CASP+ Study

What is a technical security control?

What physical security mechanism opens a second internal door only after external door has been closed and locked?

What type of hardware device can capture user keystrokes and remains undetected by antivirus software?

What serves as a centralized list of risks, impacts, mitigations, and severity ratings?

What is the correct sequence for the risk management lifecycle?

Which type of threat actor promotes an ideology?

What is the purpose of social engineering?

You have decided to purchase cybersecurity insurance to cover DDoS or ransomware events. Which type of risk treatment is this?

How is the annualized loss expectancy (ALE) calculated?

Which physical security mechanism opens a second internal door only after the external door has been closed and locked?

You have been awarded a government contract that will last two years. You must share IT systems and data with a business partner to fulfil the contract. You need to ensure specific rules are followed when linking the networks of both companies together. What must be signed by both parties?

What is an example of OSINT?

Which type of hardware device can capture user keystrokes and remains undetected by antivirus software?

Which Docker CLI command is used to download a container image?

Which Linux command can you use to display the VM IP address?

You need to deploy an HTTP-based application container into the cloud. What must you do to ensure port 80 in the container is in a listening state?

You are deploying an on-premises virtual machine that requires a bi-directional connection to the production network. What type of network connection should you configure?

Which benefit is derived from using application containers instead of virtual machines?

You are setting up a server to run multiple virtual machine guests. You have installed the OS which is designed specifically as a hypervisor. What type of hypervisor is this?

Which type of virtualization allows users to run productivity applications from a full operating system remotely through thin client?

What benefit does a container registry provide?

Which security issue does virtual machine encryption address?

What is the purpose of the STAR registry?

What is used to determine the order in which cloud security group rules are processed?

Which cloud computing characteristic refers to paying for services used?

What is the benefit of VNet peering?

Which statement best describes encrypting stored data?

Which type of cloud is owned and used by a single organization?

Which term is the most closely associated with autoscaling?

Which port is used to remotely manage Windows hosts?

What is the most common consequence of SLA uptime requirements violations?

You want all outbound subnet traffic to first be sent to a firewall appliance for inspection. Which IP address should you specify for the firewall?

What is contained within a cloud-based virtual network?

You have manually deployed a cloud-based Linux virtual machine. Which type of cloud service model is this?

Which network security protocol is normally used to enable HTTPS for websites?

You need to view all user certificates for a Windows user on her Windows 10 laptop. What should you do?

Which command line tool can be used to manage BitLocker?

Which block cipher mode of operation makes a block cipher a stream cipher?

What must be done when issuing certificates from a private CA to ensure certificates will work correctly in an organization?

Which cryptographic solution is a network appliance that can perform cryptographic operations?

Which command line tool is used to manage EFS file encryption?

Which PowerShell cmdlet generates a file hash?

Which mechanism controls who can retrieve certificates from an Azure Key Vault?

What type of PKI certificate can be used for DNS subdomains that fall under a parent domain?

You have configured and enabled a custom certificate template for your Windows certification authority, yet users are unable to use the template to acquire a PKI certificate. What is the most likely cause of the problem?

With asymmetric cryptography, which key is used to encrypt?

Which type of storage area network solution uses standard network equipment and the TCP/IP protocol suite?

You need to configure ten workgroup Windows servers with the same Windows Defender firewall settings. You must achieve this with the least amount of administrative effort. What should you do?

Which RAID level is disk mirroring?

What makes a reverse proxy different from network address translation (NAT)?

You are configuring VPN client certificate authentication in the Microsoft Azure cloud. What must be provided for the Azure virtual network gateway?

Which Linux command can be used to create a mirrored disk volume?

How do jump boxes protect servers?

Which type of firewall is considered firewall-friendly?

Which type of Azure Firewall rule allows standard packet filtering rules?

Which solution can ensure users accept the terms of use before allowing Internet access?

How do reverse shells defeat most firewall rules?

Which type of security is the result of enabling DNSSEC?

What is used to group disk devices together in the Windows Server operating system?

Which standard is used for network access control?

Which attributes are used to determine file system permissions when using Windows Dynamic Access Control?

Which Microsoft Azure configuration checks where users are authenticated from?

How are HMAC-based one-time passwords encrypted?

Which port does RADIUS authentication use by default?

