Question 1

Given the following:  Which of the following vulnerabilities is present in the above code snippet?

Accepted Answer

A)  Disclosure of database credential 
B)  SQL-based string concatenation 
C)  DOM-based injection 
D)  Information disclosure in comments

Question 2

A security engineer successfully exploits an application during a penetration test. As proof of the exploit, the security engineer takes screenshots of how data was compromised in the application. Given the information below from the screenshot.  Which of the following tools was MOST likely used to exploit the application?

Accepted Answer

A)  The engineer captured the data with a protocol analyzer, and then utilized Python to edit the data 
B)  The engineer queried the server and edited the data using an HTTP proxy interceptor 
C)  The engineer used a cross-site script sent via curl to edit the data 
D)  The engineer captured the HTTP headers, and then replaced the JSON data with a banner-grabbing tool

Question 3

An internal penetration tester finds a legacy application that takes measurement input made in a text box and outputs a specific string of text related to industry requirements. There is no documentation about how this application works, and the source code has been lost. Which of the following would BEST allow the penetration tester to determine the input and output relationship?

Accepted Answer

A)  Running an automated fuzzer 
B)  Constructing a known cipher text attack 
C)  Attempting SQL injection commands 
D)  Performing a full packet capture 
E)  Using the application in a malware sandbox

Question 4

To meet an SLA, which of the following document should be drafted, defining the company's internal interdependent unit responsibilities and delivery timelines.

Accepted Answer

A)  BPA 
B)  OLA 
C)  MSA 
D)  MOU

Question 5

A systems administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server. Which of the following steps should the administrator take NEXT?

Accepted Answer

A)  Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2 
B)  Take an MD5 hash of the server 
C)  Delete all PHI from the network until the legal department is consulted 
D)  Consult the legal department to determine the legal requirements

Question 6

Which of the following may indicate a configuration item has reached end-of-life?

Accepted Answer

A)  The device will no longer turn on and indicated an error. 
B)  The vendor has not published security patches recently. 
C)  The object has been removed from the Active Directory. 
D)  Logs show a performance degradation of the component.

Question 7

A security architect has been assigned to a new digital transformation program. The objectives are to provide better capabilities to customers and reduce costs. The program has highlighted the following requirements: Long-lived sessions are required, as users do not log in very often. The solution has multiple SPs, which include mobile and web applications. A centralized IdP is utilized for all customer digital channels. The applications provide different functionality types such as forums and customer portals. The user experience needs to be the same across both mobile and web-based applications. Which of the following would BEST improve security while meeting these requirements?

Accepted Answer

A)  Social login to IdP, securely store the session cookies, and implement one-time passwords sent to the mobile device 
B)  Create-based authentication to IdP, securely store access tokens, and implement secure push notifications. 
C)  Username and password authentication to IdP, securely store refresh tokens, and implement context-aware authentication. 
D)  Username and password authentication to SP, securely store Java web tokens, and implement SMS OTPs.

Question 8

A company is the victim of a phishing and spear-phishing campaign. Users are clicking on website links that look like common bank sites and entering their credentials accidentally. A security engineer decides to use a layered defense to prevent the phishing or lessen its impact. Which of the following should the security engineer implement? (Choose two.)

Accepted Answer

A)  Spam filter 
B)  Host intrusion prevention 
C)  Client certificates 
D)  Log monitoring 
E)  Content filter
F) Data loss prevention

Question 9

A systems administrator recently joined an organization and has been asked to perform a security assessment of controls on the organization's file servers, which contain client data from a number of sensitive systems. The administrator needs to compare documented access requirements to the access implemented within the file system. Which of the following is MOST likely to be reviewed during the assessment? (Select two.)

Accepted Answer

A)  Access control list 
B)  Security requirements traceability matrix 
C)  Data owner matrix 
D)  Roles matrix 
E)  Data design document
F) Data access policies

Question 10

A security controls assessor intends to perform a holistic configuration compliance test of networked assets. The assessor has been handed a package of definitions provided in XML format, and many of the files have two common tags within them: "

Accepted Answer

A)  HTTP interceptor 
B)  Static code analyzer 
C)  SCAP scanner 
D)  XML fuzzer

Question 11

A security engineer must establish a method to assess compliance with company security policies as they apply to the unique configuration of individual endpoints, as well as to the shared configuration policies of common devices.  Which of the following tools is the security engineer using to produce the above output?

Accepted Answer

A)  Vulnerability scanner 
B)  SIEM 
C)  Port scanner 
D)  SCAP scanner

Question 12

A security analyst who is concerned about sensitive data exfiltration reviews the following:  Which of the following tools would allow the analyst to confirm if data exfiltration is occuring?

Accepted Answer

A)  Port scanner 
B)  SCAP tool 
C)  File integrity monitor 
D)  Protocol analyzer

Question 13

During the decommissioning phase of a hardware project, a security administrator is tasked with ensuring no sensitive data is released inadvertently. All paper records are scheduled to be shredded in a crosscut shredder, and the waste will be burned. The system drives and removable media have been removed prior to e-cycling the hardware. Which of the following would ensure no data is recovered from the system drives once they are disposed of?

