CompTIA SecurityX Certification - (CAS-005) Exam Questions

OBJ 2.4: Whether you learned the in-depth details of each of these protocols during your studies or not, you should be able to answer this question by remembering that Kerberos is all about 'tickets.' Kerberos uses a system of tickets to allow nodes to communicate over a non-secure network and securely prove their identity. Kerberos is a computer network authentication protocol that works based on tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Kerberos is used in Windows Active Directory domains for authentication. Single sign-on (SSO) is a type of mutual authentication for multiple services that can accept the credential from one domain or service as authentication for other services. The Remote Authentication Dial-in User Service (RADIUS) is used to manage remote and wireless authentication infrastructure. Users supply authentication information to RADIUS client devices, such as wireless access points. The client device then passes the authentication data to an AAA (Authentication, Authorization, and Accounting) server that processes the request.   For support or reporting issues, include Question ID: 63fe06f43b7322449ddbc7e3 in your ticket. Thank you.

OBJ 1.2: Transference (or sharing) means assigning risk to a third party (such as an insurance company or a contract with a supplier that defines liabilities). Avoidance means that the company stops doing an activity that is risk-bearing. Risk mitigation is the overall process of reducing exposure to or the effects of risk factors, such as patching a vulnerable system. Acceptance means that no countermeasures are put in place either because the risk level does not justify the cost or because there will be an unavoidable delay before the countermeasures are deployed.   For support or reporting issues, include Question ID: 63fe07f73b7322449ddbd482 in your ticket. Thank you.

OBJ 3.1: According to the best practices of firewall configurations, you should include an implicit deny at the end of your ACL rules. This will ensure that anything not specifically allowed in the rules above is blocked. Using an implicit allow is a bad security practice since it will allow anything into the network that is not specifically denied. While the time of day restrictions can be useful, they are not required for all network implementations.   For support or reporting issues, include Question ID: 63fe06d73b7322449ddbc67b in your ticket. Thank you.

OBJ 3.7: Distributed consensus is used in a distributed or decentralized system to solve a particular computation to maintain the overall integrity of the distributed system or blockchain. Homomorphic encryption is a method of encryption that allows the computation of certain fields in a dataset without first decrypting the dataset. Quantum computing combines physics, mathematics, and quantum mechanics to exploit the collective properties of quantum states. Quantum computing will render cryptography that relies on the difficulty of solving difficult math problems rapidly obsolete. Artificial Intelligence is the science of creating machines to develop problem-solving and analysis strategies without significant human direction or intervention.   For support or reporting issues, include Question ID: 63fe07003b7322449ddbc86f in your ticket. Thank you.

OBJ 3.7: ChaCha is a variant of Salsa20 that is a modern and efficient symmetric stream cipher that uses a 128-bit or 256-bit encryption key. ChaCha is widely used in combination with the Poly1305 hashing algorithm in the TLS implementation of the Google Chrome browser and the Android operating system. ChaCha is also used by OpenSSH and the random number generator in BSD operating systems as a replacement to the older RC4 algorithm. RC4 is a stream cipher that was used in the wireless encryption protocol (WEP) and many SSL/TLS implementations. RC4 is considered extremely vulnerable to attack and should not be used in modern applications. The Advanced Encryption Standard (AES) is the current standard for the U.S. federal government’s symmetric block encryption cipher. AES can use a key size of 128-bits, 192-bits, or 256-bits with a 128-bit block size. Triple Digital Encryption Standard (3DES) was built as a temporary replacement for the older DES algorithm. 3DES utilizes 3 different 56-bit encryption keys in an encrypt-decrypt-encrypt workflow to effectively increase the security of the weaker DES algorithm. 3DES is a symmetric block encryption cipher and utilizes a 64-bit block size.   For support or reporting issues, include Question ID: 63fe07e23b7322449ddbd377 in your ticket. Thank you.

OBJ 1.3: The Gramm-Leach-Bliley Act (GLBA) is a United States federal law that requires financial institutions to explain how they share and protect their customers’ private information. The Health Insurance Portability and Accountability Act (HIPAA) is a US law designed to provide privacy standards to protect patients’ medical records and other health information provided to health plans, doctors, hospitals, and other health care providers. Sarbanes-Oxley (SOX) is a United States federal law that sets new or expanded requirements for all US public company boards, management, and public accounting firms. The Family Educational Rights and Privacy Act (FERPA) of 1974 is a United States federal law that governs the access to educational information and records by public entities such as potential employers, publicly funded educational institutions, and foreign governments.   For support or reporting issues, include Question ID: 63fe07f23b7322449ddbd44b in your ticket. Thank you.

OBJ 4.2: This output is an example of banner grabbing being conducted against your web server. To prevent valuable information from being sent in the response, you should configure the “RemoveServerHeader” in the Microsoft IIS configuration file (URLScan.ini). If you set "RemoveServerHeader" to 1, UrlScan will remove the server header on all responses, and the value of AlternateServerName will be ignored. If you set "EnableLogging" to 1, UrlScan will log its actions in a file called UrlScan.log that will be created in the same directory that contains UrlScan.dll. If you set "PerProcessLogging" to 1, UrlScan will append the process ID of the IIS process that is hosting UrlScan.dll to the log file name; for example, UrlScan.1234.log. If you set "VerifyNormalization" to 1, UrlScan verifies the URL's normalization and will defend against canonicalization attacks, where a URL contains a double encoded string in the URL. Please note, this question may seem beyond the scope of the exam. Still, the objectives allow for "other examples of technologies, processes, or tasks about each objective may also be included on the exam although not listed or covered" in the objectives' bulletized lists. The content examples listed in the objectives are meant to clarify the test objectives and should not be construed as a comprehensive listing of this examination's complete content. Therefore, questions like this are fair game on test day. That said, your goal isn't to score 100% on the exam; it is to pass it. Don't let questions like this throw you off on test day. If you aren't sure, take your best guess, and move on!   For support or reporting issues, include Question ID: 63fe073d3b7322449ddbcb65 in your ticket. Thank you.

OBJ 2.2: The training and transition phase ensures that end users are trained on the software and entered general use. Because of these activities, this phase is sometimes called the acceptance, installation, and deployment phase. Disposition is focused on the retirement of an application or system. Operations and maintenance are focused on the portion of the lifecycle where the application or system goes into use to provide value to the end-users. Development is the portion of the lifecycle focused on designing and coding the application or system.   For support or reporting issues, include Question ID: 63fe06d23b7322449ddbc63a in your ticket. Thank you.

OBJ 3.3: ISAKMP is used in IPsec, which is commonly used in securing the key exchange during the establishment of a client-to-server VPN connection. TKIP (Temporal Key Integrity Protocol) is an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs (WLANs). Kerberos is a computer network authentication protocol that works based on tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. The Advanced Encryption Standard (AES) is a symmetric key encryption and is not used for key exchanges.   For support or reporting issues, include Question ID: 63fe06fb3b7322449ddbc82e in your ticket. Thank you.