CASP Practice Test

Question 1

Which of the following is known as a ROT 3 cipher?

A. Caesar
B. Scytale
C. DES
D. AES

Answer 1

A. Caesar

Caesar cipher is an early form of encryption and is also known as a ROT3 cipher.

Question 2

Which of the following is not one of the four common goals of cryptography?

A. Privacy
B. Authentication
C. Availability
D. Integrity

Answer 2

C. Availability

The four common goals of cryptography include privacy, authentication, integrity, and non-repudiation.

Question 3

The act of obtaining plain text from cipher text without a cryptographic key is known as what?

A. Encryption
B. Cryptanalysis
C. Hashing
D. Integrity verification

Answer 3

B. Cryptanalysis

Cryptanalysis is the act of obtaining plain text from cipher text without a cryptographic key.

Question 4

______ is a measure of the randomness of data collected by an application or even an operating system and used to create a cryptography key

A. Encryption
B. Hashing
C. Entropy
D. Confusion

Answer 4

C. Entropy

While key size is important, the randomness of the key is also critical. Entropy is a measure of the randomness of data collected by an application or even an operating system and used to create a cryptography key

Question 5

Which of the following is not a symetric algrothim?

A. CAST
B. RC5
C. DES
D. RSA

Answer 5

D. RSA

Example of symmetric encryption techniques include CAST, DES, and RC5. RSA is a asymmetric algorithm

Question 6

DES does how many rounds during the encryption process?

A. 2
B. 8
C. 16
D. 48

Answer 6

C. 16

DES does 16 rounds of substitution and transposition during the encryption process.

Question 7

3DES does how many rounds during the encryption process?

A. 2
B. 8
C. 16
D. 48

Answer 7

D. 48

3DES does 48 rounds of substitution and transposition during the encryption process.

Question 8

Which of the following makes use of a stream cipher process?

A. DES ECB
B. RC4
C. RC5
D. CAST

Answer 8

B. RC4

RC4 is considered a stream cipher whereas DES ECB, RC5, and RC6 are block ciphers.

Question 9

SAFER uses ___ blocks of data?

A. 8
B. 32
C. 64
D. 256

Answer 9

C. 64

Secure and Fast Encryption Routine is a block-based cipher that processes data in blocks of 64 and 128 bits.

Question 10

DES has an effective key length of?

A. 32
B. 56
C. 64
D. 256

Answer 10

B. 56

The DES key size is 56- bits, and DES has four primary modes of operation

Question 11

Cisco first came up with which of the following remote access technology?

A. TACACS
B. RADIUS
C. Diameter
D. XTACACS

Answer 11

A. TACACS

Cisco has implemented a variety of remote access methods through its networking hardware and software. Originally, this was Terminal Access Controller Access Control System (TACACS).

Question 12

These devices have the ability to perform deep packet inspection and look at requests and responses within the HTTP/HTTPS/SOAP/XML-RPC/Web Service layers.

A. Proxy
B. IDS
C. DMZ
D. WAF

Answer 12

D. WAF

A WAF is a firewall sitting between a web- client and a web server, analyzing OSI Layer-7 traffic.

Question 13

What is another name for digital controllers?

A. SCADA
B. JK Flip/Flops
C. Cyber systems
D. NAC

Answer 13

A. SCADA

Yesterday’s analog controls have become today’s digital systems. These digital controls are known as Supervisory Control And Data Acquisition (SCADA) systems.

Question 14

Which of the following doe VoIP not use?

A. IAX
B. H.121
C. SIP
D. RTP

Answer 14

B. H.121

VoIP makes use of protocols such as Session Initiation Protocol (SIP), H.323, Inter-Asterisk eXchange protocol (IAX), and Real-time Transport Protocol (RTP).

Question 15

HTTP functions at which layer of the TCP model?

A. Application
B. Host-to-host
C. Internet
D. Data link

Answer 15

A. Application

HTTP, and other protocols like Telnet and SNMP, function at the application layer where they provide network services.

Question 16

What TCP port does SMTP use?

