Package deal
CompTIA Advanced Security Practitioner (CASP) Exam Bundle
CompTIA Advanced Security Practitioner (CASP) Exam Bundle
[Show more]CompTIA Advanced Security Practitioner (CASP) Exam Bundle
[Show more]Which characteristic of PGP is different from the use of formal trust certificates? - Answer The establishment of a web of trust between the users 
 
Your organization has implemented a PKI for issuing certificates. Your organization issued several certificates to a partner organization. You revok...
Preview 2 out of 11 pages
Add to cartWhich characteristic of PGP is different from the use of formal trust certificates? - Answer The establishment of a web of trust between the users 
 
Your organization has implemented a PKI for issuing certificates. Your organization issued several certificates to a partner organization. You revok...
C - Answer A security program alerts you of a failed logon attempt to a secure system. On investigation, you learn the system's normal user accidentally had caps lock turned on. What kind of alert was it? 
 
A. True positive 
B. True negative 
C. False positive 
D. False negative 
 
A - Answer ...
Preview 4 out of 55 pages
Add to cartC - Answer A security program alerts you of a failed logon attempt to a secure system. On investigation, you learn the system's normal user accidentally had caps lock turned on. What kind of alert was it? 
 
A. True positive 
B. True negative 
C. False positive 
D. False negative 
 
A - Answer ...
Key Stretching - Answer -A cryptographic technique that makes a weak key stronger by increasing the time it takes to test each possible key. In key stretching, the original key is fed into an algorithm to produce an enhanced key, which should be at least 128 bits for effectiveness. 
-Systems that ...
Preview 4 out of 92 pages
Add to cartKey Stretching - Answer -A cryptographic technique that makes a weak key stronger by increasing the time it takes to test each possible key. In key stretching, the original key is fed into an algorithm to produce an enhanced key, which should be at least 128 bits for effectiveness. 
-Systems that ...
The internal audit department is investigating a possible breach of security. One of the auditors is 
sent to interview the following employees: 
Employee A. Works in the accounts receivable office and is in charge of entering data into the 
finance system. 
Employee B. Works in the accounts payable...
Preview 4 out of 77 pages
Add to cartThe internal audit department is investigating a possible breach of security. One of the auditors is 
sent to interview the following employees: 
Employee A. Works in the accounts receivable office and is in charge of entering data into the 
finance system. 
Employee B. Works in the accounts payable...
A company has hired a new Chief Financial Officer (CFO) who has requested to be shown the ALE for a project implemented 4 years ago. The project had implemented a clustered pair of high end firewalls that cost $164,000 each at the beginning of the project. 2 years after the project was implemented, ...
Preview 4 out of 32 pages
Add to cartA company has hired a new Chief Financial Officer (CFO) who has requested to be shown the ALE for a project implemented 4 years ago. The project had implemented a clustered pair of high end firewalls that cost $164,000 each at the beginning of the project. 2 years after the project was implemented, ...
SELinux - Answer An administrator wants to enable policy based flexible mandatory access controls on an open 
source OS to prevent abnormal application modifications or executions. Which of the following 
would BEST accomplish this? 
 
A. Access control lists 
B. SELinux 
C. IPtables firewall 
D. ...
Preview 4 out of 137 pages
Add to cartSELinux - Answer An administrator wants to enable policy based flexible mandatory access controls on an open 
source OS to prevent abnormal application modifications or executions. Which of the following 
would BEST accomplish this? 
 
