CompTIA Advanced Security Practitioner(CASP+) Practice Exams Set 1

Which of the following is a software layer that operates as a gatekeeper between the organizationís on-premise network and a

providerís cloud environment?



Options are :

  • b. CASB (Correct)
  • c. MSSP
  • d. PaaP
  • a. SecaaS

Answer : b. CASB

Which of the following is typically used with big data?



Options are :

  • a. Hadoop (Correct)
  • d. CERT
  • c. AI
  • b. BGP

Answer : a. Hadoop

Which of the following is a uniquely identifiable subset of the system that represents the smallest portion to be subject to an independent configuration control procedure?



Options are :

  • d. CC
  • a. CI (Correct)
  • c. CU
  • b. AV

Answer : a. CI

Which of the following is an application and protocol that is used to remotely log in to another computer using a secure tunnel?



Options are :

  • d. CSP
  • a. Microsoft CryptoAPI (CAPI)
  • c. SSH (Correct)
  • b. S/MIME

Answer : c. SSH

Which of the following is a cloud solution owned and managed by one company solely for that companyís use?



Options are :

  • c. private (Correct)
  • b. public
  • d. community
  • a. hybrid

Answer : c. private

What documents the security requirements that a new asset must meet?



Options are :

  • c. SSDLC
  • d. RFID
  • a. SDLC
  • b. SRTM (Correct)

Answer : b. SRTM

As part of a new security initiative, you have been asked to provide data classifications for all organizational data that is stored on servers. As part of your research, you must interview the data owners. Which staff are most likely to be considered data owners?



Options are :

  • d. physical security manager and business unit managers
  • a. business unit managers and CEO
  • c. CIO and CSO
  • b. business unit managers and CIO (Correct)

Answer : b. business unit managers and CIO

Which of the following entails determining the devices in the network, their connectivity relationships to one another, and the

internal IP addressing scheme in use?



Options are :

  • c. packet capture
  • a. OS fingerprinting
  • b. service discovery
  • d. topology discovery (Correct)

Answer : d. topology discovery

During the design of a new application, the programmers need to determine the performance and security impact of the new application on the enterprise. Who should collaborate with the programmers to determine this information?



Options are :

  • a. database administrator
  • d. physical security manager
  • c. executive management
  • b. network administrator (Correct)

Answer : b. network administrator

Your organization has recently decided to implement encryption on the network. Management requests that you implement a system that uses a private, or secret, key that must remain secret between the two parties. Which system should you implement?



Options are :

  • b. concealment cipher
  • c. asymmetric algorithm
  • d. symmetric algorithm (Correct)
  • a. running key cipher

Answer : d. symmetric algorithm

Your company performs a full backup on Mondays and a differential backup on all other days. You need to restore the data

to the state it was in on Thursday. How many backups do you need to restore?



Options are :

  • c. three
  • b. two (Correct)
  • d. four
  • a. one

Answer : b. two

Which threat modeling tool allows for assets to be automatically or manually placed on a drawing pane?



Options are :

  • d. IriusRisk (Correct)
  • b. SD Elements
  • c. securiCAD
  • a. Threat Modeling Tool

Answer : d. IriusRisk

A forensic investigator is collecting evidence of a recent attack at your organization. You are helping him preserve the evidence for use in the lawsuit that your company plans to bring against the attackers. Which of the following is not one of the five rules of evidence?



Options are :

  • b. Be volatile. (Correct)
  • a. Be accurate.
  • d. Be convincing.
  • c. Be admissible.

Answer : b. Be volatile.

Which of the following combines voice, video, email, instant messaging, personal assistant, and other communication features?



Options are :

  • a. remote access
  • c. telephony
  • d. unified communication (Correct)
  • b. VoIP

Answer : d. unified communication

You have recently been hired by a company to analyze its security mechanisms to determine any weaknesses in the current security mechanisms. During this analysis, you detect that an application is using a 3DES implementation that encrypts each block of data three times, each time with a different key. Which 3DES implementation does the application use?



Options are :

  • c. 3DES-EDE2
  • a. 3DES-EDE3
  • d. 3DES-EEE2
  • b. 3DES-EEE3 (Correct)

Answer : b. 3DES-EEE3

Which of the following statements regarding the security requirements and responsibilities for personnel is true?



