability report that details the low likelihood of exploitation. Why does your CISO still have reservations about making an exemption for this risk?The CISO has concerns about government regulations and compliance.The CISO feels rushed to make a decision.Competitors have elected not to use this system.Even one attack would be devastating to the organization, both financially and to its reputation.
12 Your company is looking at a new strategy to reach customers that includes social media. The marketing director would like to share news, updates, and promotions on all social websites. What are the major security risks to be aware of when this new program goes into effect?Malware, phishing, and social engineeringDDOS, brute force, and SQLiMergers and data ownershipRegulatory requirements and environmental changes
13 Your CEO purchased the latest and greatest mobile device (BYOD) and now wants you to connect it to the company's intranet. You have been told to research this process. What BEST security recommendation do you recommend to make the biggest impact on risk?Making this a new corporate policy available for everyoneAdding a PIN to access the deviceEncrypting nonvolatile memoryAuditing requirements
14 Your organization wants to move a vital company process to the cloud. You are tasked with conducting a risk analysis to minimize the risk of hosting email in the cloud. What is the best path forward?All logins must be done over an encrypted channel and obtain an NDA and SLA from the cloud provider.Remind all users not to write down their passwords.Make sure that the OLA covers more than just operations.Require data classification.
15 A web developer builds a web form for customers to fill out and respond to the company via a web page. What is the first thing that a developer should do to avoid this page becoming a security risk?SQLiInput validationCross-site request forgeryFuzzing
16 Your organization is pressured by both the company board and employees to allow personal devices on the network. They asked for email and calendar items to be synced between the company ecosystem and their BYOD. Which of the following BEST balances security and usability?Allowing access for the management team only, because they have a need for convenient accessNot allowing any access between a BYOD device and the corporate network, only cloud applicationsOnly allowing certain types of devices that can be centrally managedReviewing security policy and performing a risk evaluation focused on central management, including the remote wipe and encryption of sensitive data
17 Your organization decided to outsource systems that are not mission critical. You have been tasked with calculating the risk of outsourcing these systems because a recent review indicates that core business functions are dependent on these outsourced systems. What is the BEST tool to use?Business impact analysisAnnual loss expectancyTotal cost of ownershipGap analysis
18 The retail division of your organization purchased touchscreen tablets and wireless mice and keyboards for all their representatives to increase productivity. You communicated the risk of nonstandard devices and wireless devices, but the deployment continued. What is the BEST method for evaluating and presenting potential threats to upper management?Conducting a vulnerability assessmentDeveloping a standard image for these assetsMaking new recommendations for security policiesWorking with the management team to understand the processes these devices will interface with, and to classify the risk connected with the hardware/software deployment life cycle
19 Your organization experiences a security incident that costs $20,000 in downtime each time it occurs. It's happened twice this fiscal year. The device causing the issue is scheduled to be upgraded next year. The cost of implementing a fix is more than $250,000 and also requires maintenance contracts. What is the most cost-effective way to deal with this risk?Mitigate the risk.Avoid the risk.Accept the risk.Transfer the risk.
20 You have an asset that is valued at $1,000. The EF for this asset is 10 percent. The ARO is 2. What is the ALE?The ALE is $200.The ALE is $100.The ALE is $400.ALE cannot be calculated with the numbers provided.
21 A security administrator is reviewing an audit and finds that two users in human resources also have access to finance data. One of these users is a recruiter, while the other is an intern. What security measure is being violated?Job rotationDisclosureMandatory vacationLeast privilege
22 Your organization experienced a security event that led to the loss and disruption of services. You were chosen to investigate the disruption to prevent the risk of it happening again. What is this process called?Incident managementForensic tasksMandatory vacationJob rotation
23 Your new role with a law enforcement agency is to support the development of policies and to implement standard IT security practices. You will be writing the procedures for ______________ such as collecting digital evidence, recording observations, and taking photographs.least privilegeincident responsesmaster service agreementsforensic tasks
24 Your company is working with a new ISP and wants to find out technical details,