A. Access control lists 
B. SELinux 
C. IPtables firewall 
D. ...
A flaw in an online sporting goods website allows customers to purchase multiple quantities of goods and only be charged the single quantity price. To improve the site, management is demanding that the ecommerce application be tested to insure this flaw is corrected. Which of the following is the BE...
Preview 2 out of 9 pages
Add to cartA flaw in an online sporting goods website allows customers to purchase multiple quantities of goods and only be charged the single quantity price. To improve the site, management is demanding that the ecommerce application be tested to insure this flaw is corrected. Which of the following is the BE...
Large multinational organization wants to improve elasticity and resource usage of hardware that is housing on-premise critical internal services - Answer Private cloud with IaaS 
 
Collection of organizations in th esame industry vertical developing services based on a common application stack - ...
Preview 4 out of 94 pages
Add to cartLarge multinational organization wants to improve elasticity and resource usage of hardware that is housing on-premise critical internal services - Answer Private cloud with IaaS 
 
Collection of organizations in th esame industry vertical developing services based on a common application stack - ...
A security engineer on a large enterprise network needs to schedule maintenance within a fixed window of time. A total outage period of four hours is permitted for servers. Workstations can undergo maintenance from 8:00 pm to 6:00 am daily. Which of the following can specify parameters for the maint...
Preview 4 out of 51 pages
Add to cartA security engineer on a large enterprise network needs to schedule maintenance within a fixed window of time. A total outage period of four hours is permitted for servers. Workstations can undergo maintenance from 8:00 pm to 6:00 am daily. Which of the following can specify parameters for the maint...
An infrastructure team is at the end of a procurement process and has selected a vendor. As part of 
the final negotiations, there are a number of outstanding issues, including: 
1. Indemnity clauses have identified the maximum liability 
2. The data will be hosted and managed outside of the company...
Preview 4 out of 56 pages
Add to cartAn infrastructure team is at the end of a procurement process and has selected a vendor. As part of 
the final negotiations, there are a number of outstanding issues, including: 
1. Indemnity clauses have identified the maximum liability 
2. The data will be hosted and managed outside of the company...
3DES - Answer Triple Digital Encryption Standard 
 
AAA - Answer Authentication, Authorization and Accounting 
 
AAR - Answer After Action Report 
 
ACL - Answer Access Control List 
 
AD - Answer Active Directory 
 
AES - Answer Advanced Encryption Standard 
 
AH - Answer Authenticati...
Preview 3 out of 25 pages
Add to cart3DES - Answer Triple Digital Encryption Standard 
 
AAA - Answer Authentication, Authorization and Accounting 
 
AAR - Answer After Action Report 
 
ACL - Answer Access Control List 
 
AD - Answer Active Directory 
 
AES - Answer Advanced Encryption Standard 
 
AH - Answer Authenticati...
Several of your organization's users have requested permission to install certificates from a third party. Company policy states that before users can install these certificates, you must verify that the certificates are still valid. You need to check for revocation. What could you check to verify ...
Preview 4 out of 52 pages
Add to cartSeveral of your organization's users have requested permission to install certificates from a third party. Company policy states that before users can install these certificates, you must verify that the certificates are still valid. You need to check for revocation. What could you check to verify ...
Key Stretching - Answer Makes a weak key stronger by increasing the time it takes to test each possible key. The original key is fed to an algorithm to produce an enhanced key, which should be at least 128 bits. 
 
Systems that use key stretching - Answer Pretty Good Privacy (PGP), GNU Privacy G...
Preview 2 out of 13 pages
Add to cartKey Stretching - Answer Makes a weak key stronger by increasing the time it takes to test each possible key. The original key is fed to an algorithm to produce an enhanced key, which should be at least 128 bits. 
 
Systems that use key stretching - Answer Pretty Good Privacy (PGP), GNU Privacy G...
The Chief Information Officer (CIO) is reviewing the IT centric BIA and RA documentation. The documentation shows that a single 24 hours downtime in a critical business function will cost the business $2.3 million. Additionally, the business unit which depends on the critical business function has d...
Preview 4 out of 46 pages
Add to cartThe Chief Information Officer (CIO) is reviewing the IT centric BIA and RA documentation. The documentation shows that a single 24 hours downtime in a critical business function will cost the business $2.3 million. Additionally, the business unit which depends on the critical business function has d...
There have been some failures of the company's internal facing website. A security engineer has found the WAF to be the root cause of the failures. System logs show that the WAF has been unavailable for 14 hours over the past month, in four separate situations. One of these situations was a two hou...
Preview 2 out of 8 pages
Add to cartThere have been some failures of the company's internal facing website. A security engineer has found the WAF to be the root cause of the failures. System logs show that the WAF has been unavailable for 14 hours over the past month, in four separate situations. One of these situations was a two hou...
The Chief Information Security Office (CISO) informs the team that since the organization will sign a NDA with any potential suppliers, the most current industry evaluation should include details of tests performed by the supplier's auditors and the associated results. Based on the requirements pro...
Preview 3 out of 16 pages
Add to cartThe Chief Information Security Office (CISO) informs the team that since the organization will sign a NDA with any potential suppliers, the most current industry evaluation should include details of tests performed by the supplier's auditors and the associated results. Based on the requirements pro...
Trusted Operating System - Answer provides support for multilevel security and evidence of correctness to meet a particular set of government requirements 
 
