CompTIA CAS-002 Exam Practice Questions (P. 5)
- Full Access (239 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #21
A developer has implemented a piece of client-side JavaScript code to sanitize a users provided input to a web page login screen. The code ensures that only the upper case and lower case letters are entered in the username field, and that only a 6-digit PIN is entered in the password field. A security administrator is concerned with the following web server log:
10.235.62.11 – - [02/Mar/2014:06:13:04] "GET /site/script.php?user=admin&pass=pass%20or%201=1 HTTP/1.1" 200 5724
Given this log, which of the following is the security administrator concerned with and which fix should be implemented by the developer?
10.235.62.11 – - [02/Mar/2014:06:13:04] "GET /site/script.php?user=admin&pass=pass%20or%201=1 HTTP/1.1" 200 5724
Given this log, which of the following is the security administrator concerned with and which fix should be implemented by the developer?
- AThe security administrator is concerned with nonprintable characters being used to gain administrative access, and the developer should strip all nonprintable characters.
- BThe security administrator is concerned with XSS, and the developer should normalize Unicode characters on the browser side.
- CThe security administrator is concerned with SQL injection, and the developer should implement server side input validation.
- DThe security administrator is concerned that someone may log on as the administrator, and the developer should ensure strong passwords are enforced.
Correct Answer:
C
C
send
light_mode
delete
Question #22
The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following:
90.76.165.40 – - [08/Mar/2014:10:54:04] "GET calendar.php?create%20table%20hidden HTTP/1.1" 200 5724
90.76.165.40 – - [08/Mar/2014:10:54:05] "GET ../../../root/.bash_history HTTP/1.1" 200 5724
90.76.165.40 – - [08/Mar/2014:10:54:04] "GET index.php?user=<script>Create</script> HTTP/1.1" 200 5724
The security administrator also inspects the following file system locations on the database server using the command ls -al /root drwxrwxrwx 11 root root 4096 Sep 28 22:45 . drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..
-rws------ 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .profile
-rw------- 25 root root 4096 Mar 8 09:30 .ssh
Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).
90.76.165.40 – - [08/Mar/2014:10:54:04] "GET calendar.php?create%20table%20hidden HTTP/1.1" 200 5724
90.76.165.40 – - [08/Mar/2014:10:54:05] "GET ../../../root/.bash_history HTTP/1.1" 200 5724
90.76.165.40 – - [08/Mar/2014:10:54:04] "GET index.php?user=<script>Create</script> HTTP/1.1" 200 5724
The security administrator also inspects the following file system locations on the database server using the command ls -al /root drwxrwxrwx 11 root root 4096 Sep 28 22:45 . drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..
-rws------ 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .bash_history
-rw------- 25 root root 4096 Mar 8 09:30 .profile
-rw------- 25 root root 4096 Mar 8 09:30 .ssh
Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).
- APrivilege escalation
- BBrute force attack
- CSQL injection
- DCross-site scripting
- EUsing input validation, ensure the following characters are sanitized: <>
- FUpdate crontab with: find / \( -perm -4000 \) –type f –print0 | xargs -0 ls –l | email.sh
- GImplement the following PHP directive: $clean_user_input = addslashes($user_input)
- HSet an account lockout policy
Correct Answer:
AF
AF
send
light_mode
delete
Question #23
The risk manager has requested a security solution that is centrally managed, can easily be updated, and protects end users' workstations from both known and unknown malicious attacks when connected to either the office or home network. Which of the following would BEST meet this requirement?
send
light_mode
delete
Question #24
Which of the following describes a risk and mitigation associated with cloud data storage?
- ARisk: Shared hardware caused data leakage Mitigation: Strong encryption at rest
- BRisk: Offsite replication Mitigation: Multi-site backups
- CRisk: Data loss from de-duplication Mitigation: Dynamic host bus addressing
- DRisk: Combined data archiving
Correct Answer:
A
A
send
light_mode
delete
Question #25
An insurance company is looking to purchase a smaller company in another country. Which of the following tasks would the security administrator perform as part of the security due diligence?
- AReview switch and router configurations
- BReview the security policies and standards
- CPerform a network penetration test
- DReview the firewall rule set and IPS logs
Correct Answer:
B
B
send
light_mode
delete
All Pages