CASP+ CompTIA Advanced Security Practitioner Practice Tests. Nadean H. Tanner
1, classification of data, and load balancingDigital signatures, encryption, and hashesSteganography, ACL, and vulnerability managementChecksum, DOS attacks, and RAID 0
61 You are tasked with deploying a system so that it operates at a single classification level. All the users who access this system have the same clearance, classification, and need to know. What is this operating mode?High modeDedicatedPeer to peerMultilevel
62 You work as an independent security consultant for a small town in the Midwest that was just breached by a foreign country. When it came time for payment to a town vendor, someone changed the transfers of monies from a physical check to an electronic payment. In response, what is the first security practice suggestion you make to prevent this from recurring?IncorporationInvestigationZero trustData diddling
63 A hospital database is hosting PHI data with high volatility. Data changes constantly and is used by doctors, nurses, and surgeons, as well as the finance department for billing. The database is located in a secure air-gapped network where there is limited access. What is the most likely threat?Internal user fraudManipulated key-value pairsComplianceInappropriate admin access
64 Jeremiah works for a global construction company and has found cloud computing meets 90 percent of his IT needs. Which of these is of least importance when considering cloud computing?Data classificationEncryption methodologyIncident response and disaster recoveryPhysical location of data center
65 Your company hired a new IT manager who will be working remotely. Their first order of business is to perform a risk assessment on a new mobile device that is to be given to all employees. The device is commercially available and runs a popular operating system. What are the most important security factors that you should consider while conducting this risk assessment?Remote wipe and controls, encryption, and vendor track recordEncryption, IPV6, cost, and colorRemote wipe, maintenance, and inventory managementRemote monitoring, cost, SSD, and vendor track record
66 Your CEO purchased the latest and greatest mobile device (BYOD) and now wants you to connect it to the company's intranet. You have been told to research this process according to change management and security policy. What best security recommendation do you recommend making the biggest impact on risk?Making this a new corporate policy available for everyoneAdding a PIN to access the deviceEncrypting nonvolatile memoryAuditing requirements
67 Brian's new insurance company is working with an ISP, and he wants to find out technical details, such as system numbers, port numbers, IP addressing, and the protocols used. What document will he find this information in?Memorandum of understandingDisclosure of assetsOperation level agreementInterconnection security agreement
68 Your IT staff is seeking a wireless solution to transmit data in a manufacturing area with lots of electrical motors. The technology must transmit approximately 1 Mbps of data approximately 1 meter using line of sight. No obstacles are between the devices using this technology. Because of the environment, using RF is not a viable solution. What technology is best suited for this situation?Wi-FiBluetoothIrDARF
69 Your company underwent a merger, and you are attempting to consolidate domains. What tool do you use to find out who the owner of a domain is, when it expires, and contract details?NetstatWhoisSSHTCPDump
70 Your department is looking for a new storage solution that enables a yet undetermined number of systems to connect using file-based protocols (such as NFS and SMB) for peering. This solution will also be used for file-sharing services such as data storage, access, and management services to network clients. What is the best storage solution for your organization?SANNASDAGDAS
71 Your CISO asks you to develop deployment solutions for internally developed software that offers the best customization as well as control over the product. Cost is not an issue. What is the best solution for you to choose?Hosted deployment solution with a lower up-front cost but that requires maintaining the hardware on which the software is residingCloud-based deployment solutions that require a monthly fee onlyElastic virtual hosting based on needAn on-premises traditional deployment solution
72 Fletcher is a security engineer for a government agency attempting to determine the control of highly classified customer information. Who should advise him on coordinating control of this sensitive data?SalesHRBoard of directorsLegal counsel
73 Two CISOs brought their IT leadership together to discuss the BIA and DRP for a merger between two automobile manufacturers. Their first priority is to communicate securely using encryption. What is the best recommendation?DNSSEC on both domainsTLS on both domainsUse SMime in select email transmissionsPush all communication to the cloud
74 Your newly formed IT team is investigating cloud computing models. You would like to use a cloud computing model that is subscription based for common services and where the vendor oversees developing and managing as well as maintaining the pool of computer resources shared between multiple tenants across the network. Which of the following is the best choice for this situation?PublicPrivateAgnosticHybrid
75 Alice and Bob are discussing federated identity and the differences between 2FA and MFA. Bob says it is the same thing, and Alice is explaining to him that it isn't. Which is the best statement that describes the difference?Multifactor authentication (MFA) requires users to verify their identity by providing multiple pieces of evidence that can include something they know, something they have, or something they are. Two-factor authentication (2FA) is a user providing two authentication methods like a password and a fingerprint.2FA and MFA have the same process with the caveat that 2FA must be two separate types of authentication methods. MFA could be two or more of the same methods.2FA is safer and easier for end users than MFA.Multifactor authentication (MFA) requires users to verify their identity by providing at least two pieces of evidence that can include something they know, something they have, or something they are. Two-factor authentication (2FA) is a user providing two or more authentication methods like a password and a fingerprint.
76 For security reasons, Ted is moving from LDAP to LDAPS for standards-based specification for interacting with directory data. LDAPS provides for security by using which of the following?SSLSSHPGPAES
77 The corporate network has grown to a point where the management of individual routers and switches is problematic. Your CISO wants to move to a solution where the control function of the routers and switches are centralized, leaving the routers and switches to perform the basic forwarding of traffic. Which technology best performs this function?CDCNASSANSDN
78 A security engineer is concerned that logs may be lost on their hybrid SDN network if the devices should fail or become compromised by an attacker. What solution ensures that logs are not lost on these devices?Configuring a firewall on the local machineArchiving the logs on the local machineSending the logs to a syslogInstalling a NIPS
79 Your CISO watched the news about the latest supply chain breach and is genuinely concerned about this type of attacks affecting major organizations. He asks you, as a security analyst, to gather information about controls to put into place on your SDN network to stop these attacks from affecting your organization. How do you begin this process?Get the latest IOCs from OSINT sourcesResearch best practicesUse AI and SIEMPerform a sweep of your network using threat modeling
80 Cameron is a newly promoted network security administrator. His manager told him to start building his physical and SDN topology map with a concentration on finding out what ports are open on which assets across the entire enterprise. What tool will accomplish the task?NetcatNmapBurpSuiteIPConfig
81 Your organization has opted into a hybrid cloud solution for all your strategic organizations with multiple verticals with different IT requirements. Which one of these is an advantage?Flexible, scalable, reliable, and improved security postureStrong compatibility and integration requirementsComplexity as the organization evolvesCan be very expensive
82 While performing unit testing on software requested by your department, you found that privilege escalation is possible. Privilege escalation means that an attacker can elevate their privilege on a system from a lower level to an administrator level. What two performance unit testing techniques do you need to use?Vertical and horizontalLeft and rightNorth to southRing 1 to 3
83 Phillip's financial company experienced a natural disaster, used a hot site for three months, and now