Free CASP+ Practice Test

Correct Answer: Honeypots / Deception Technology Explanation: Honeypots and deception technologies are systems specifically designed to lure, trap, and study attackers, providing false targets and collecting intelligence on their TTPs, while diverting them from real assets.

Correct Answer: Data sovereignty Explanation: Data sovereignty refers to the legal requirements that govern where data must be stored and processed, typically dictated by the laws of the country where the data originated or resides.

Correct Answer: SAML or OpenID Connect Explanation: SAML (Security Assertion Markup Language) and OpenID Connect are widely used open standards for federated identity, enabling Single Sign-On (SSO) across different security domains and applications, including cloud services.

Correct Answer: Privileged Access Management Explanation: Privileged Access Management (PAM) solutions control, monitor, and audit privileged accounts and access, often incorporating jump servers, session recording, and just-in-time access to enforce least privilege for administrative tasks.

Correct Answer: Dynamic analysis with behavioral indicators Explanation: Unknown malware requires behavioral analysis. Dynamic analysis runs the malware in a sandbox and monitors its actions (e.g., network connections, file modifications, process injections) to generate behavioral indicators that can be used for future detection.

Correct Answer: Microservices architecture Explanation: Microservices architecture designs applications as a collection of loosely coupled, independently deployable services. This architectural style inherently promotes isolation and limits the impact (blast radius) of a security compromise in one service.

Correct Answer: Cloud object storage with immutability and content addressing Explanation: Cloud object storage often offers immutability (data cannot be changed once written) and content addressing (data is retrieved via its cryptographic hash), making it ideal for ensuring the long-term integrity and verifiability of archival data.

Correct Answer: Limited access to underlying infrastructure logs and data Explanation: Cloud service providers often abstract away the underlying infrastructure, making it difficult for cloud consumers to access detailed host-level logs, hypervisor data, or conduct deep forensic analysis on the physical hardware.

Correct Answer: Digital signatures Explanation: Digital signatures provide both authenticity (verifying the sender's identity) and integrity (ensuring the data has not been altered since it was signed) of software binaries. Hashing alone only provides integrity.

Correct Answer: Commercial threat intelligence platforms with deep analysis Explanation: While OSINT provides general information, commercial platforms often aggregate, analyze, and enrich data specifically on nation-state actors, offering more detailed TTPs, indicators, and contextual analysis.