CAS-001 Q&A / Study Guide / Testing Engine
Microsoft Commptia A+ Training , Comptia A+ Certification and over 2000+
Exams with Life Time Access Membership at http://www.actualkey.com
QUESTION 1
You need to ensure that a session key derived from a set of long-term public and private keys will
not be compromised if one of the private keys is compromised in the future?
A. Perfect forward secrecy
B. Secure socket layer
C. Secure shell
D. Security token
Answer: A
Explanation:
Perfect forward secrecy (or PFS) is the property that ensures that a session key derived from a set
of long-term public and private keys will not be compromised if one of the (long-term) private keys
is compromised in the future.
Forward secrecy has been used as a synonym for perfect forward secrecy, since the term perfect
has been controversial in this context. However, at least one reference distinguishes perfect
forward secrecy from forward secrecy with the additional property that an agreed key will not be
compromised even if agreed keys derived from the same long-term keying material in a
subsequent run are compromised.
Answer option C is incorrect. Secure Shell (SSH) is a program that is used for logging into a
remote computer over a network. Secure Shell can be used to execute commands on a remote
machine and to move files from one machine to another. SSH uses strong authentication and
secure communications over insecure channels.
Answer option B is incorrect. Secure Sockets Layer (SSL) is a protocol that was developed by
Netscape for transmitting private documents via the Internet. It uses a cryptographic system
thatuses public and private keys to encrypt data. A public key is globally available and a private
key is known only to the recipient of the message. Both Netscape Navigator and Internet Explorer
support the SSL protocol. Several web sites use this protocol to obtain confidential user
information. When the SSL protocol is used to connect to a Web site, the URL must begin with
https instead of http.
Answer option D is incorrect. Security token can be a physical device that an authorized user of
computer services is given to ease authentication. The term may also refer to software tokens.
Security tokens are used to prove one’s identity electronically (as in the case of a customer trying
to access his bank account). The token is used in addition to or in place of a password to prove
that the customer is who he claims to be. The token acts like an electronic key to access
something.
QUESTION 2
The Security Development Lifecycle (SDL) consists of various security practices that are grouped
under seven phases. Which of the following security practices are included in the Requirements
phase?
Each correct answer represents a complete solution. Choose all that apply.
A. Incident Response Plan
B. Create Quality Gates/Bug Bars
C. Attack Surface Analysis/Reduction
D. Security and Privacy Risk Assessment
Answer: B,D
Explanation:
The Requirements phase of the Security Development Lifecycle (SDL) includes the following
security practices:
• Security and Privacy Requirements
• Create Quality Gates/Bug Bars
• Security and Privacy Risk Assessment
Answer option C is incorrect. Attack Surface Analysis/Reduction is a security practice included in
the Design phase of the Security Development Lifecycle (SDL).
Answer option A is incorrect. Incident Response Plan is a security practice included in the Release
phase of the Security Development Lifecycle (SDL).
QUESTION 3
Which of the following components of a VoIP network is frequently used to bridge video
conferencing connections?
A. MCU
B. Videoconference station
C. IP Phone
D. Call agent
Answer: A
Explanation:
A Multipoint Control Unit (MCU) is a device frequently used to bridge video conferencing
connections. The Multipoint Control Unit is an endpoint on the LAN that provides the ability for 3 or
more terminals and gateways to participate in a multipoint conference. The MCU consists of a
mandatory Multipoint Controller (MC) and optional Multipoint Processors (MPs).
Answer option C is incorrect. IP Phones provide IP endpoints for voice communication. Answer
option D is incorrect. A call agent provides call control for IP phones, CAC, bandwidth control and
management, and address translation. Unlike a gatekeeper, which in a Cisco environment
typically runs on a router, a call agent typically runs on a server platform. Cisco Unified
Communications Manager is an example of a call agent.
The call agent controls switching logic and calls for all the sites under the central controller. A
central gateway controller includes both centralized configuration and maintenance of call control
functionality, when new functionality needs to be added, only the controller needs to be updated.
