CASP+ Pre-Assessment

Alice is an administrator who works in the finance department. She has clicked a link in an email that has executed unwanted actions in a web application she is using. What type of attack is this?

You are exploring the best option for your organization to move from a physical data center to virtual machines hosted on bare-metal servers. Which of the following is the BEST option for the move?

You are looking for a replacement for POP3. Which of the following protocols offers advantages over POP3 for mobile users?

DNSSEC provides authority and data integrity. DNSSEC will not protect against which of the following?

You have built an access control list for a router that is subject to PCI DSS. The ACL you have built contains four commands that deny HTTP, POP3, FTP, and Telnet. No traffic is coming through the router. What is the most likely reason?

You are evaluating the security policy of a large enterprise. There are many elements and point of enforcement, including email and remote access systems. XML is the natural choice implemented with XML for a fine-grained, attribute-based access control?

Using Microsoft Network Monitor, you have captured traffic on TCP port 23. Your security policy states that port 23 is not to be used. What client-server protocol is probably running over this port?

TCP is connection oriented, while UDP is connectionless. Which of these is NOT a valid header in a UDP packet?

You are having difficulties reaching tech support for a specific web application that has crashed. You have to find the agreement between your company and the provider. What is the document that requires a provider to maintain a certain level of support?

Which of the following would be considered a detective and administrative control?