CA1-001 CompTIA Advanced Security Practitioner Practice Exam Set 4

Which of the following can monitor any application input, output, and/or system service calls made

from, to, or by an application?



Options are :

  • Host-based firewall (Correct)
  • Dynamic firewall
  • Network-based firewall
  • Application firewall

Answer : Host-based firewall

Mark works as a Network Security Administrator for uCertify Inc. Mark has been assigned to a task

to test the network security of the company. He created a webpage to discuss the progress of the

tests with employees who were interested in following the test. Visitors were allowed to click on a

company's icon to mark the progress of the test. Mark successfully embeds a keylogger. He also

added some statistics on the webpage. The firewall protects the network well and allows strict

Internet access. How was security compromised and how did the firewall respond?



Options are :

  • The attack was social engineering and the firewall did not detect it. (Correct)
  • Security was compromised as keylogger is invisible for firewall.
  • The attack was Cross Site Scripting and the firewall blocked it.
  • Security was not compromised as the webpage was hosted internally.

Answer : The attack was social engineering and the firewall did not detect it.

Which of the following is a deterministic algorithm to generate a sequence of numbers with little or

no discernible pattern in the numbers, apart from broad statistical properties?




Options are :

  • Pseudorandom number generator (Correct)
  • Java Cryptographic Extension
  • Twofish
  • Simple and Protected GSSAPI Negotiation Mechanism

Answer : Pseudorandom number generator

Maria is concerned about outside parties attempting to access her companies network via the

wireless connection. Where should she place the WAP?



Options are :

  • Inside a secure room
  • WAPs should be placed at each corner
  • Centrally in the building (Correct)
  • In the server room

Answer : Centrally in the building

Which of the following counters measures the rate at which the bytes are sent through or received

by a network?




Options are :

  • Network Interface: Bytes/sec (Correct)
  • Network Interface: Bytes Received/sec
  • Network Interface: Bytes Sent/sec
  • Network Interface: Output Queue Length

Answer : Network Interface: Bytes/sec

Which of the following processes is used to ensure that standardized methods and procedures are

used for efficient handling of all changes?



Options are :

  • Change Management (Correct)
  • Exception management
  • Risk Management
  • Configuration Management

Answer : Change Management

Which of the following security principles would be most helpful in preventing privilege escalation?



Options are :

  • Least privileges (Correct)
  • Single point of failure
  • Implicit deny
  • Job rotation

Answer : Least privileges

In which of the following phases of the System Development Life Cycle (SDLC) is the IT system

designed, purchased, and programmed?




Options are :

  • Disposal
  • Development/Acquisition (Correct)
  • Operation/Maintenance
  • Initiation

Answer : Development/Acquisition

John is setting up a public web server. He has decided to place it in the DMZ. Which firewall

should have the tightest restrictions?




Options are :

  • On the web server itself
  • Outer end of the DMZ
  • The restrictions should be consistent
  • Inner end of the DMZ (Correct)

Answer : Inner end of the DMZ

__________ is the concept that disclosure of the long-term secret keying material that is used to

derive an agreed key does not compromise the secrecy of agreed keys that had previously been

generated.




Options are :

  • Diffie-Hellman
  • Perfect forward secrecy (Correct)
  • Authentication protocol
  • Key exchange protocol

Answer : Perfect forward secrecy

Which of the following terms suggests that the supplier of an application program or system

provides all the hardware and software components and resources to meet the customers

requirement and no other supplier is required to be involved?



Options are :

  • COTS product
  • Change Management
  • End-to-end solution (Correct)
  • Collaboration platform

Answer : End-to-end solution

John is hosting several Web sites on a single server. One is an e-commerce site that handles

credit card transactions, while the other sites do not handle credit card data. Does this present a

security problem, and if so, what?



Options are :

  • The other sites may allow privilege escalation to the e-commerce site
  • Credit card processing requires HIPAA compliance, the other sites do not
  • Credit card processing requires PCI compliance, the other sites do not (Correct)
  • There is no issue with different types of sites on one server

Answer : Credit card processing requires PCI compliance, the other sites do not

Which of the following department in an organization is responsible for documenting and the

controlling the incoming and outgoing cash flows as well as the actual handling of the cash flows?




Options are :

  • Human Resource
  • Financial (Correct)
  • Stakeholder
  • Management

Answer : Financial

Which of the following governing factors should be considered to derive an overall likelihood rating

that is used to specify the probability that a potential vulnerability may be exercised within the

construct of the associated threat environment?

Each correct answer represents a complete solution. Choose three.

A. Threat-source motivation and capability

B. Detect a problem and determine its cause

C. Nature of the vulnerability

D. Existence and effectiveness of current controls



Options are :

  • A,B,C
  • B,C,D
  • A,B,D
  • C,D,A (Correct)

Answer : C,D,A

Which of the following are the main aims of Change Management?

Each correct answer represents a complete solution. Choose all that apply.