Options are :

  • a. Only management and senior staff have security requirements and responsibilities.
  • d. Only the physical security manager should be concerned with the organizationís physical security.
  • b. Although executive management is responsible for leading any security initiative, executive management is exempt from most of the security requirements and responsibilities.
  • c. All personnel within an organization have some level of security requirements and responsibilities. (Correct)

Answer : c. All personnel within an organization have some level of security requirements and responsibilities.

How are new technologies submitted for peer review to the IETF and, once approved, published as Internet standards?



Options are :

  • a. as SLAs
  • b. as RFCs (Correct)
  • d. as SPDs
  • c. as RFPs

Answer : b. as RFCs

Which of the following is not an advantage of virtualization?



Options are :

  • a. reduced overall use of power in the data center
  • c. ability to quickly bring up a replica server in the event of loss of the primary server
  • d. better security (Correct)
  • b. dynamic allocation of memory and CPU resources to the servers

Answer : d. better security

Your organization is planning the deployment of a new remote assistance tool. The security team is trying to determine the level of encryption the selected product must support. Which of the following factors should be the most important consideration?



Options are :

  • c. the opinion of the third-party vendor
  • d. the level supported by the desktops
  • b. the strongest available
  • a. the type required by industry regulations (Correct)

Answer : a. the type required by industry regulations

When using XACML as an access control policy language, which of the following is the entity that is protecting the resource that the subject (a user or an application) is attempting to access?



Options are :

  • a. PEP (Correct)
  • d. RAR
  • b. PDP
  • c. FRR

Answer : a. PEP

Which of the following is a term used to describe the hardware, software, and/or firmware that implements cryptographic logic or cryptographic processes?



Options are :

  • a. crypto module (Correct)
  • c. token
  • d. CSP
  • b. crypto processor

Answer : a. crypto module

Users on your organizationís network need to be able to access several confidential files located on a file server. Currently, the files are encrypted. Recently, it was discovered that attackers were able to change the contents of the file. You need to use a hash function to calculate the hash values of the correct files. Which of the following should you not use?



Options are :

  • a. ECC (Correct)
  • c. SHA-2
  • d. RIPEMD-160
  • b. MD6

Answer : a. ECC

You would like to prevent users from using a password again when it is time to change their passwords. What policy do you

need to implement?



Options are :

  • d. authentication period
  • a. password life
  • b. password history (Correct)
  • c. password complexity

Answer : b. password history

Your organization has decided to formally adopt a change management process, and you have been asked to design the

process. Which of the following guidelines should be part of this new process?



Options are :

  • b. After formal approval, all costs and effects of implementation should be reviewed.
  • d. All changes should be formally requested. (Correct)
  • c. Change steps should be developed only for complicated changes.
  • a. Only critical changes should be fully analyzed.

Answer : d. All changes should be formally requested.

As your enterprise has grown, it has become increasingly hard to access and manage resources. Users often have trouble locating printers, servers, and other resources. You have been asked to deploy a solution that will allow easy access to internal resources. Which solution should you deploy?



Options are :

  • c. ESB
  • d. SOA
  • b. CMDB
  • a. Directory Services (Correct)

Answer : a. Directory Services

Which statement is not true regarding an organizationís sales staff?



Options are :

  • a. The sales staff is rarely concerned with organizational security.
  • b. The sales staff has unique security issues.
  • c. The sales staff will often use publicly available Internet connections.
  • d. The sales staffís devices are rarely targets of attackers. (Correct)

Answer : d. The sales staffís devices are rarely targets of attackers.

Your company implements one of its applications on a Linux server. You would like to store passwords in a location that can be protected using a hash. Where is this location?



Options are :

  • b. /etc/passwd/hash
  • c. /etc/shadow (Correct)
  • a. /etc/passwd
  • d. /etc/root

Answer : c. /etc/shadow

The data owner has determined all the data classifications of the data he owns. He determines the level of access that will be

granted to users. Who should be responsible for implementing the controls?



Options are :

  • d. a security specialist
  • c. the data ownerís supervisor
  • b. the data custodian (Correct)
  • a. the data owner

Answer : b. the data custodian

Your organization implements a public key infrastructure (PKI) to issue digital certificates to users. Management has requested that you ensure that all the digital certificates that were issued to contractors have been revoked. Which PKI component should you consult?



Options are :

  • a. CA
  • d. OCSP
  • b. RA
  • c. CRL (Correct)

Answer : c. CRL

The email administrator has suggested that a technique called SPF should be deployed. What issue does this address?



Options are :

  • c. email spoofing (Correct)
  • a. spear phishing
  • b. whaling
  • d. captured messages

Answer : c. email spoofing

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions