CASP Practice Test Flashcards by Nicholas Phelps

Which of the following is known as a ROT 3 cipher?

A. Caesar
B. Scytale
C. DES
D. AES

A. Caesar

Caesar cipher is an early form of encryption and is also known as a ROT3 cipher.

How well did you know this?

Not at all

Perfectly

Which of the following is not one of the four common goals of cryptography?

A. Privacy
B. Authentication
C. Availability
D. Integrity

C. Availability

The four common goals of cryptography include privacy, authentication, integrity, and non-repudiation.

How well did you know this?

Not at all

Perfectly

The act of obtaining plain text from cipher text without a cryptographic key is known as what?

A. Encryption
B. Cryptanalysis
C. Hashing
D. Integrity verification

B. Cryptanalysis

Cryptanalysis is the act of obtaining plain text from cipher text without a cryptographic key.

How well did you know this?

Not at all

Perfectly

______ is a measure of the randomness of data collected by an application or even an operating system and used to create a cryptography key

A. Encryption
B. Hashing
C. Entropy
D. Confusion

C. Entropy

While key size is important, the randomness of the key is also critical. Entropy is a measure of the randomness of data collected by an application or even an operating system and used to create a cryptography key

How well did you know this?

Not at all

Perfectly

Which of the following is not a symetric algrothim?

A. CAST
B. RC5
C. DES
D. RSA

D. RSA

Example of symmetric encryption techniques include CAST, DES, and RC5. RSA is a asymmetric algorithm

How well did you know this?

Not at all

Perfectly

DES does how many rounds during the encryption process?

A. 2
B. 8
C. 16
D. 48

C. 16

DES does 16 rounds of substitution and transposition during the encryption process.

How well did you know this?

Not at all

Perfectly

3DES does how many rounds during the encryption process?

A. 2
B. 8
C. 16
D. 48

D. 48

3DES does 48 rounds of substitution and transposition during the encryption process.

How well did you know this?

Not at all

Perfectly

Which of the following makes use of a stream cipher process?

A. DES ECB
B. RC4
C. RC5
D. CAST

B. RC4

RC4 is considered a stream cipher whereas DES ECB, RC5, and RC6 are block ciphers.

How well did you know this?

Not at all

Perfectly

SAFER uses ___ blocks of data?

A. 8
B. 32
C. 64
D. 256

C. 64

Secure and Fast Encryption Routine is a block-based cipher that processes data in blocks of 64 and 128 bits.

How well did you know this?

Not at all

Perfectly

DES has an effective key length of?

A. 32
B. 56
C. 64
D. 256

B. 56

The DES key size is 56- bits, and DES has four primary modes of operation

How well did you know this?

Not at all

Perfectly

Cisco first came up with which of the following remote access technology?

A. TACACS
B. RADIUS
C. Diameter
D. XTACACS

A. TACACS

Cisco has implemented a variety of remote access methods through its networking hardware and software. Originally, this was Terminal Access Controller Access Control System (TACACS).

How well did you know this?

Not at all

Perfectly

These devices have the ability to perform deep packet inspection and look at requests and responses within the HTTP/HTTPS/SOAP/XML-RPC/Web Service layers.

A. Proxy
B. IDS
C. DMZ
D. WAF

D. WAF

A WAF is a firewall sitting between a web- client and a web server, analyzing OSI Layer-7 traffic.

How well did you know this?

Not at all

Perfectly

What is another name for digital controllers?

A. SCADA
B. JK Flip/Flops
C. Cyber systems
D. NAC

A. SCADA

Yesterday’s analog controls have become today’s digital systems. These digital controls are known as Supervisory Control And Data Acquisition (SCADA) systems.

How well did you know this?

Not at all

Perfectly

Which of the following doe VoIP not use?

A. IAX
B. H.121
C. SIP
D. RTP

B. H.121

VoIP makes use of protocols such as Session Initiation Protocol (SIP), H.323, Inter-Asterisk eXchange protocol (IAX), and Real-time Transport Protocol (RTP).

How well did you know this?

Not at all

Perfectly

HTTP functions at which layer of the TCP model?

A. Application
B. Host-to-host
C. Internet
D. Data link

A. Application

HTTP, and other protocols like Telnet and SNMP, function at the application layer where they provide network services.

How well did you know this?

Not at all

Perfectly

What TCP port does SMTP use?

A. 21
B. 23
C. 25
D. 80

C. 25

SMTP uses TCP port 25

How well did you know this?

Not at all

Perfectly

What UDP port does TFTP use?

A. 21
B. 69
C. 25
D. 161

B. 69

UDP port 69 is used for TFTP

How well did you know this?

Not at all

Perfectly

This protocol is no longer used in IPv6?

A. ICMP
B. TCP
C. ARP
D. DNS

C. ARP

Say goodbye to ARP. While ARP is an integral part of IPv4, it is not used with IPv6. IPV6 makes use of NDP, the neighbor discovery protocol (NDP).

How well did you know this?

Not at all

Perfectly

An IPv4 header has a default length of _______________ .

A. 16 bytes
B. 8 bytes
C. 20 bytes
D. 40 bytes

C. 20 bytes

IPv4 has a 20 byte default header length and can be 60 bytes maximum with options.

How well did you know this?

Not at all

Perfectly

An ICMP type 8 message is best defined as?

A. Unreachable
B. Ping
C. Redirect
D. Time exceeded

B. Ping

ICMP is used for logical errors and diagnostics. An ICMP type 8 is a ping request.

How well did you know this?

Not at all

Perfectly

___________________ describes a cloud solution where you are buying infrastructure

A. IaaS
B. BasF
C. MaaS
D. SaaS

A. IaaS

How well did you know this?

Not at all

Perfectly

This approach includes monitoring for networks, application, servers, applications, and remote systems .

A. IaaS
B. BasF
C. MaaS
D. SaaS

C. MaaS

How well did you know this?

Not at all

Perfectly

Another name for a confused deputy attack is?

A. XSS
B. DoS
C. Session hijacking
D. Sniffing

A. XSS

How well did you know this?

Not at all

Perfectly

This Cisco VLAN technology wraps the Ethernet frame, yet but it is not a standard used by all vendors.

A. ISL
B. QLAN
C. 802.1q
D. STP

A. ISL

How well did you know this?

Not at all

Perfectly

This VLAN standard places information inside the Ethernet frame. A. ISL B. QLAN C. 802.1q D. STP

C. 802.1q

______ is an attack in which an attacker tries to send data to hosts that belong to other VLANs A. Spanning B. VLAN hopping C. Bridging D. Scanning

B. VLAN hopping

______ is a SAN standard used for connecting data storage facilities and allowing remote SCSI devices to communicate A. HBA B. vSCAN C. FCoE D. iSCSI

D. iSCSI

______ can operate at speeds of 10 Gigabits gigabits per second and rides on top of the Ethernet protocol. A. HBA B. vSCAN C. FCoE D. iSCSI

C. FCoE

_______ is implemented primarily at the HBA level. A. LUN masking B. vSCAN C. FCoE D. iSCSI

A. LUN masking

_________ is the process of removing redundant data to improve enterprise storage utilization. A. Data scanning B. Data aggregation C. Data duplication D. Data mining

C. Data duplication

What implict command is at the end of every ACL? A. A default deny all B. An end statement C. A default allow all D. An allow statement

A. A default deny all

Snort can not filter on which of the following traffic types A. IP B. TCP C. UDP D. OSPF

D. OSPF

Extended ACL's cannot by default examine which of the following? A. Protocol B. IPSEC data C. DSCP D. Precedent value

B. IPSEC data

What is wrong with the following ACL? interface Eth0 deny ip any any deny tcp 10.10.10.128 0.0.0.63 any eq smtp deny tcp any eq 23 int ethernet 0 ip access-group 110 out A. Access-group statement B. Interface Eth0 C. Deny TCP statement D. Deny all statement

D. Deny all statement

Which model uses the following, "This property states that an object at one level of integrity is not permitted to write to an object of higher integrity." A. Bell-LaPadula B. Biba C. Clark Wilson D. Brewer Nash

B. Biba

Which of the following Evaluation Assurance Levels (EAL) matches methodically designed tested, and reviewed? A. EAL 1 B. EAL 2 C. EAL 3 D. EAL 4

D. EAL 4

Structurally tested is what EAL level? A. EAL 1 B. EAL 2 C. EAL 3 D. EAL 4

B. EAL 2

ITSEC was designed for use in what region of the world? A. China B. Canada C. Europe D. USA

D. USA

Which of the following is used of identifying the version of OS running on a computer? A. Nmap -O B. Nmap -sS C. Nmap -sU D. Nmap –sT

A. Nmap -O

Which of the following is a confidentiality based model? A. Bell-LaPadula B. Biba C. Clark Wilson D. Brewer Nash

