CASP+ CompTIA Advanced Security Practitioner Practice Tests. Nadean H. Tanner
site. What processes should be restored first at the primary site?Finance departmentExternal communicationMission criticalLeast business critical
84 You work in law enforcement supporting a network with HA. High availability is mandatory, as you also support emergency 911 services. Which of the following would hinder your HA ecosystem?Clustered serversPrimary firewallSwitched networksRedundant communication links
85 Mark has been tasked with building a computer system that can scale well and that includes built-in logic for interfacing with many types of devices, including SATA, PCI, and USB, as well as GPU, network processors, and AV encoders/decoders. What type of system should he build?MatrixHeterogeneousLLCMeshed network
86 Not having complete control over networks and servers is a real concern in your organization, and upper management asks you if the company's data is genuinely secure now that you have migrated to the cloud. They have asked you to present industry research at the next board of directors meeting to answer questions regarding cloud security and your company's cyber-resilience. What research would be of most interest to the board of directors?Processor power consumptionEncryption modelsCOCOACACAO
87 While investigating threats specific to your industry, you found information collected and analyzed by several companies with substantive expertise and access to source information. Which of these is the least beneficial item to your organization after subscribing to threat intelligence information?Determining acceptable business risksDeveloping controls and budgetsMaking equipment and staffing decisionsCreating a marketing plan for your product
88 Andrew has evaluated several unified communications (UC) vendors. He has a need for one with their own data center facility hosting their own instance of the platform with built-in redundant power, remote backup, and secured entry as well as 24/7 staffing. Why would a UC vendor have minimal data center security?Cost savingsCompliance requirementsEase of setup and usePerfect forward secrecy
89 Your organization slowly evolved from simply locking doors to RFID-enabled cards issued to employees to secure the physical environment. You want to protect these cards from cloning, because some parts of your organization host sensitive information. What should you implement?EncryptionIDRHIDSNIPS
90 Damien is a security architect for a large enterprise bank that recently merged with a smaller local bank. The acquired bank has a legacy virtual cluster, and all these virtual machines use the same NIC to connect to the LAN. Some of the VMs are used for hosting databases for HR, and some are used to process mortgage applications. What is the biggest security risk?Shared NICs negatively impacting the integrity of packetsBridging of networks impacting availabilityAvailability between VMs impacting integrityVisibility between VMs impacting confidentiality
91 One of the biggest issues your CISO has with migrating to more cloud environments is the process of acquiring and releasing resources. Technical as well as operational issues are associated with these processes. What type of procedure documentation should you create to help with this?How to authenticate and authorizeHow to dynamically provision and deprovisionHow to use SaaS, IaaS, and PaaSHow to build a Type 2 hypervisor
92 You have received an RFQ response from a software company, which makes a tool that will allow you to record all changes in a single change management tool. This tool will track scheduling change, implementing change, the cost of change, and reporting. What type of software is this called?Vulnerability managementChange controlSecurity information and event managementAutomation
93 You are investigating a new tool that helps identify, analyze, and report on threats in real time based mostly on logs. What is the best solution?SOARAntivirusXSSPort scanner
94 Steve is a software developer for a large retail organization. His CISO returned from a large conference and asked him to clarify exactly what the benefit of a container in software development is over virtual machines. Which of these is the best succinct answer?In a VM, hardware is virtualized to run multiple OS instances. Containers virtualize an OS to run multiple workloads on a single OS instance using a container engine.In a container, hardware is virtualized to run a single OS, where a VM can run multiple applications across multiple assets with a single OS.A VM is virtualized technology, but a container is not.A container is the same thing as a virtual machine, just smaller in size.
95 As a leader in your organization in DevOps, you want to convince your CISO to move toward containerization. Which of these is not an advantage to using containers over VMs?Reduced and simplified security updatesLess code to transfer, migrate, and uploadQuicker spinning up applicationsLarge file size of snapshots
96 At the latest IT department meeting, a discussion on the best virtual methodology centered around using VMs versus containers. Which of these statements best aligns with those two models?VMs are better for lightweight native performance, whereas containers are better for heavyweight limited performance.VMs are for running applications that need all the OS has to offer, whereas containers are better when maximizing number of applications on minimal resources.VMs share the host OS, whereas containers run on their own OS.Containers are fully isolated and more secure, whereas VMs use process-level isolation.
97 Ross is a security manager looking to improve security and performance of his unified communications (UC) server. Which of the following options might help with decreasing the attack surface?Adding more usersAdding more devicesTurning off unused servicesEase of setup
98 After analyzing traffic flows on the network, your department noticed that many internal users access the same resources on the Internet. This activity utilizes a lot of Internet bandwidth. Your department decides to implement a solution that can cache this type of traffic the first time it is requested and serve it to the internal users as requested, thereby reducing the Internet bandwidth used for accessing this traffic. Which solution best accomplishes this task?ProxyPacket filter firewallWAFIPS
99 You were asked to recommend a technology that will lessen the impact of a DDoS attack on your CDN. Which of the following is the best technology?HIDSPacket filter firewallProxyLoad balancing
100 Luke's company started upgrading the computers in your organization. As a security professional, you recommend creating a standard image for all computers with a set level of security configured. What is this process called?Configuration baseliningImagingDuplicationGhosting
101 Lydia is a security administrator, and her hospital's security policy states that wearable technology and IoT devices are not allowed in secure areas where patient information is discussed. Wearable devices are designed to be worn by one individual, but some are quite powerful with artificial intelligence. Why is this a concern?Danger of eavesdropping and compliance violationsInsurance premiums going upMalpractice and litigationChain of custody of evidence
102 Mark is evaluating cloud storage providers and gives each a product evaluation form. Which of these is not the best practice for a cloud service provider?Strict initial registration and validationSystem event and network traffic monitoringUtilization of weak encryption algorithmsIncident response processes that help BCP
103 Containerization provides many benefits in flexibility and faster application development. Which of the following statements is false?Containers share the host OS's kernel during runtime.Containers do not need to fully emulate an OS to work.One physical server running five containers needs only one OS.Containers are pure sandboxes just like VMs are.
104 Hector has a team that replaced version 1.2 of software with 2.0. The newest version has a completely different interface in addition to updates. What is this called?VersioningCoding integrationSecure codingVulnerability assessment
105 Greg is a security researcher for a cybersecurity company. He is currently examining a third-party vendor and finds a way to use SQLi to deface their web server due to a missing patch in the company's web application. What is the threat of doing business with this organization?Web defacementUnpatched applicationsAttackersEducation awareness
106 Your CISO decided to implement an overarching enterprise mobility management (EMM) strategy. She wants to ensure that sensitive corporate data is not compromised by the employees' apps on their mobile devices. Which of these will implement that best?App config through IDCApp wrapping through SDKOpen source through APIPlatform DevOps
107 You are a web developer who needs to secure