CompTIA Advanced Security Practitioner (CASP) Recertification Exam for Continuing Education
Question No: 21 – (Topic 1)
select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson
Which of the following types of attacks is the user attempting?
Answer: D Explanation:
The code in the question is SQL code. The attack is a SQL injection attack.
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application#39;s software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
Question No: 22 – (Topic 1)
A company that must comply with regulations is searching for a laptop encryption product to use for its 40,000 end points. The product must meet regulations but also be flexible enough to minimize overhead and support in regards to password resets and lockouts.
Which of the following implementations would BEST meet the needs?
A partition-based software encryption product with a low-level boot protection and authentication
A container-based encryption product that allows the end users to select which files to encrypt
A full-disk hardware-based encryption product with a low-level boot protection and authentication
A file-based encryption product using profiles to target areas on the file system to encrypt
Answer: D Explanation:
The question is asking for a solution that will minimize overhead and support in regards to password resets and lockouts.
File based encryption products operate under the context of the computer user’s user account. This means that the user does not need to remember a separate password for the encryption software. If the user forgets his user account password or is locked out due to failed login attempts, the support department can reset his password from a central database of user accounts (such as Active Directory) without the need to visit the user’s computer.
Profiles can be used to determine areas on the file system to encrypt such as Document
Question No: 23 – (Topic 1)
A startup company offering software on demand has hired a security consultant to provide expertise on data security. The company’s clients are concerned about data confidentiality. The security consultant must design an environment with data confidentiality as the top priority, over availability and integrity. Which of the following designs is BEST suited for this purpose?
All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment to access the virtualized applications. A secret key kept by the startup encrypts the application virtual memory and data store.
All of the company servers are virtualized in a highly available environment sharing common hardware and redundant virtual storage. Clients use terminal service access to the shared environment and to access the virtualized applications. Each client has a common shared key, which encrypts the application virtual memory and data store.
Each client is assigned a set of virtual hosts running shared hardware. Physical storage is partitioned into LUNS and assigned to each client. MPLS technology is used to segment and encrypt each of the client’s networks. PKI based remote desktop with hardware tokens is used by the client to connect to the application.
Each client is assigned a set of virtual hosts running shared hardware. Virtual storage is partitioned and assigned to each client. VLAN technology is used to segment each of the client’s networks. PKI based remote desktop access is used by the client to connect to the application.
Question No: 24 – (Topic 1)
ABC Corporation uses multiple security zones to protect systems and information, and all of the VM hosts are part of a consolidated VM infrastructure. Each zone has different VM administrators. Which of the following restricts different zone administrators from directly accessing the console of a VM host from another zone?
Ensure hypervisor layer firewalling between all VM hosts regardless of security zone.
Maintain a separate virtual switch for each security zone and ensure VM hosts bind to only the correct virtual NIC(s).
Organize VM hosts into containers based on security zone and restrict access using an ACL.
Require multi-factor authentication when accessing the console at the physical VM host.
Answer: C Explanation:
Access Control Lists (ACLs) are used to restrict access to the console of a virtual host. Virtual hosts are often managed by centralized management servers (for example: VMware vCenter Server). You can create logical containers that can contain multiple hosts and you can configure ACLs on the containers to provide access to the hosts within the container.
Question No: 25 – (Topic 1)
A process allows a LUN to be available to some hosts and unavailable to others. Which of the following causes such a process to become vulnerable?
Moving the HBA
Question No: 26 – (Topic 1)
An administrator has enabled salting for users#39; passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain passwords on the system? (Select TWO).
Answer: A,B Explanation:
In cryptography, a salt is random data that is used as an additional input to a one-way
function that hashes a password or passphrase. In this question, enabling salting for users#39; passwords means to store the passwords in an encrypted format.
Traditional Unix systems keep user account information, including one-way encrypted passwords, in a text file called “/etc/passwd#39;#39;. As this file is used by many tools (such as
“ls#39;#39;) to display file ownerships, etc. by matching user id ##39;s with the user#39;s names, the file needs to be world-readable. Consequentially, this can be somewhat of a security risk.