A. Bell-LaPadula

______ is not a replacement for a traditional firewall but simply adds another layer of protection A. NAC B. IDP C. IDS D. WAF

D. WAF

You just finished a port scan and have found port 88 open. What application uses port 88?. A. TFTP B. Kerberos C. LDAP D. Finger

B. Kerberos

How many steps of the TCP startup are completed in a stealth scan? A. One B. Two C. Three D. None

B. Two

After completing a port scan you have identified TCP port 80 as open. What should be your next step? A. Banner grab B. Map the attack surface C. Launch a IIS exploit D. Launch a Apache exploit

A. Banner grab

With this form of test there is very little or no knowledge of the target network or its systems. A. Crystal box B. White box C. Gray box D. Black box

D. Black box

This type of attack targets availability and is characterized by large amounts of traffic. A. Session hijacking B. Sniffing C. DoS D. SQL injection

C. DoS

You have identified a system that may not have a functioning antivirus program. How can you check to see if it is working properly? A. EICAR B. Load known malware C. Port scan D. FERPA

A. EICAR

Your IDS has identified network traffic that appears to be a series of ARP replies with no corresponding ARP requests. What might be the purpose of this activity? A. DNS poisoning B. IPv6 traffic C. ARP cache poisoning D. Network discovery traffic

C. ARP cache poisoning

This technique is used to determine the OS of a system by injecting traffic. A. Hijacking B. Active OS fingerprinting C. Sniffing D. Passive OS fingerprinting

B. Active OS fingerprinting

_______ is the process of configuring a switch to see all the traffic on one specific port. A. SPAN B. ARP poisoning C. Spoofing D. Hijacking

A. SPAN

Which of the following is the formula for SLE? A. AV * ALE B. AV * EF C. AV / EF D. AV * ARO

B. AV * EF

Which of the following is the formula for ALE? A. SRE * ARO B. AV * SLE C. EF * ARO D. SLE * ARO

D. SLE * ARO

An ______is an item of value to an institution such as data, hardware, software, or physical property A. Asset B. Vulnerability C. Tangible item D. Risk

A. Asset

A _________ can be best defined as a type of business entity in which two or more entities share potential profit and risk with each other A. Incorporation B. Partnership C. Merger D. Sole proprietorship

B. Partnership

A ________ is a weakness in a system design, a weakness in the implementation of an operational procedure, or a weakness in how software or code A. Asset B. Vulnerability C. Tangible item D. Risk

B. Vulnerability

This law was signed into law in 1999 and resulted in the most sweeping overhaul of financial services regulation in the United States A. Patriot Act B. HIPAA C. GLBA D. FISMA

C. GLBA

This encryption method is a type of secure cryptoprocessor targeted at managing cryptographic keys. A. TrueCrypt B. HSM C. EFS D. TPM

B. HSM

Which of the following is a specialized chip that can be installed on the motherboard of a client and is used for encryption. A. TrueCrypt B. HSM C. EFS D. TPM

D. TPM

Which of the following encryption algorithms can be used for data at rest and is based on the Rijndael algorithm? A. AES B. DES C. RC D. CAST

A. AES

ANSI X12 is used for which of the following? A. Unix file transfers B. PKI C. Digital certificates D. EDI

D. EDI

This document dictates management’s commitment to the use, operation, and security of information systems A. Procedure B. Policy C. Standard D. Baseline

B. Policy

This document is considered step by step and can be tied closely to hardware. A. Procedure B. Policy C. Guideline D. Baseline

A. Procedure

These are considered tactical documents, as they lay out specific steps or processes required to meet a certain requirement A. Procedure B. Policy C. Standard D. Baseline

C. Standard

While preparing to develop a document on patch management you have been asked to review current vulnerabilities. Which U.S. government agency is responsible for the creation of lists of known vulnerabilities in operating systems? A. DoD B. Secret service C. NSA D. NIST

C. NSA

In the realm of Internet standards what document is used fore the creation of new requirements? A. MOU B. RFC C. RFP D. SLA

B. RFC

This document specifies conditions and applied terms for outsourcing partner organizations that must share data and information resources. A. MOU B. RFC C. RFP D. SLA

A. MOU

This document specifies the maximum amount of outage time? A. MOU B. RFC C. RFP D. SLA

D. SLA

This document can be used to specify what former employees can discuss about company business after leaving the company. A. BPA B. MOU C. NDA D. SLA

C. NDA

_______ is another example of a legally binding document that is designed to provide safeguards and compel certain actions among business partners A. BPA B. MOU C. NDA D. SLA

