CAS-004 Online Practice Questions and Answers

Which of the following allows computation and analysis of data within a ciphertext without knowledge of the plaintext?

A. Lattice-based cryptography

B. Quantum computing

C. Asymmetric cryptography

D. Homomorphic encryption

A company is implementing SSL inspection. During the next six months, multiple web applications that will be separated out with subdomains will be deployed. Which of the following will allow the inspection of the data without multiple certificate deployments?

A. Include all available cipher suites.

B. Create a wildcard certificate.

C. Use a third-party CA.

D. Implement certificate pinning.

A security engineer is reviewing a record of events after a recent data breach incident that Involved the following:

1.

A hacker conducted reconnaissance and developed a footprint of the company s Internet- facing web application assets.

2.

A vulnerability in a third-party horary was exploited by the hacker, resulting in the compromise of a local account.

3.

The hacker took advantage of the account's excessive privileges to access a data store and exfilltrate the data without detection.

Which of the following is the BEST solution to help prevent this type of attack from being successful in the future?

A. Dynamic analysis

B. Secure web gateway

C. Software composition analysis

D. User behavior analysis

E. Web application firewall

Based on PCI DSS v3.4, One Particular database field can store data, but the data must be unreadable. Which of the following data objects meets this requirement?

A. PAN

B. CVV2

C. Cardholder name

D. expiration date

A help desk technician just informed the security department that a user downloaded a suspicious file from internet explorer last night. The user confirmed accessing all the files and folders before going home from work. the next morning, the user was no longer able to boot the system and was presented a screen with a phone number. The technician then tries to boot the computer using wake-on-LAN, but the system would not come up. which of the following explains why the computer would not boot?

A. The operating system was corrupted.

B. SElinux was in enforced status.

C. A secure boot violation occurred.

D. The disk was encrypted.

A small business would like to provide guests who are using mobile devices encrypted WPA3 access without first distributing PSKs or other credentials. Which of the following features will enable the business to meet this objective?

A. Simultaneous Authentication of Equals

B. Enhanced open

C. Perfect forward secrecy

D. Extensible Authentication Protocol

An ISP is receiving reports from a portion of its customers who state that typosquatting is occurring when they type in a portion of the URL for the ISP's website. The reports state that customers are being directed to an advertisement website that is asking for personal information. The security team has verified the DNS system is returning proper results and has no known lOCs. Which of the following should the security team implement to best mitigate this situation?

A. DNSSEC

B. DNS filtering

C. Multifactor authentication

D. Self-signed certificates

E. Revocation of compromised certificates

A security engineer is re-architecting a network environment that provides regional electric distribution services. During a pretransition baseline assessment, the engineer identified the following security-relevant characteristics of the environment:

1.

Enterprise IT servers and supervisory industrial systems share the same subnet.

2.

Supervisory controllers use the 750MHz band to direct a portion of fielded PLCs.

3.

Command and telemetry messages from industrial control systems are unencrypted and unauthenticated.

Which of the following re-architecture approaches would be best to reduce the company's risk?

A. Implement a one-way guard between enterprise IT services and mission-critical systems, obfuscate legitimate RF signals by broadcasting noise, and implement modern protocols to authenticate ICS messages.

B. Characterize safety-critical versus non-safety-critical systems, isolate safety-critical systems from other systems, and increase the directionality of RF links in the field.

C. Create a new network segment for enterprise IT servers, configure NGFW to enforce a well-defined segmentation policy, and implement a WIDS to monitor the spectrum.

D. Segment supervisory controllers from field PLCs, disconnect the entire network from the internet, and use only the 750MHz link for controlling energy distribution services.

A security engineer evaluates the overall security of a custom mobile gaming application and notices that developers are bringing in a large number of open-source packages without appropriate patch management. Which of the following would the engineer most likely recommend for uncovering known vulnerabilities in the packages?

A. Leverage an exploitation framework to uncover vulnerabilities.

B. Use fuzz testing to uncover potential vulnerabilities in the application.

C. Utilize a software composition analysis tool to report known vulnerabilities.

D. Reverse engineer the application to look for vulnerable code paths.

E. Analyze the use of an HTTP intercepting proxy to dynamically uncover issues.

An IoT device implements an encryption module built within its SoC, where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware. Which of the following should the IoT manufacture do if the private key is compromised?

A. Use over-the-air updates to replace the private key.

B. Manufacture a new IoT device with a redesigned SoC.

C. Replace the public portion of the IoT key on its servers.

D. Release a patch for the SoC software.