Answer option B is incorrect. A videoconference station provides access for end-user involvement
in videoconferencing. The videoconference station contains a video capture device for video input
and a microphone for audio input. A user can view video streams and hear audio that originates at
a remote user station.
QUESTION 4
Which of the following is a declarative access control policy language implemented in XML and a
processing model, describing how to interpret the policies?
A. SAML
B. SOAP
C. SPML
D. XACML
Answer: D
Explanation:
XACML stands for extensible Access Control Markup Language. It is a declarative access control
policy language implemented in XML and a processing model, describing how to interpret the
policies.
Latest version 2.0 was ratified by OASIS standards organization on 1 February 2005. The planned
version 3.0 will add generic attribute categories for the evaluation context and policy delegation
profile (administrative policy profile).
Answer option B is incorrect. SOAP, defined as Simple Object Access Protocol, is a protocol
specification for exchanging structured information in the implementation of Web Services in
computer networks, it relies on extensible Markup Language as its message format, and usually
relies on other Application Layer protocols for message negotiation and transmission. SOAP can
form the foundation layer of a web services protocol stack, providing a basic messaging
framework upon which web services can be built.
Answer option C is incorrect. Service Provisioning Markup Language (SPML) is an XML-based
framework developed by OASIS (Organization for the Advancement of Structured Information
Standards). It is used to exchange user, resource and service provisioning information between
cooperating organizations.
SPML is the open standard for the integration and interoperation of service provisioning requests.
It has a goal to allow organizations to securely and quickly set up user interfaces for Web
applications and services, by letting enterprise platforms such as Web portals, application servers,
and service centers produce provisioning requests within and across organizations.
SPML is the open standard for the integration and interoperation of service provisioning requests.
It has a goal to allow organizations to securely and quickly set up user interfaces for Web
applications and services, by letting enterprise platforms such as Web portals, application servers,
and service centers produce provisioning requests within and across organizations.
Answer option A is incorrect. Security Assertion Markup Language (SAMLJ is an XML-based
standard for exchanging authentication and authorization data between security domains, that is,
between an identity provider and a service provider. SAML is a product of the OASIS Security
Services Technical Committee.
QUESTION 5
You work as a Network Administrator for uCertify Inc. You want to allow some users to access a
particular program on the computers in the network. What will you do to accomplish this task?
A. Apply remote access policies
B. Apply NTFS permissions
C. Apply group policies
D. Apply account policies
Answer: C
Explanation:
In order to accomplish the task, you should apply group policy in the network.
A group policy that is created by an administrator affects all users on a computer or all users on a
domain. Group policies can be used for defining, customizing, and controlling the functioning of
network resources, computers, and operating systems. They can be set for a single computer with
multiple users, for users in workgroups, or for computers in a domain. Administrators can
configure group policy settings for users as well as for computers in many ways. Group policies
can be used to allow or restrict the access of a particular program by a particular user. It can also
be used to configure the desktop, the Start menu, the taskbar. the Control Panel, security settings,
among other things. In Windows XP, group policies can be configured by using the Group Policy
Console dialog box, which can be opened by running the GPEDIT.MSC command from the Start
menu.
Answer option D is incorrect. An account policy controls the password expiration policy, the
lockout policy, and other password features.
Answer option B is incorrect. NTFS permissions are attributes of the folder or file for which they
are configured. These include both standard and special levels of settings. The standard settings
are combinations of the special permissions which make the configuration more efficient and
easier to establish.
Answer option A is incorrect. A remote access policy specifies how remote users can connect to
the network and the requirements for each of their systems before they are allowed to connect. It
defines the methods users can use to connect remotely such as dial up or VPN. This policy is
used to prevent damage to the organizational network or computer systems and to prevent
compromise or loss of data.
Microsoft Commptia A+ Training , Comptia A+ Certification and over 2000+
Exams with Life Time Access Membership at http://www.actualkey.com
Comments |0|
Tagged with: CAS-001 Q&A / Study Guide / Testing Engine, CompTIA Advanced Security Practitioner, CompTIA CASP Exams