A. Reduction in back-out activities

B. Economic utilization of resources involved in the change

C. Tracking all of the individual Configuration Items (CI) in an IT system

D. Minimal disruption of services



Options are :

  • C,D,A
  • B,C,D
  • A,B,C
  • A,B,D (Correct)

Answer : A,B,D

You work as a Security Administrator for uCertify Inc. The company has a TCP/IP based network

and uses the WS-Security service to enable message-level security for Web services. Which of

the following mechanisms does it describe?

Each correct answer represents a complete solution. Choose three.

A. How to attach security tokens to ascertain the identity of sender.

B. How to encrypt SOAP messages to assure confidentiality.

C. How to sign SOAP messages to assure integrity.

D. How to provide a guarantee of security.




Options are :

  • B,C,D
  • C,D,A (Correct)
  • A,B,C
  • A,D,B

Answer : C,D,A

As a network administrator, if you are experiencing intermittent security issues what is the first

thing you should do?




Options are :

  • Isolate the problem (Correct)
  • Consider alternative solutions
  • Define a solution
  • Try obvious fixes

Answer : Isolate the problem

Mark, a malicious hacker, submits Cross-Site Scripting (XSS) exploit code to the Website of the

Internet forum for online discussion. When a user visits the infected Web page, the code gets

automatically executed and Mark can easily perform acts such as account hijacking, history theft,

etc. Which of the following types of cross-site scripting attacks does Mark intend to perform?



Options are :

  • Document Object Model (DOMJ
  • SAX
  • Non-persistent
  • Persistent (Correct)

Answer : Persistent

Continuous Monitoring is the fourth phase of the Security Certification and Accreditation process,

which of the following activities can be involved in the Continuous Monitoring process?

Each correct answer represents a complete solution. Choose three.

A. Security control monitoring

B. Status reporting and documentation

C. Configuration Management and Control

D. Network impact analysis



Options are :

  • A,B,C (Correct)
  • C,D,A
  • B,C,D
  • A,B,D

Answer : A,B,C

You are working in an organization, which has a TCP/IP based network. Each employee reports

you whenever he finds a problem in the network and asks you to debug the problem, what is your

designation in the organization?



Options are :

  • Network administrator (Correct)
  • Database administrator
  • Facility manager
  • Stakeholder

Answer : Network administrator

Which of the following are the primary rules to apply RBAC-based delegation for a user on a

network? Each correct answer represents a complete solution. Choose all that apply.

A. Authorization of Role

B. Assignment of Roles

C. Assignment of Permission

D. Authorization of Permission



Options are :

  • A,B,D (Correct)
  • C,D,A
  • B,C,D
  • A,B,C

Answer : A,B,D

Which of the following statements best describe the responsibilities of a facility manager in an

organization? Each correct answer represents a complete solution. Choose three.

A. Analyze and manage project in order to provide desired output in given deadlines.

B. Develop written physical security plans for critical infrastructures.

C. Improve current activities with minimum interruption for excellent result.

D. Make an attractive plan with the help of different business strategies.



Options are :

  • B,C,D
  • C,D,A (Correct)
  • A,B,C
  • A,B,D

Answer : C,D,A

Which of the following Web sites provides a virtual community where people with a shared interest

can communicate and also can post their thoughts, ideas, and anything else and share it with their

friends?



Options are :

  • Social networking site (Correct)
  • E-commerce site
  • Internet forum
  • Blog

Answer : Social networking site

You are responsible for evaluating, recommending, and directing changes to the Corporate

Security Manager in order to ensure the security of assets, facilities, and employees of the

organization. What is your designation?



Options are :

  • Network administrator
  • Facility manager
  • Physical security manager (Correct)
  • HR manager

Answer : Physical security manager

The help desk is flooded with calls from users who receive an e-mail warning about a new virus.

The e-mail instructs them to search and delete a number of files from their systems. Many of them

attempt to reboot the systems after deleting the specified files and find that the systems are not

rebooting properly, which of the following types of attacks has occurred?




Options are :

  • Hoax (Correct)
  • Pharming
  • Phishing
  • Spam

Answer : Hoax

PFS depends on which type of following encryption?

A.



Options are :

  • Asymmetric (Correct)
  • Classic
  • Secret
  • Symmetric

Answer : Asymmetric

Which of the following is the process of digitally signing executables and scripts to confirm the

software author and guarantee that the code has not been altered or corrupted since it was signed

by use of a cryptographic hash?



Options are :

  • Entropy
  • Code signing (Correct)
  • Hashing
  • Non-repudiation

Answer : Code signing

Which of the following is a key agreement protocol that allows two users to exchange a secret key

over an insecure medium without any prior secrets?




Options are :

  • One-way encryption
  • XML encryption
  • SecureFiles Encryption
  • Diffie-Hellman encryption (Correct)

Answer : Diffie-Hellman encryption

Which of the following attacks are computer threats that try to exploit computer application

vulnerabilities that are unknown to others or undisclosed to the software developer?



Options are :

  • FMS
  • Buffer overflow
  • Zero-day (Correct)
  • Spoofing

Answer : Zero-day

Which of the following is a legal contract between at least two parties that outlines confidential

materials or knowledge the parties wish to share with one another for certain purposes, but wish to

restrict access to?



Options are :

  • SLA
  • OLA
  • NDA (Correct)
  • SA

Answer : NDA

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions