Free Access CompTIA.CAS-003.v2022-09-22.q535 Practice Test (Page 100)

Question 491

Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her investigative work, she runs the following nmap command string:
user@hostname:~$ sudo nmap -O 192.168.1.54
Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on the device:
TCP/22
TCP/111
TCP/512-514
TCP/2049
TCP/32778
Based on this information, which of the following operating systems is MOST likely running on the unknown node?

A.Linux

B.Windows

C.Solaris

D.OSX

Question 492

A security consultant is considering authentication options for a financial institution. The following authentication options are available. Drag and drop the security mechanism to the appropriate use case. Options may be used once.

Question 493

A company has implemented data retention policies and storage quotas in response to their legal department's requests and the SAN administrator's recommendation.
The retention policy states all email data older than 90 days should be eliminated.
As there are no technical controls in place, users have been instructed to stick to a storage quota of 500Mb of network storage and 200Mb of email storage.
After being presented with an e-discovery request from an opposing legal council, the security administrator discovers that the user in the suit has 1Tb of files and 300Mb of email spanning over two years.
Which of the following should the security administrator provide to opposing council?

A.Provide the 1Tb of files on the network and the 300Mb of email files regardless of age.

B.Delete email over the policy threshold and hand over the remaining emails and all of the files.

C.Delete files and email exceeding policy thresholds and turn over the remaining files and email.

D.Provide the first 200Mb of e-mail and the first 500Mb of files as per policy.

Question 494

A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization's customer database. The database will be accessed by both the company's users and its customers. The procurement department has asked what security activities must be performed for the deal to proceed. Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO).

A.Physical penetration test of the datacenter to ensure there are appropriate controls.

B.Penetration testing of the solution to ensure that the customer data is well protected.

C.Security clauses are implemented into the contract such as the right to audit.

D.Review of the organizations security policies, procedures and relevant hosting certifications.

E.Code review of the solution to ensure that there are no back doors located in the software.

Correct Answer: C,D

Due diligence refers to an investigation of a business or person prior to signing a contract. Due diligence verifies information supplied by vendors with regards to processes, financials, experience, and performance. Due diligence should verify the data supplied in the RFP and concentrate on the following:
Company profile, strategy, mission, and reputation
Financial status, including reviews of audited financial statements
Customer references, preferably from companies that have outsourced similar processes
Management qualifications, including criminal background checks
Process expertise, methodology, and effectiveness
Quality initiatives and certifications
Technology, infrastructure stability, and applications
Security and audit controls
Legal and regulatory compliance, including any outstanding complaints or litigation
Use of subcontractors
Insurance
Disaster recovery and business continuity policies
C and D form part of Security and audit controls.
Incorrect Answers:
A: A Physical Penetration Test recognizes the security weaknesses and strengths of the physical security. It will, therefore, not form part of due diligence because due diligence verifies information supplied by vendors with regards to processes, financials, experience, and performance.
B: A penetration test is a software attack on a computer system that looks for security weaknesses. It will, therefore, not form part of due diligence because due diligence verifies information supplied by vendors with regards to processes, financials, experience, and performance.
E: A security code review is an examination of an application that is designed to identify and assess threats to an organization. It will, therefore, not form part of due diligence because due diligence verifies information supplied by vendors with regards to processes, financials, experience, and performance.
References:
https://en.wikipedia.org/wiki/Due_diligence
http://www.ftpress.com/articles/article.aspx?p=465313&seqNum=5
http://seclists.org/pen-test/2004/Dec/11
Gregg, Michael, and Billy Haines, CASP CompTIA Advanced Security Practitioner Study Guide, John Wiley & Sons, Indianapolis, 2012, p. 169

Question 495

A developer needs to provide feedback on a peer's work during the SDLC. While reviewing the code changes, the developers session ID tokens for a web application will be transmitted over an unsecure connection. Which of the following code snippets should the developer recommend implement to correct the vulnerability?
A)