A. 21
B. 23
C. 25
D. 80

Answer 16

C. 25

SMTP uses TCP port 25

Question 17

What UDP port does TFTP use?

A. 21
B. 69
C. 25
D. 161

Answer 17

B. 69

UDP port 69 is used for TFTP

Question 18

This protocol is no longer used in IPv6?

A. ICMP
B. TCP
C. ARP
D. DNS

Answer 18

C. ARP

Say goodbye to ARP. While ARP is an integral part of IPv4, it is not used with IPv6. IPV6 makes use of NDP, the neighbor discovery protocol (NDP).

Question 19

An IPv4 header has a default length of _______________ .

A. 16 bytes
B. 8 bytes
C. 20 bytes
D. 40 bytes

Answer 19

C. 20 bytes

IPv4 has a 20 byte default header length and can be 60 bytes maximum with options.

Question 20

An ICMP type 8 message is best defined as?

A. Unreachable
B. Ping
C. Redirect
D. Time exceeded

Answer 20

B. Ping

ICMP is used for logical errors and diagnostics. An ICMP type 8 is a ping request.

Question 21

___________________ describes a cloud solution where you are buying infrastructure

A. IaaS
B. BasF
C. MaaS
D. SaaS

Answer 21

A. IaaS

Question 22

This approach includes monitoring for networks, application, servers, applications, and remote systems .

A. IaaS
B. BasF
C. MaaS
D. SaaS

Answer 22

C. MaaS

Question 23

Another name for a confused deputy attack is?

A. XSS
B. DoS
C. Session hijacking
D. Sniffing

Answer 23

A. XSS

Question 24

This Cisco VLAN technology wraps the Ethernet frame, yet but it is not a standard used by all vendors.

A. ISL
B. QLAN
C. 802.1q
D. STP

Answer 24

A. ISL

Question 25

This VLAN standard places information inside the Ethernet frame.

A. ISL
B. QLAN
C. 802.1q
D. STP

Answer 25

C. 802.1q

Question 26

______ is an attack in which an attacker tries to send data to hosts that belong to other VLANs

A. Spanning
B. VLAN hopping
C. Bridging
D. Scanning

Answer 26

B. VLAN hopping

Question 27

______ is a SAN standard used for connecting data storage facilities and allowing remote SCSI devices to communicate

A. HBA
B. vSCAN
C. FCoE
D. iSCSI

Answer 27

D. iSCSI

Question 28

______ can operate at speeds of 10 Gigabits gigabits per second and rides on top of the Ethernet protocol.

A. HBA
B. vSCAN
C. FCoE
D. iSCSI

Answer 28

C. FCoE

Question 29

_______ is implemented primarily at the HBA level.

A. LUN masking
B. vSCAN
C. FCoE
D. iSCSI

Answer 29

A. LUN masking

Question 30

_________ is the process of removing redundant data to improve enterprise storage utilization.

A. Data scanning
B. Data aggregation
C. Data duplication
D. Data mining

Answer 30

C. Data duplication

Question 31

What implict command is at the end of every ACL?

A. A default deny all
B. An end statement
C. A default allow all
D. An allow statement

Answer 31

A. A default deny all

Question 32

Snort can not filter on which of the following traffic types

A. IP
B. TCP
C. UDP
D. OSPF

Answer 32

D. OSPF

Question 33

Extended ACL’s cannot by default examine which of the following?

A. Protocol
B. IPSEC data
C. DSCP
D. Precedent value

Answer 33

B. IPSEC data

Question 34

What is wrong with the following ACL?

interface Eth0 deny ip any any
deny tcp 10.10.10.128 0.0.0.63 any eq smtp deny tcp any eq 23 int ethernet 0 ip access-group 110 out

A. Access-group statement
B. Interface Eth0
C. Deny TCP statement
D. Deny all statement

Answer 34

D. Deny all statement

Question 35

Which model uses the following, “This property states that an object at one level of integrity is not permitted to write to an object of higher integrity.”

A. Bell-LaPadula
B. Biba
C. Clark Wilson
D. Brewer Nash

Answer 35

B. Biba

Question 36

Which of the following Evaluation Assurance Levels (EAL) matches methodically designed tested, and reviewed?

A. EAL 1
B. EAL 2
C. EAL 3
D. EAL 4

Answer 36

D. EAL 4

Question 37

Structurally tested is what EAL level?

A. EAL 1
B. EAL 2
C. EAL 3
D. EAL 4

Answer 37

B. EAL 2

Question 38

ITSEC was designed for use in what region of the world?

A. China
B. Canada
C. Europe
D. USA

Answer 38

D. USA

Question 39

Which of the following is used of identifying the version of OS running on a computer?

A. Nmap -O
B. Nmap -sS
C. Nmap -sU
D. Nmap –sT

Answer 39

A. Nmap -O

Question 40

Which of the following is a confidentiality based model?

A. Bell-LaPadula
B. Biba
C. Clark Wilson
D. Brewer Nash

Answer 40

A. Bell-LaPadula

Question 41

______ is not a replacement for a traditional firewall but simply adds another layer of protection

A. NAC
B. IDP
C. IDS
D. WAF

Answer 41

D. WAF

Question 42

You just finished a port scan and have found port 88 open. What application uses port 88?.

A. TFTP
B. Kerberos
C. LDAP
D. Finger

Answer 42

B. Kerberos

Question 43

How many steps of the TCP startup are completed in a stealth scan?

A. One
B. Two
C. Three
D. None

Answer 43

B. Two

Question 44

After completing a port scan you have identified TCP port 80 as open. What should be your next step?

A. Banner grab
B. Map the attack surface
C. Launch a IIS exploit
D. Launch a Apache exploit

Answer 44

A. Banner grab

Question 45

With this form of test there is very little or no knowledge of the target network or its systems.

A. Crystal box
B. White box
C. Gray box
D. Black box

Answer 45

D. Black box

Question 46

This type of attack targets availability and is characterized by large amounts of traffic.

A. Session hijacking
B. Sniffing
C. DoS
D. SQL injection

Answer 46

C. DoS

Question 47

You have identified a system that may not have a functioning antivirus program. How can you check to see if it is working properly?

A. EICAR
B. Load known malware
C. Port scan
D. FERPA

Answer 47

A. EICAR

Question 48

Your IDS has identified network traffic that appears to be a series of ARP replies with no corresponding ARP requests. What might be the purpose of this activity?

A. DNS poisoning
B. IPv6 traffic
C. ARP cache poisoning
D. Network discovery traffic

Answer 48

C. ARP cache poisoning

Question 49

This technique is used to determine the OS of a system by injecting traffic.

A. Hijacking
B. Active OS fingerprinting
C. Sniffing
D. Passive OS fingerprinting

Answer 49

B. Active OS fingerprinting

Question 50

_______ is the process of configuring a switch to see all the traffic on one specific port.

A. SPAN
B. ARP poisoning
C. Spoofing
D. Hijacking

Answer 50

A. SPAN

Question 51

Which of the following is the formula for SLE?

A. AV * ALE
B. AV * EF
C. AV / EF
D. AV * ARO

Answer 51

B. AV * EF

Question 52

Which of the following is the formula for ALE?

A. SRE * ARO
B. AV * SLE
C. EF * ARO
D. SLE * ARO

Answer 52

D. SLE * ARO

Question 53

An ______is an item of value to an institution such as data, hardware, software, or physical property

A. Asset
B. Vulnerability
C. Tangible item
D. Risk

Answer 53

A. Asset

Question 54

A _________ can be best defined as a type of business entity in which two or more entities share potential profit and risk with each other

A. Incorporation
B. Partnership
C. Merger
D. Sole proprietorship

Answer 54

B. Partnership

Question 55

A ________ is a weakness in a system design, a weakness in the implementation of an operational procedure, or a weakness in how software or code

A. Asset
B. Vulnerability
C. Tangible item
D. Risk

Answer 55

B. Vulnerability

Question 56

This law was signed into law in 1999 and resulted in the most sweeping overhaul of financial services regulation in the United States

A. Patriot Act
B. HIPAA
C. GLBA
D. FISMA

Answer 56

C. GLBA

Question 57

This encryption method is a type of secure cryptoprocessor targeted at managing cryptographic keys.

A. TrueCrypt
B. HSM
C. EFS
D. TPM

Answer 57

B. HSM

Question 58

Which of the following is a specialized chip that can be installed on the motherboard of a client and is used for encryption.

A. TrueCrypt
B. HSM
C. EFS
D. TPM

Answer 58

D. TPM

Question 59

Which of the following encryption algorithms can be used for data at rest and is based on the Rijndael algorithm?

A. AES
B. DES
C. RC
D. CAST

Answer 59

A. AES

Question 60

ANSI X12 is used for which of the following?

A. Unix file transfers
B. PKI
C. Digital certificates
D. EDI

Answer 60

D. EDI

Question 61

This document dictates management’s commitment to the use, operation, and security of information systems

A. Procedure
B. Policy
C. Standard
D. Baseline

Answer 61

B. Policy

Question 62

This document is considered step by step and can be tied closely to hardware.

A. Procedure
B. Policy
C. Guideline
D. Baseline

Answer 62

A. Procedure

Question 63

These are considered tactical documents, as they lay out specific steps or processes required to meet a certain requirement

A. Procedure
B. Policy
C. Standard
D. Baseline

Answer 63

C. Standard

Question 64

While preparing to develop a document on patch management you have been asked to review current vulnerabilities. Which U.S. government agency is responsible for the creation of lists of known vulnerabilities in operating systems?

A. DoD
B. Secret service
C. NSA
D. NIST

Answer 64

C. NSA

Question 65

In the realm of Internet standards what document is used fore the creation of new requirements?

A. MOU
B. RFC
C. RFP
D. SLA

Answer 65

B. RFC

Question 66

This document specifies conditions and applied terms for outsourcing partner organizations that must share data and information resources.

A. MOU
B. RFC
C. RFP
D. SLA

Answer 66

A. MOU

Question 67

This document specifies the maximum amount of outage time?

A. MOU
B. RFC
C. RFP
D. SLA

Answer 67

D. SLA

Question 68

This document can be used to specify what former employees can discuss about company business after leaving the company.

A. BPA
B. MOU
C. NDA
D. SLA

Answer 68

C. NDA

Question 69

_______ is another example of a legally binding document that is designed to provide safeguards and compel certain actions among business partners

A. BPA
B. MOU
C. NDA
D. SLA

Answer 69

A. BPA

Question 70

This personal control is used to reduce fraud and ensure a backup if the employee is unavailable.

A. PKCS
B. SSL
C. TTS
D. Telnet

Answer 70

B. SSL

Question 71

Which of the following is not a vulnerability scanner?

A. Nessus
B. Wireshark
C. Satan
D. Saint

Answer 71

B. Wireshark

Question 72

An Nmap full connect scan uses which of the following?

A. Nmap -O
B. Nmap -sS
C. Nmap -sU
D. Nmap –sT

Answer 72

D. Nmap –sT

Question 73

Which of the following would best be used for forensic examination of a hard disk?

A. Helix
B. Backtrack
C. Knoppix
D. Auditor

Answer 73

A. Helix

Question 74

You have captured he following traffic with Windump. What best describes this protocol or application?

ICMP Type 3 Code 13

A. Ping message
B. Unreachable message
C. Redirect message
D. TTL failure message

Answer 74

B. Unreachable message

Question 75

Type 1 errors are also know as?

A. CER
B. FRR
C. Zepher
D. FAR

Answer 75

B. FRR

Question 76

Type 2 errors are also known as?

A. CER
B. FRR
C. Zepher
D. FAR

Answer 76

D. FAR

Question 77

Which of the following is true about CER?

A. A higher number is better
B. The number should always be 100%
C. A lower number is better
D. The number is always zero

Answer 77

C. A lower number is better

Question 78

This form of biometric authentication can report false errors because of heart disease or other vascular problems.

A. Iris
B. Palm
C. Retina
D. Hand geometry

Answer 78

C. Retina

Question 79

This RFC defines the Internet protocol.

A. RFC 1766
B. RFC 791
C. RFC 792
D. RFC 1700

Answer 79

B. RFC 791

Question 80

The CIA4N concept includes all of the following except.

A. Authorization
B. Non-repudiation
C. Identification
D. Accounting

Answer 80

C. Identification

Question 81

Which of the following is about finding the balance between the costs of security against the value of assets.

A. Performance management
B. Value delivery
C. Integration
D. Resource management

Answer 81

B. Value delivery

Question 82

_________ is about utilizing the security infrastructure efficiently and effectively with minimum waste.

A. Performance management
B. Value delivery
C. Enterprise architecture
D. Resource management

Answer 82

D. Resource management

Question 83

___________________ is the practice within information technology of organizing and documenting a company’s IT assets so that planning, management, and expansion can be enhanced

A. Performance management
B. Value delivery
C. Enterprise architecture
D. Resource management

Answer 83

A. Performance management

Question 84

This risk assessment method is similar to the structured review yet individuals present for the meeting must write their responses down and hand them to the team lead for review

A. Alpha Review
B. Structured Review
C. ODFM
D. Modified Delphi

Answer 84

D. Modified Delphi

Question 85

Security awareness is an example of which control category?

A. Detective
B. Preventive
C. Corrective
D. Compensating

Answer 85

B. Preventive

Question 86

Clustering is an example of a ____________ control.

A. Detective
B. Preventive
C. Corrective
D. Compensating

Answer 86

D. Compensating

Question 87

Patching is an example of which of the following controls?

A. Detective
B. Preventive
C. Corrective
D. Compensating

Answer 87

C. Corrective

Question 88

Reviewing audit logs is an example of which of the following?

A. Detective
B. Preventive
C. Corrective
D. Compensating

Answer 88

A. Detective

Question 89

Another name for the software vulnerability version model is which of the following?

A. Plan, do, check, and correct
B. Plan, secure, confirm, and remediate
C. Plan, detect, respond, and improve
D. Initial, repeatable, defined, and optimized

Answer 89

B. Plan, secure, confirm, and remediate

Question 90

You have completed a port scan and found port 31337 open. What application commonly uses this port?

A. NetBus
B. Beast
C. Back orifice
D. Loki

Answer 90

C. Back orifice

Question 91

You have completed a port scan and found port 12345 open. What application commonly uses this port?

A. NetBus
B. Beast
C. Back orifice
D. Loki

Answer 91

A. NetBus

Question 92

Presence is used for which of the following?

A. Video conferencing for PC’s
B. Remote access for Apple computers
C. Video conferencing for Apple computers
D. Remote access for PC’s

Answer 92

D. Remote access for PC’s

Question 93

Which email application uses TCP port 143 by default?

A. SMTP
B. POP3
C. IMAP
D. SNMP

Answer 93

C. IMAP

Question 94

Which email application uses TCP port 110 by default?

A. SMTP
B. POP3
C. IMAP
D. SNMP

Answer 94

B. POP3

Question 95

What is a SPAN port used for?

A. Mirroring traffic on a switch
B. A type of port scan
C. Used with VLAN’s to segment traffic
D. Used with VoIP

Answer 95

A. Mirroring traffic on a switch

Question 96

Which of the following best defines SPIT?

A. A type of session hijack
B. Used for sniffing
C. A form on MiTM attack
D. A type of SPAM

Answer 96

D. A type of SPAM

Question 97

______ is the variations in transmission latency that can cause packet loss and degraded VoIP call quality

A. Wow
B. Jitter
C. Flutter
D. Latency

Answer 97

B. Jitter

Question 98

_______ is a delay in the transmission of a data packet

A. Wow
B. Jitter
C. Flutter
D. Latency

Answer 98

D. Latency

Question 99

This technology was seen as an improvement over RADIUS and is a form of centralized authentication.

A. Diameter
B. LDAP
C. CHAP
D. KryptoKnight

Answer 99

A. Diameter