CSAPL Final Exam Rated A+ (Verified)
A client asks a security analyst to construct a security plan for a small business. The
resulting plan outlines several suggested controls. One such control is the placement of
a camera system outside of a high-profile datacenter. A second control focuses on
firewalls and antivirus software. Evaluate the control classes and determine those that
the analyst specifies. Select all that apply.
Physical
Technical
Operational
Managerial - ANSWER-Physical
Technical
A company abruptly terminates an employee. The employee harbors a known grievance
as a result of the company's actions. Considering threat types, which two classify the
ex-employee? Select all that apply.
Insider
Outsider
Persistent
Organized - ANSWER-Insider
Outsider
A cybersecurity firm provides contracted penetration testing by using a variety of
functional exercises. A specialist at the firm decides to use a war game approach and
creates teams. The specialist needs to select a team to intervene if the game escalates
too far. Which team does the firm assign to this role?
Rogue
Blue
White
Red - ANSWER-White
A cybersecurity task force investigates a compromised server. The task force focuses
on searching for account-based Indicators of Compromise (IoC). Which areas do
members of the task force focus on? Select all that apply.
Off hours usage
Network reconnaissance
Malicious process
Failed logins - ANSWER-Off hours usage
Failed logins
A developer discovers an overflow vulnerability in some software code. The developer
describes the problem as a heap overflow. Evaluate the given descriptions and
determine which describes this overflow type.
An area within a stack frame used to store a variable
,Overwrite variables and possibly allow arbitrary code execution
Defined with fixed lower and upper bounds
Directly dependent on the order and timing of certain events - ANSWER-Overwrite
variables and possibly allow arbitrary code execution
A developer needs to test code for changes that relate to input validation. Which
approach does the developer use?
User acceptance testing
Static code analysis
Security regression testing
Reverse engineering - ANSWER-Security regression testing
A developer researches a fix for a vulnerability that targets what is known as a network
channel. Which platform does the developer reference? Select all that apply.
Web
Client/server
Mobile
Embedded - ANSWER-Web
Client/server
A developer seeks to automate the development process for a web application
development. Which phase does the developer create a sandbox environment for?
Development
Staging
Test
Integration - ANSWER-Development
A disgruntled employee copied personnel files and uploaded them to a public FTP site.
The employee's contract was terminated and an offboarding process completed to
revoke their permissions. Which terms define this attack? Select all that apply.
Organized crime
Persistent
Intentional
Insider - ANSWER-Intentional
Insider
A lead developer has a concern that a junior developer is routinely compromising code.
In which way is the compromise possible? Select all that apply.
Software development kit
File inclusion
Third-party library
Code-reuse - ANSWER-Software development kit
Third-party library
Code-reuse
, A network engineer is reviewing a recent vulnerability report from a colleague. The
report conclusively contains many false positives related to hosts that another colleague
debunked recently as non-issues. How can the network engineer manage information in
later reports so that the team focuses on real vulnerabilities and threats? Select all that
apply.
Exclude hosts
Use exceptions
Remediate the exploit
Change priority - ANSWER-Exclude hosts
Use exceptions
Change priority
A security analyst for a technology firm needs to attempt password recovery on a
system. The analyst utilizes a tool that takes advantage of Graphics Processor Units
(GPUs) for a brute force approach. Which tool does the analyst use?
Hashcat
Reaver
Pixie Dust
Responder - ANSWER-Hashcat
A security analyst receives a scan report that details vulnerabilities with an indicator of
severity. The analyst finds that the highest severity relates to using a shell for system
access. When the analyst reviews the report, which description defines this particular
metric?
Requesting permissions
Exploit the local security context
Executing a file attachment
Exploited from a remote network - ANSWER-Exploited from a remote network
A security committee at an organization develops a security plan. Numerous security
control types are in place. The organization utilizes a training program to provide best
practices training to all employees. The committee uses which category to define the
program?
Technical
Operational
Managerial
Cybersecurity - ANSWER-Operational
A security engineer performs a security scan on a network. The engineer decides on a
scanning approach that has the possibility of negatively impacting a target system.
Which approach does the engineer utilize?
