CompTIA CAS-002 問題集

質問 1：
After a security incident, an administrator would like to implement policies that would help reduce fraud and the potential for collusion between employees. Which of the following would help meet these goals by having co-workers occasionally audit another worker's position?
A. Separation of duties
B. Least privilege
C. Job rotation
D. Mandatory vacation
正解：C

質問 2：
The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?
A. HIPS
B. DLP
C. UTM
D. NIPS
E. Antivirus
正解：A

質問 3：
An attacker attempts to create a DoS event against the VoIP system of a company. The attacker uses a tool to flood the network with a large number of SIP INVITE traffic. Which of the following would be LEAST likely to thwart such an attack?
A. Install IDS/IPS systems on the network
B. Force all SIP communication to be encrypted
C. Create separate VLANs for voice and data traffic
D. Implement QoS parameters on the switches
正解：D

質問 4：
Company XYZ provides cable television service to several regional areas. They are currently installing fiber-to-the-home in many areas with hopes of also providing telephone and Internet services. The telephone and Internet services portions of the company will each be separate subsidiaries of the parent company. The board of directors wishes to keep the subsidiaries separate from the parent company. However all three companies must share customer data for the purposes of accounting, billing, and customer authentication. The solution must use open standards, and be simple and seamless for customers, while only sharing minimal data between the companies. Which of the following solutions is BEST suited for this scenario?
A. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SP.
B. The companies should federate, with the parent becoming the SP, and the subsidiaries becoming an IdP.
C. The companies should federate, with the parent becoming the IdP, and the subsidiaries becoming an SSP.
D. The companies should federate, with the parent becoming the ASP, and the subsidiaries becoming an IdP.
正解：A

質問 5：
A new web based application has been developed and deployed in production. A security engineer decides to use an HTTP interceptor for testing the application. Which of the following problems would MOST likely be uncovered by this tool?
A. The tool could show that input validation was only enabled on the client side
B. The tool could fuzz the application to determine where memory leaks occur
C. The tool could force HTTP methods such as DELETE that the server has denied
D. The tool could enumerate backend SQL database table and column names
正解：A

質問 6：
A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user continue to operate on the network as normal. However, they would like to have a copy of any communications from the user involving certain key terms.
Additionally, the law enforcement agency has requested that the user's ongoing communication be retained in the user's account for future investigations. Which of the following will BEST meet the goals of law enforcement?
A. Perform a back up of the user's email account. Next, export the applicable emails that match the search terms.
B. Place a legal hold on the user's email account. Next, perform e-discovery searches to collect applicable emails.
C. Begin a chain-of-custody on for the user's communication. Next, place a legal hold on the user's email account.
D. Perform an e-discover using the applicable search terms. Next, back up the user's email for a future investigation.
正解：B

質問 7：
A security code reviewer has been engaged to manually review a legacy application. A number of systemic issues have been uncovered relating to buffer overflows and format string vulnerabilities.
The reviewer has advised that future software projects utilize managed code platforms if at all possible.
Which of the following languages would suit this recommendation? (Select TWO).
A. Perl
B. C
C. C++
D. C#
E. Java
正解：D,E

質問 8：
An administrator has enabled salting for users' passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following files must the penetration tester use to eventually obtain passwords on the system? (Select TWO).
A. /bin/bash
B. /etc/security
C. /etc/passwd
D. /etc/password
E. /sbin/logon
F. /etc/shadow
正解：C,F