CASP+ CompTIA Advanced Security Practitioner Practice Tests. Nadean H. TannerЧитать онлайн книгу.
from happening?DLPNIDSNIPSFirewall
9 Troy must decide about his organization's file integrity monitoring (FIM) monitoring. Standalone FIM generally means file analysis only. Another option is to integrate it with the host so that Troy can detect threats in other areas, such a system memory or an I/O. For the integration, which of the following does Troy need to use?HIDSADVFIMNIDSChange management
10 Lisa is building a network intrusion detection system (NIDS). What can an NIDS do with encrypted network traffic?Look for virusesExamine contents of emailBypass VPNNothing
11 What system is used to collect and analyze data logs from various network devices and to report detected security events?Syslog serverNIPSWIPSSIEM system
12 The IT department decided to implement a security appliance in front of their web servers to inspect HTTP/HTTPS/SOAP traffic for malicious activity. Which of the following is the best solution to use?Screened host firewallPacket filter firewallDMZWAF
13 A security audit was conducted for your organization. It found that a computer plugged into any Ethernet port in its shipping facility was able to access network resources without authentication. You are directed to fix this security issue. Which standard, if implemented, could resolve this issue?802.1x802.3802.1q802.11
14 Your CISO is concerned with unauthorized network access to the corporate wireless network. You want to set a mechanism in place that not only authenticates the wireless devices but also requires them to meet a predefined corporate policy before allowing them on the network. What technology best performs this function?HIDSNACSoftware agentNIPS
15 David's security team is implementing NAC for authentication as well as corporate policy enforcement. The team wants to install software on the devices to perform these tasks. In the context of NAC, what is this software called?ProgramProcessAgentThread
16 Grace is investigating the encryption of data at rest and data in transit and trying to determine which algorithm is best in each situation. Which of the following does not contain data at rest?SANNASSSDVPN
17 Your employees need internal access while traveling to remote locations. You need a service that enables them to securely connect back to a private corporate network from a public network to log into a centralized portal. You want the traffic to be encrypted. Which of the following is the best tool?Wi-FiVPNRDPNIC
18 Robert's employees complain that when they connect to the network through the VPN, they cannot view their social media posts and pictures. What mostly likely has been implemented?Split tunnelsDNS tunnelingARP cacheFull tunnels
19 Robin's company is merging with another healthcare organization. The stakeholders are discussing the security aspects of combining digital communications. The main agreed-upon criterion for compliance and security is protecting the sharing of the business's domains. What is the best option for this organization?DNSSECTLSSSL 2.0Keeping both entities separate
20 You are a network security administrator for a SOHO. Your staff tends to work from coffee shops without understanding the need for a VPN. You must show them why this can be dangerous. What network traffic packets are commonly captured and used in a replay attack?Packet headersAuthenticationFTPDNS
21 Sally needs to implement a network security device at the border of her corporate network and the Internet. This device filters network traffic based on source and destination IP addresses, source and destination port numbers, and protocols. Which network security device best suits her needs?Packet filter firewallProxy serverHSMDMZ
22 The IT security department was tasked with recommending a single security device that can perform various security functions. The security functions include antivirus protection, antispyware, a firewall, and an IDP. What device should the IT security department recommend?Next-generation firewallUnified threat management systemQuantum proxyNext-generation IDP
23 One of your network administrators reports that they cannot connect to a device on the local network using its IP address. The device is up and running with an IP address of 10.0.0.5. Other hosts can communicate with the device. The default gateway is 10.0.0.1, and your local IP address is 10.0.0.3. What is the best type of scan to run to find the MAC of the offending machine?ARPNAT gatewayIPConfigIFConfig
24 Ronald has architected his network to hide the source of a network connection. What device has he most probably used?Proxy firewallInternet gatewayLayer 3 switchBastion host
25 The IT group within your organization wants to filter requests between clients and their servers. They want to place a device in front of the servers that acts as a go-between for the clients and the servers. This device receives the request from the clients and forwards the request to the servers. The server will reply to the request by sending the reply to the device; then the device will forward the reply to the clients. What device best meets this description?FirewallNIDSReverse proxyProxy
26 Many users within your organization clicked on emails that, while looking legitimate, are malicious. Malicious code executes once the email is opened, infecting the user's system with malware. What could be implemented on the email server to help prevent such emails from reaching the end user?FirewallSpam filtersWAFForward proxy
27 Your network administrator, George, reaches out to you to investigate why your e-commerce site went down twice in the past three days. Everything looks good on your network, so you reach out to your ISP. You suspect an attacker set up botnets that flood your DNS server with invalid requests. You find this out by examining your external logging service. What is this type of attack called?DDoSSpammingIP spoofingContainerization
28 Aaron's end users are having difficulty signing into the network. The investigation of the situation leads him to believe it is which type of attack?Port scanningDDoSPass-the-hashTrojan
29 A network engineer must configure a router on the network remotely. What protocol should be used to ensure a secure connection?TelnetFTPHTTPSSH
30 Ian has joined a company that licenses a third party's software and email service that is delivered to end users through a browser. What type of organization does Ian work for?IaaSSaaSPaaSBaaS
31 You are a security analyst with an enterprise global financial organization. The company just experienced an advanced persistent threat (APT) type of attack that was traced to ransomware delivered to end users via a phishing campaign. One of your IT analysts forwarded the email to the [email protected] address. You want to rip open the ransomware to see what it does and what asset it touches. What do you build?Cloud sandboxA containerSLAA hypervisor
32 Cody configured the application programming interface (API) connection between your web application that manages retail transactions and your bank. This connection must be as secure as possible. Because the API connection will handle financial transactions, what is the best choice for securing the API if it is well designed?SOAPHTTPSRESTXML
33 Aniket is looking for a web server to process requests sent by XML. What is the best technology to use for this?RESTSOAPAjaxXSS
34 The Cisco switch port you are using for traffic analysis and troubleshooting has a dedicated SPAN port that is in an “error-disabled state”; what is the procedure to reenable it after you enter privilege exec mode?Issue the no shutdown command on the error-disabled interface.Issue the shutdown and then the no shutdown command on the error-disabled interface.Issue the no error command on the error-disabled interface.Issue the no error-disable command on the error-disabled interface.
35 You were asked to recommend a solution to intercept and mirror network traffic and analyze its content for malicious activity while not interacting with the host computer. Of the following, which is the best solution?System scannerApplication scannerActive vulnerability scannerPassive vulnerability scanner
36 One of Robert's objectives and key results (OKRs) for the upcoming year is to modernize the IT strategy by adopting a virtual cloud and taking advantage of new features and storage. He understands that once intellectual property is in the cloud, he could have less visibility and control as a consumer. What else is a major security concern for important data stored in the public cloud versus a private cloud?Cost effectivenessElastic useBeing on demandData remnants
37 Your