Which tool can be used to discover RDP hosts on a network?

Which methods are not available when configuring Google 2-Step Verification?

Which command can be used to manually refresh Group Policy on a Windows host?

You need to ensure Microsoft Azure cloud technicians can administer virtual machines in a specific resource group. What should you do?

You need to view passwords cracked by the “John the Ripper” tool. Which command should you issue?

Which term describes sensitive medical information?

Where does Amazon Macie discover data?

Which IT management item contains standardized configurations to ensure security and consistency?

Which term is synonymous with wiping a hard disk?

Who determines how data will be managed?

Which data privacy standard governs how EU citizen data is handled?

What is the maximum number of tags that can be added to a single Azure resource?

You need to apply data labels to files on a Windows server. What should you use?

Which type of business agreement focuses on a service provider guaranteeing a level of service to a consumer?

You have created Azure data classification labels for use with Azure Information Protection. What must you create next to use the labels?

You have just registered a smartphone with an MDM tool. What is the next thing that will happen on the smartphone?

You are searching for vulnerable RDP hosts using the shodan.io site. Which port should you search for?

You need Internet access for your laptop in a remote area where wired and wireless Internet are unavailable. You have a cell phone with data enabled. What should you enable to provide Internet access for your laptop?

A smartphone technician requires full access to solve problems on a user smartphone. The phone is registered with an MDM solution that restricts smartphone access. What should the technician do?

You need to ensure that lost or stolen phones can be located. What should you enable?

Which software development methodology is linear and depends on previous project phase deliverables?

What is used to ensure blockchain integrity?

Which OWASP ZAP feature can send unanticipated data to a web app to observe its behaviour?

Which type of testing occurs while software is running?

Which type of artificial intelligence uses neural networks?

Which type of web application attack is most likely to result from improper input validation?Which type of web application attack is most likely to result from improper input validation?

What provides real-time monitoring to ensure safety when hardware malfunctions in an industrial computing environment?

Which industrial computing protocol is commonly used for public utility networks, such as water and electricity?

Which industrial control attack fed false readings for centrifuges to monitoring stations?

What term is used for an industry-specific specialized computer?

Which Linux command is used to compile binaries from source code?

Which Metasploit command allows querying?

Which type of tool is nmap?

What is the default file format for Wireshark packet capture files?

What is the name of the Amazon Web Services centralized monitoring service?

Which Snort command line parameter can be used to test the Snort configuration?

Which port is used for Linux syslog forwarding by default?

What is the purpose of a honeypot?

Which tcpdump command line parameter saves captured packets to a file?

You are writing a shell script to monitor Linux hosts. You need to use pattern matching to look for host names in specific cost centers using the format COSTCENTER3DIGITCODE-CITY. What should you do?

You have become overwhelmed with the amount of log entries on your Windows servers. You would like a convenient way to view only critical and error log events. What should you do?

You are planning the use of a SOAR system for incident response. Which item allows you to automate incident response?

What is the default location and name of the Snort configuration file?

You need to filter captured Wireshark traffic so that only secured website traffic is shown. What should you filter on?

What is a zombie?

What is the most effective way to mitigate compromises due to users clicking on links?

Your manager asks you to assess host vulnerabilities exposed to internal employees. What should you do?

Why should C programmers stay away from the gets() function?

Which type of testing uses red and blue teams?

Which command allows you to interact with the Metasploit Framework in Kali Linux?

You are using various Wi-Fi reconnaissance tools and see references to a BSSID. What is this?

In which attack phase would a malicious user use the Nmap tool?

What do malicious users use to target many victims in an attempt to trick them into clicking a link to a fraudulent site?

Which type of network attack allows attacker access to VLAN traffic?

What is one possible way to detect that steganography is being used with a file?

You have acquired a forensic image and hash. You must now analyze the storage media contents. What should you do?

You need to acquire a disk image in Linux that can be read by FTK imager. Which Linux command should you use?

You need to acquire evidence according to the order of volatility. In which order will you do this?

How is developer mode enabled on an Android device?

Which component prevents writing to origin storage devices when acquiring storage device images?

Which type of plan is enacted during a security event?

Which IP address do clients connect to for a load balanced application?

What is required in Microsoft Azure to perform backups to the cloud?

Which RAID level creates a copy of all data written to a primary disk?