CompTIA CASP+ Sample Questions

Correct Answer: Digital signatures Explanation: Digital signatures provide non-repudiation, ensuring that the signer of a document or transaction cannot credibly deny having signed it, as the signature is uniquely linked to their private key.

Correct Answer: Reconnaissance Explanation: Reconnaissance (or information gathering) is the initial phase where the tester collects information about the target, including identifying open ports and services, without actively exploiting vulnerabilities.

Correct Answer: Elliptic Curve Cryptography (ECC) Explanation: ECC offers comparable security to RSA with significantly smaller key sizes and less computational overhead, making it ideal for resource-constrained devices like IoT endpoints.

Correct Answer: Increased risk of software vulnerabilities or backdoors being introduced Explanation: Poor security practices and a lack of transparency in a supply chain vendor significantly increase the risk that their software components could contain unaddressed vulnerabilities, malware, or even intentional backdoors, which would then be inherited by the purchasing organization.

Correct Answer: Application Whitelisting Explanation: Application whitelisting (or allow-listing) is a highly effective control that permits only approved applications to run on a system, blocking all others by default. This directly prevents unauthorized executables.

Correct Answer: MITRE ATT&CK Framework Explanation: The MITRE ATT&CK framework explicitly maps adversary tactics (objectives) and techniques (specific methods) based on real-world observations, making it ideal for understanding and detecting "living-off-the-land" attacks that don't rely on traditional malware signatures.

Correct Answer: Static Application Security Testing (SAST) Explanation: SAST is typically integrated into the CI/CD pipeline, analyzing source code or compiled code for security vulnerabilities before the application is run, allowing for early detection of coding flaws.

Correct Answer: Centralized logging; risk of log tampering or loss if the server is compromised Explanation: Storing logs on the same system they are logging poses a significant risk. If the system is compromised, an attacker can easily tamper with or delete the logs to cover their tracks. Centralized, immutable logging is a critical security control.

Correct Answer: Diversity/Heterogeneity Explanation: Diversity (or heterogeneity) in security architecture means employing different products, vendors, or technologies to achieve the same security function, so that a vulnerability in one system does not compromise the entire infrastructure.

Correct Answer: Perfect Forward Secrecy Explanation: Perfect Forward Secrecy (PFS) ensures that a compromise of a long-term secret key (e.g., server's private key) does not compromise past session keys, meaning past communications remain secure even if the long-term key is later exposed.