A. BPA

This personal control is used to reduce fraud and ensure a backup if the employee is unavailable. A. PKCS B. SSL C. TTS D. Telnet

B. SSL

Which of the following is not a vulnerability scanner? A. Nessus B. Wireshark C. Satan D. Saint

B. Wireshark

An Nmap full connect scan uses which of the following? A. Nmap -O B. Nmap -sS C. Nmap -sU D. Nmap –sT

D. Nmap –sT

Which of the following would best be used for forensic examination of a hard disk? A. Helix B. Backtrack C. Knoppix D. Auditor

A. Helix

You have captured he following traffic with Windump. What best describes this protocol or application? ICMP Type 3 Code 13 A. Ping message B. Unreachable message C. Redirect message D. TTL failure message

B. Unreachable message

Type 1 errors are also know as? A. CER B. FRR C. Zepher D. FAR

B. FRR

Type 2 errors are also known as? A. CER B. FRR C. Zepher D. FAR

D. FAR

Which of the following is true about CER? A. A higher number is better B. The number should always be 100% C. A lower number is better D. The number is always zero

C. A lower number is better

This form of biometric authentication can report false errors because of heart disease or other vascular problems. A. Iris B. Palm C. Retina D. Hand geometry

C. Retina

This RFC defines the Internet protocol. A. RFC 1766 B. RFC 791 C. RFC 792 D. RFC 1700

B. RFC 791

The CIA4N concept includes all of the following except. A. Authorization B. Non-repudiation C. Identification D. Accounting

C. Identification

Which of the following is about finding the balance between the costs of security against the value of assets. A. Performance management B. Value delivery C. Integration D. Resource management

B. Value delivery

_________ is about utilizing the security infrastructure efficiently and effectively with minimum waste. A. Performance management B. Value delivery C. Enterprise architecture D. Resource management

D. Resource management

___________________ is the practice within information technology of organizing and documenting a company’s IT assets so that planning, management, and expansion can be enhanced A. Performance management B. Value delivery C. Enterprise architecture D. Resource management

A. Performance management

This risk assessment method is similar to the structured review yet individuals present for the meeting must write their responses down and hand them to the team lead for review A. Alpha Review B. Structured Review C. ODFM D. Modified Delphi

D. Modified Delphi

Security awareness is an example of which control category? A. Detective B. Preventive C. Corrective D. Compensating

B. Preventive

Clustering is an example of a ____________ control. A. Detective B. Preventive C. Corrective D. Compensating

D. Compensating

Patching is an example of which of the following controls? A. Detective B. Preventive C. Corrective D. Compensating

C. Corrective

Reviewing audit logs is an example of which of the following? A. Detective B. Preventive C. Corrective D. Compensating

A. Detective

Another name for the software vulnerability version model is which of the following? A. Plan, do, check, and correct B. Plan, secure, confirm, and remediate C. Plan, detect, respond, and improve D. Initial, repeatable, defined, and optimized

B. Plan, secure, confirm, and remediate

You have completed a port scan and found port 31337 open. What application commonly uses this port? A. NetBus B. Beast C. Back orifice D. Loki

C. Back orifice

You have completed a port scan and found port 12345 open. What application commonly uses this port? A. NetBus B. Beast C. Back orifice D. Loki

A. NetBus

Presence is used for which of the following? A. Video conferencing for PC's B. Remote access for Apple computers C. Video conferencing for Apple computers D. Remote access for PC's

D. Remote access for PC's

Which email application uses TCP port 143 by default? A. SMTP B. POP3 C. IMAP D. SNMP

C. IMAP

Which email application uses TCP port 110 by default? A. SMTP B. POP3 C. IMAP D. SNMP

B. POP3

What is a SPAN port used for? A. Mirroring traffic on a switch B. A type of port scan C. Used with VLAN's to segment traffic D. Used with VoIP

A. Mirroring traffic on a switch

Which of the following best defines SPIT? A. A type of session hijack B. Used for sniffing C. A form on MiTM attack D. A type of SPAM

D. A type of SPAM

______ is the variations in transmission latency that can cause packet loss and degraded VoIP call quality A. Wow B. Jitter C. Flutter D. Latency

B. Jitter

_______ is a delay in the transmission of a data packet A. Wow B. Jitter C. Flutter D. Latency

D. Latency

This technology was seen as an improvement over RADIUS and is a form of centralized authentication. A. Diameter B. LDAP C. CHAP D. KryptoKnight

A. Diameter