Friday, 23 February 2018

CompTIA CAS-002 Question Answer

The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by outsourcing to a third party company in another country. Functions to be outsourced include: business analysts, testing, software development and back office functions that deal with the processing of customer data. The Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOST likely to occur if adequate controls are not implemented?

A. Geographical regulation issues, loss of intellectual property and interoperability agreement issues
B. Improper handling of client data, interoperability agreement issues and regulatory issues
C. Cultural differences, increased cost of doing business and divestiture issues
D. Improper handling of customer data, loss of intellectual property and reputation damage

Answer: D

A security analyst has been asked to develop a quantitative risk analysis and risk assessment for the company's online shopping application. Based on heuristic information from the Security Operations Center (SOC), a Denial of Service Attack (DoS) has been successfully executed 5 times a year. The Business Operations department has determined the loss associated to each attack is $40,000. After implementing application caching, the number of DoS attacks was reduced to one time a year. The cost of the countermeasures was $100,000. Which of the following is the monetary value earned during the first year of operation?

A. $60,000
B. $100,000
C. $140,000
D. $200,000

Answer: A

Friday, 22 December 2017

CompTIA Offers Stackable Certifications

CompTIA presented "Stackable Certifications" on Wednesday, a new destination for many of the neutral skills certifications of the providers it offers.

CompTIA's stackable certifications follow two professional CompTIA routes: infrastructure and cybersecurity, and offer a series of eligible routes to obtain a stackable certification.

Calling this a major expansion of its credentialing program, CompTIA notes that a stackable certification recognizes the great experience of a certification holder and their firm commitment to continuous professional growth and development.

"Technology professionals who have earned CompTIA Stackable Certifications have done so by passing rigorous industry-developed exams to validate the technical and business skills that have the greatest demand in today's economy," said Todd Thibodeaux, president and CEO of CompTIA.

Here are the routes for CompTIA certified IT professionals to attain a stackable certification:

  •     CompTIA A+ and CompTIA Network+ = CompTIA IT Operations Specialist
  •     CompTIA A+ and CompTIA Linux+ = CompTIA Systems Support Specialist
  •     CompTIA Network+ and CompTIA Server+ = CompTIA Network Infrastructure Professional
  •     CompTIA Network+ and CompTIA Cloud+ = CompTIA Cloud Administration Professional
  •     CompTIA A+, CompTIA Network+ and CompTIA Security+ = CompTIA Secure Infrastructure Associate
  •     CompTIA Security + and CompTIA Cybersecurity Analyst = CompTIA Security Analytics Specialist
  •     CompTIA Security+, CompTIA Cybersecurity Analyst and CompTIA Advanced Security Practitioner = CompTIA Security Analytics Expert

More than 145,000 IT professionals who obtained more than one CompTIA certification obtained a CompTIA Stackable Certification.

How does it work?

Stackable certifications follow CompTIA's two professional pathways: CompTIA Infrastructure Career Pathway and CompTIA Cybersecurity Career Pathway. Then, within each route, the Stackable certifications are classified by experience level. Specialist: early career IT professional with less than two years of experience; Professional: mid-level IT professional with two to five years of experience; and Expert: established IT professional with more than five years of experience.

Stackable certifications require active CE certifications. If you have a "good for life" certification, that also counts for a stackable certification as long as you re-certify and validate that your skills are up to date, CompTIA said.

"More than any other certifying agency, CompTIA makes extensive use of performance-based questions and simulations on its exams," said James Stanger, CompTIA's chief technology evangelist. "These simulations accurately reflect the real-world scenarios that IT professionals face, which requires examiners to demonstrate networking skills, cybersecurity and other areas under the pressure of a timed test."

Wednesday, 8 November 2017

CompTIA CAS-002 Question Answer

Which stage of the change management process deals with what should be done if the change is unsuccessful?

A. Remediation planning
B. Categorization
C. Prioritization
D. Review and close

Answer: A

CompTIA CAS-002 Question Answer

An insurance company is looking to purchase a smaller company in another country. Which of the following tasks would the security administrator perform as part of the security due diligence?

A. Review switch and router configurations
B. Review the security policies and standards
C. Perform a network penetration test
D. Review the firewall rule set and IPS logs

Answer: B

A new piece of ransomware got installed on a company's backup server which encrypted the hard drives containing the OS and backup application configuration but did not affect the deduplication data hard drives. During the incident response, the company finds that all backup tapes for this server are also corrupt. Which of the following is the PRIMARY concern?

A. Determining how to install HIPS across all server platforms to prevent future incidents
B. Preventing the ransomware from re-infecting the server upon restore
C. Validating the integrity of the deduplicated data
D. Restoring the data will be difficult without the application configuration

Answer: D

Friday, 27 October 2017

CompTIA CAS-002 Question Answer

The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?

C. Antivirus

Answer: A

Which of the following describes a risk and mitigation associated with cloud data storage?

A. Risk: Shared hardware caused data leakage
Mitigation: Strong encryption at rest
B. Risk: Offsite replication
Mitigation: Multi-site backups
C. Risk: Data loss from de-duplication
Mitigation: Dynamic host bus addressing
D. Risk: Combined data archiving
Mitigation: Two-factor administrator authentication

Answer: A

Tuesday, 12 September 2017

CompTIA CAS-002 Question Answer

A developer has implemented a piece of client-side JavaScript code to sanitize a user's provided input to a web page login screen. The code ensures that only the upper case and lower case letters are entered in the username field, and that only a 6-digit PIN is entered in the password field. A security administrator is
concerned with the following web server log: - [02/Mar/2014:06:13:04] "GET /site/script.php?user=admin&pass=pass%20or %201=1 HTTP/1.1" 200 5724
Given this log, which of the following is the security administrator concerned with and which fix should be implemented by the developer?

A. The security administrator is concerned with nonprintable characters being used to gain administrative access, and the developer should strip all nonprintable characters.
B. The security administrator is concerned with XSS, and the developer should normalize Unicode characters on the browser side.
C. The security administrator is concerned with SQL injection, and the developer should implement server side input validation.
D. The security administrator is concerned that someone may log on as the administrator, and the developer should ensure strong passwords are enforced.

Answer: C

The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following: - [08/Mar/2014:10:54:04] "GET calendar.php?create%20table%20hidden HTTP/1.1" 200 5724 - [08/Mar/2014:10:54:05] "GET ../../../root/.bash_history HTTP/1.1" 200 5724 - [08/Mar/2014:10:54:04] "GET index.php?
user=<script>Create</script> HTTP/1.1" 200 5724
The security administrator also inspects the following file system locations on the database server using the command `ls -al /root'
drwxrwxrwx 11 root root 4096 Sep 28 22:45 .
drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..
-rws------ 25 root root 4096 Mar 8 09:30 .bash_history -rw------- 25 root root 4096 Mar 8 09:30 .bash_history -rw------- 25 root root 4096 Mar 8 09:30 .profile
-rw------- 25 root root 4096 Mar 8 09:30 .ssh
Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future?
(Select TWO).

A. Privilege escalation
B. Brute force attack
C. SQL injection
D. Cross-site scripting
E. Using input validation, ensure the following characters are sanitized: <>
F. Update crontab with: find / \( -perm -4000 \) type f print0 | xargs -0 ls l |
G. Implement the following PHP directive: $clean_user_input = addslashes($user_input)
H. Set an account lockout policy

Answer: AF