Cant find info on these sims
NetVoIPEng
Registered Users Posts: 4 ■□□□□□□□□□
in CASP+
I took the CAS-002 Wednesday Mar, 28 2018 (last week), I was hoping I would squeak through since I had passed the CAS-001 back in 2014 but was sadly mistaken. I cant seem to find info on some of the simulations.
The first one was a network diagram where you place security products in the appropriate spots which is dictated by the objective and the $75,000 budget. I remember the goal was to be able to recognize internal threats, protect the web server, control outgoing web traffic, keep all machines patched. I believe I put a WAF in the web server DMZ, a firewall between the dmz's/internal network and internet, a anti-virus and patch server in the server farm, and since there were no more spots open in the server farm I put a proxy server on the internal network which I believe was wrong. I also put in an IPS but I think I should of put it directly behind the firewall before internal router, instead of on the internal LAN. I was curious if anyone has input on this simulation, I cant find it anywhere online.
The second one has to do with hardening a Linux web server. You had root access to the Linux box and you were supposed to disable services not needed like wifi, ntp, print services, etc. I'm not sure if I did this correct or not. I think I might of needed to service for services in other directories but I'm not sure, I haven't been able to find anything on it online.
The last one I didn't find in any prep material was a drag and drop on Public/Private/Hybrid Iaas/PaaS/SaaS. This one is easy to prepare for but I didn't focus much on that before I took the exam and I for sure got it wrong.
Anyways, curious if anyone has input regarding the first two sims I mentioned.
The first one was a network diagram where you place security products in the appropriate spots which is dictated by the objective and the $75,000 budget. I remember the goal was to be able to recognize internal threats, protect the web server, control outgoing web traffic, keep all machines patched. I believe I put a WAF in the web server DMZ, a firewall between the dmz's/internal network and internet, a anti-virus and patch server in the server farm, and since there were no more spots open in the server farm I put a proxy server on the internal network which I believe was wrong. I also put in an IPS but I think I should of put it directly behind the firewall before internal router, instead of on the internal LAN. I was curious if anyone has input on this simulation, I cant find it anywhere online.
The second one has to do with hardening a Linux web server. You had root access to the Linux box and you were supposed to disable services not needed like wifi, ntp, print services, etc. I'm not sure if I did this correct or not. I think I might of needed to service for services in other directories but I'm not sure, I haven't been able to find anything on it online.
The last one I didn't find in any prep material was a drag and drop on Public/Private/Hybrid Iaas/PaaS/SaaS. This one is easy to prepare for but I didn't focus much on that before I took the exam and I for sure got it wrong.
Anyways, curious if anyone has input regarding the first two sims I mentioned.
Comments
-
crking3 Member Posts: 28 ■■■□□□□□□□Wouldn’t you use chkconfig for the Linux ? Did you have to know the actual commands or just select them...there aren’t any Linux commands in the study guides