Trusted Computer System Evaluation Criteria (TCSEC) - Answer - standards for the DoD to evaluate products 
- Orange Book a collection of c...
Preview 2 out of 9 pages
Add to cartTrusted Operating System - Answer provides support for multilevel security and evidence of correctness to meet a particular set of government requirements 
 
Trusted Computer System Evaluation Criteria (TCSEC) - Answer - standards for the DoD to evaluate products 
- Orange Book a collection of c...
A company with 2000 workstations is considering purchasing a HIPS to minimize the impact of a system compromise from malware. Currently, the company projects a total cost of $50,000 for the next three years responding to and eradicating workstation malware. The Information Security Officer (ISO) has...
Preview 4 out of 44 pages
Add to cartA company with 2000 workstations is considering purchasing a HIPS to minimize the impact of a system compromise from malware. Currently, the company projects a total cost of $50,000 for the next three years responding to and eradicating workstation malware. The Information Security Officer (ISO) has...
802.1x - Answer An IEEE standard used to provide a port-based authentication mechanism over a LAN or wireless LAN. 
 
After Action Report - Answer A post-incident report that include lessons learned to improve security for the future. 
 
Accountability - Answer In security terms, the process o...
Preview 4 out of 46 pages
Add to cart802.1x - Answer An IEEE standard used to provide a port-based authentication mechanism over a LAN or wireless LAN. 
 
After Action Report - Answer A post-incident report that include lessons learned to improve security for the future. 
 
Accountability - Answer In security terms, the process o...
Encapsulating Security Payload (ESP) - Answer An IPsec sub-protocol that enables encryption and authentication of the header and payload of a data packet 
 
2FA (two-factor authentication) - Answer can be used to help protect your account from unauthorized access by requiring you to enter an add...
Preview 4 out of 66 pages
Add to cartEncapsulating Security Payload (ESP) - Answer An IPsec sub-protocol that enables encryption and authentication of the header and payload of a data packet 
 
2FA (two-factor authentication) - Answer can be used to help protect your account from unauthorized access by requiring you to enter an add...
You are the security administrator for your company. You are required to implement a solution that will provide the highest level of confidentiality possible to all data on the network. 
 
Two-factor token and biometric-based authentication is implemented for all users. Administrator-level accounts ...
Preview 4 out of 64 pages
Add to cartYou are the security administrator for your company. You are required to implement a solution that will provide the highest level of confidentiality possible to all data on the network. 
 
Two-factor token and biometric-based authentication is implemented for all users. Administrator-level accounts ...
Your organization has been working to formally document all of its third-party agreements. Management contacts you, requesting that you provide access to a document that spells out exactly the security measures that should be taken with respect to the handling of data exchanged between your organiza...
Preview 4 out of 253 pages
Add to cartYour organization has been working to formally document all of its third-party agreements. Management contacts you, requesting that you provide access to a document that spells out exactly the security measures that should be taken with respect to the handling of data exchanged between your organiza...
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Stuvia is a marketplace, so you are not buying this document from us, but from seller cracker. Stuvia facilitates payment to the seller.
No, you only buy these notes for $50.99. You're not tied to anything after your purchase.
4.6 stars on Google & Trustpilot (+1000 reviews)
52355 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now