Credentialed
Passive
Active
Non-credentialed - ANSWER-Active
A client asks a security analyst to construct a security plan for a small business. The
resulting plan outlines several suggested controls. One such control is the placement of
a camera system outside of a high-profile datacenter. A second control focuses on
firewalls and antivirus software. Evaluate the control classes and determine those that
the analyst specifies. Select all that apply.
Physical
Technical
Operational
Managerial - ANSWER-Physical
Technical
A company abruptly terminates an employee. The employee harbors a known grievance
as a result of the company's actions. Considering threat types, which two classify the
ex-employee? Select all that apply.
Insider
Outsider
Persistent
Organized - ANSWER-Insider
Outsider
A cybersecurity firm provides contracted penetration testing by using a variety of
functional exercises. A specialist at the firm decides to use a war game approach and
creates teams. The specialist needs to select a team to intervene if the game escalates
too far. Which team does the firm assign to this role?
Rogue
Blue
White
Red - ANSWER-White
A cybersecurity task force investigates a compromised server. The task force focuses
on searching for account-based Indicators of Compromise (IoC). Which areas do
members of the task force focus on? Select all that apply.
Off hours usage
Network reconnaissance
Malicious process
Failed logins - ANSWER-Off hours usage
Failed logins
A developer discovers an overflow vulnerability in some software code. The developer
describes the problem as a heap overflow. Evaluate the given descriptions and
determine which describes this overflow type.
An area within a stack frame used to store a variable
,Overwrite variables and possibly allow arbitrary code execution
Defined with fixed lower and upper bounds
Directly dependent on the order and timing of certain events - ANSWER-Overwrite
variables and possibly allow arbitrary code execution
A developer needs to test code for changes that relate to input validation. Which
approach does the developer use?
User acceptance testing
Static code analysis
Security regression testing
Reverse engineering - ANSWER-Security regression testing
A developer researches a fix for a vulnerability that targets what is known as a network
channel. Which platform does the developer reference? Select all that apply.
Web
Client/server
Mobile
Embedded - ANSWER-Web
Client/server
A developer seeks to automate the development process for a web application
development. Which phase does the developer create a sandbox environment for?
Development
Staging
Test
Integration - ANSWER-Development
A disgruntled employee copied personnel files and uploaded them to a public FTP site.
The employee's contract was terminated and an offboarding process completed to
revoke their permissions. Which terms define this attack? Select all that apply.
Organized crime
Persistent
Intentional
Insider - ANSWER-Intentional
Insider
A lead developer has a concern that a junior developer is routinely compromising code.
In which way is the compromise possible? Select all that apply.
Software development kit
File inclusion
Third-party library
Code-reuse - ANSWER-Software development kit
Third-party library
Code-reuse
, A network engineer is reviewing a recent vulnerability report from a colleague. The
report conclusively contains many false positives related to hosts that another colleague
debunked recently as non-issues. How can the network engineer manage information in
later reports so that the team focuses on real vulnerabilities and threats? Select all that
apply.
Exclude hosts
Use exceptions
Remediate the exploit
Change priority - ANSWER-Exclude hosts
Use exceptions
Change priority
A security analyst for a technology firm needs to attempt password recovery on a
system. The analyst utilizes a tool that takes advantage of Graphics Processor Units
(GPUs) for a brute force approach. Which tool does the analyst use?
Hashcat
Reaver
Pixie Dust
Responder - ANSWER-Hashcat
A security analyst receives a scan report that details vulnerabilities with an indicator of
severity. The analyst finds that the highest severity relates to using a shell for system
access. When the analyst reviews the report, which description defines this particular
metric?
Requesting permissions
Exploit the local security context
Executing a file attachment
Exploited from a remote network - ANSWER-Exploited from a remote network
A security committee at an organization develops a security plan. Numerous security
control types are in place. The organization utilizes a training program to provide best
practices training to all employees. The committee uses which category to define the
program?
Technical
Operational
Managerial
Cybersecurity - ANSWER-Operational
A security engineer performs a security scan on a network. The engineer decides on a
scanning approach that has the possibility of negatively impacting a target system.
Which approach does the engineer utilize?
Credentialed
Passive
Active
Non-credentialed - ANSWER-Active