Accepted Answer

A)  Overwriting all HDD blocks with an alternating series of data. 
B)  Physically disabling the HDDs by removing the drive head. 
C)  Demagnetizing the hard drive using a degausser. 
D)  Deleting the UEFI boot loaders from each HDD.

Question 14

A product owner is reviewing the output of a web-application penetration test and has identified an application that is presenting sensitive information in cleartext on a page. Which of the following code snippets would be BEST to use to remediate the vulnerability?

Accepted Answer

A) B) C) D) Query hqlQuery = session.createQuery("select transaction from Accounts as orders where acct.id =?"); List results = hqlQuery.setString(0,"122-ACC-988-QTWYTFDL").list();

Question 15

A company is moving all of its web applications to an SSO configuration using SAML. Some employees report that when signing in to an application, they get an error message on the login screen after entering their username and password, and are denied access. When they access another system that has been converted to the new SSO authentication model, they are able to authenticate successfully without being prompted for login. Which of the following is MOST likely the issue?

Accepted Answer

A)  The employees are using an old link that does not use the new SAML authentication. 
B)  The XACML for the problematic application is not in the proper format or may be using an older schema. 
C)  The web services methods and properties are missing the required WSDL to complete the request after displaying the login page. 
D)  A threat actor is implementing an MITM attack to harvest credentials.

Question 16

Which of the following is an external pressure that causes companies to hire security assessors and penetration testers?

Accepted Answer

A)  Lack of adequate in-house testing skills. 
B)  Requirements for geographically based assessments 
C)  Cost reduction measures 
D)  Regulatory insistence on independent reviews.

Question 17

An infrastructure team is at the end of a procurement process and has selected a vendor. As part of the final negotiation, there are a number of outstanding issues, including: 1. Indemnity clauses have identified the maximum liability. 2. The data will be hosted and managed outside of the company's geographical location. The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant of the project, which of the following should the project's security consultant recommend as the NEXT step?

Accepted Answer

A)  Develop a security exemption, as it does not meet the security policies. 
B)  Require the solution owner to accept the identified risks and consequences. 
C)  Mitigate the risk by asking the vendor to accept the in-country privacy principles. 
D)  Review the procurement process to determine the lessons learned.

Question 18

An organization has established the following controls matrix:    The following control sets have been defined by the organization and are applied in aggregate fashion: Systems containing PII are protected with the minimum control set. Systems containing medical data are protected at the moderate level. Systems containing cardholder data are protected at the high level. The organization is preparing to deploy a system that protects the confidentially of a database containing PII and medical data from clients. Based on the controls classification, which of the following controls would BEST meet these requirements?

Accepted Answer

A)  Proximity card access to the server room, context-based authentication, UPS, and full-disk encryption for the database server. 
B)  Cipher lock on the server room door, FDE, surge protector, and static analysis of all application code. 
C)  Peer review of all application changes, static analysis of application code, UPS, and penetration testing of the complete system. 
D)  Intrusion detection capabilities, network-based IPS, generator, and context-based authentication.

Question 19

The marketing department has developed a new marketing campaign involving significant social media outreach. The campaign includes allowing employees and customers to submit blog posts and pictures of their day-to-day experiences at the company. The information security manager has been asked to provide an informative letter to all participants regarding the security risks and how to avoid privacy and operational security issues. Which of the following is the MOST important information to reference in the letter?

Accepted Answer

A)  After-action reports from prior incidents. 
B)  Social engineering techniques 
C)  Company policies and employee NDAs 
D)  Data classification processes

Question 20

Given the following information about a company's internal network: User IP space: 192.168.1.0/24 Server IP space: 192.168.192.0/25 A security engineer has been told that there are rogue websites hosted outside of the proper server space, and those websites need to be identified. Which of the following should the engineer do?

Accepted Answer

A)  Use a protocol analyzer on 192.168.1.0/24 
B)  Use a port scanner on 192.168.1.0/24 
C)  Use an HTTP interceptor on 192.168.1.0/24 
D)  Use a port scanner on 192.168.192.0/25 
E)  Use a protocol analyzer on 192.168.192.0/25
F) Use an HTTP interceptor on 192.168.192.0/25

Exam 3: CompTIA Advanced Security Practitioner (CASP+) CAS-003

Given the following: Which of the following vulnerabilities is present in the above code snippet?

To meet an SLA, which of the following document should be drafted, defining the company's internal interdependent unit responsibilities and delivery timelines.

A systems administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server. Which of the following steps should the administrator take NEXT?

Which of the following may indicate a configuration item has reached end-of-life?

A security analyst who is concerned about sensitive data exfiltration reviews the following: Which of the following tools would allow the analyst to confirm if data exfiltration is occuring?

A product owner is reviewing the output of a web-application penetration test and has identified an application that is presenting sensitive information in cleartext on a page. Which of the following code snippets would be BEST to use to remediate the vulnerability?

Which of the following is an external pressure that causes companies to hire security assessors and penetration testers?