Another method of storing account information is with the shadow password format. As with the traditional method, this method stores account information in the /etc/passwd file in a compatible format. However, the password is stored as a single quot;xquot; character (ie. not actually stored in this file). A second file, called “/etc/shadow#39;#39;, contains encrypted password as well as other information such as account or password expiration values, etc.
Question No: 27 – (Topic 1)
An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:
Each lab must be on a separate network segment.
Labs must have access to the Internet, but not other lab networks.
Student devices must have network access, not simple access to hosts on the lab networks.
Students must have a private certificate installed before gaining access.
Servers must have a private certificate installed locally to provide assurance to the students.
All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?
L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
IPSec VPN with mutual authentication for remote connectivity, RADIUS for
authentication, ACLs on network equipment
Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment
Answer: C Explanation:
IPSec VPN with mutual authentication meets the certificates requirements.
RADIUS can be used with the directory service for the user authentication.
ACLs (access control lists) are the best solution for restricting access to network hosts.
Question No: 28 – (Topic 1)
A network engineer wants to deploy user-based authentication across the company’s wired and wireless infrastructure at layer 2 of the OSI model. Company policies require that users be centrally managed and authenticated and that each user’s network access be controlled based on the user’s role within the company. Additionally, the central authentication system must support hierarchical trust and the ability to natively authenticate mobile devices and workstations. Which of the following are needed to implement these requirements? (Select TWO).
Answer: C,D Explanation:
RADIUS is commonly used for the authentication of WiFi connections. We can use LDAP and RADIUS for the authentication of users and devices.
LDAP and RADIUS have something in common. They’re both mainly protocols (more than a database) which uses attributes to carry information back and forth. They’re clearly defined in RFC documents so you can expect products from different vendors to be able to function properly together.
RADIUS is NOT a database. It’s a protocol for asking intelligent questions to a user database. LDAP is just a database. In recent offerings it contains a bit of intelligence (like Roles, Class of Service and so on) but it still is mainly just a rather stupid database.
RADIUS (actually RADIUS servers like FreeRADIUS) provide the administrator the tools to
not only perform user authentication but also to authorize users based on extremely complex checks and logic. For instance you can allow access on a specific NAS only if the user belongs to a certain category, is a member of a specific group and an outside script allows access. There’s no way to perform any type of such complex decisions in a user database.
Question No: 29 – (Topic 1)
A security administrator was doing a packet capture and noticed a system communicating with an unauthorized address within the 2001::/32 prefix. The network administrator confirms there is no IPv6 routing into or out of the network.
Which of the following is the BEST course of action?
Investigate the network traffic and block UDP port 3544 at the firewall
Remove the system from the network and disable IPv6 at the router
Locate and remove the unauthorized 6to4 relay from the network
Disable the switch port and block the 2001::/32 traffic at the firewall
Answer: A Explanation:
The 2001::/32 prefix is used for Teredo tunneling.
Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network. Unlike similar protocols, it can perform its function even from behind network address translation (NAT) devices such as home routers.
Teredo provides IPv6 (Internet Protocol version 6) connectivity by encapsulating IPv6 datagram packets within IPv4 User Datagram Protocol (UDP) packets. Teredo routes these datagrams on the IPv4 Internet and through NAT devices. Teredo nodes elsewhere on the IPv6 network (called Teredo relays) receive the packets, decapsulate them, and pass them on. The Teredo server listens on UDP port 3544.
Teredo clients are assigned an IPv6 address that starts with the Teredo prefix (2001::/32). In this question, the BEST course of action would be to block UDP port 3544 at the firewall. This will block the unauthorized communication. You can then investigate the traffic within the network.
Question No: 30 – (Topic 1)
The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users#39; workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?
Answer: A Explanation:
In this question, we need to protect the workstations when connected to either the office or home network. Therefore, we need a solution that stays with the workstation when the user takes the computer home.
A HIPS (Host Intrusion Prevention System) is software installed on a host which monitors the host for suspicious activity by analyzing events occurring within that host with the aim of detecting and preventing intrusion.
Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it.
Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor network traffic and/or system activities for malicious activity. The main differences are, unlike intrusion detection systems, intrusion prevention systems are placed in-line and are able to actively prevent/block intrusions that are detected. More specifically, IPS can take such actions as sending an alarm, dropping the malicious packets, resetting the connection and/or blocking the traffic from the offending IP address.
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|