CompTIA CASP+ Security Architecture Test 1 with 100% Correct answers
3 views 0 purchase
Course
CASP - Comptia Advanced Security Practitioner
Institution
CASP - Comptia Advanced Security Practitioner
What is the primary goal of security architecture?
• A) To reduce the cost of security implementations
• B) To ensure a secure environment for information systems
• C) To comply with regulatory standards
• Answer: B) To ensure a secure environment for information systems
• Expla...
CompTIA CASP+ Security Architecture Test 1 with 100% Correct answers
1. What is the primary goal of security architecture?
• A) To reduce the cost of security implementations
• B) To ensure a secure environment for information systems
• C) To comply with regulatory standards
• Answer: B) To ensure a secure environment for information systems
• Explanation: The primary goal of security architecture is to create a structured framework that
protects the integrity, confidentiality, and availability of information systems.
2. Which of the following is a foundational principle of security architecture?
• A) Usability
• B) Confidentiality
• C) Affordability
• Answer: B) Confidentiality
• Explanation: Confidentiality is a core principle of security architecture, ensuring that sensitive
information is protected from unauthorized access.
3. What does the term "defense in depth" refer to?
• A) Using a single security measure to protect assets
• B) Implementing multiple layers of security controls
• C) Limiting access to critical systems
• Answer: B) Implementing multiple layers of security controls
• Explanation: Defense in depth is a strategy that employs multiple security measures to protect
assets, making it more difficult for an attacker to breach security.
4. Which framework is commonly used for developing an enterprise security
architecture?
• A) COBIT
• B) TOGAF
• C) NIST SP 800-53
• Answer: C) NIST SP 800-53
• Explanation: NIST SP 800-53 provides a comprehensive framework for selecting and specifying
security controls for federal information systems, widely adopted in enterprise security
architecture.
5. What is the purpose of an access control model?
• A) To define how users are authenticated
• B) To specify how access to resources is granted and managed
• C) To monitor network traffic for suspicious activity
, • Answer: B) To specify how access to resources is granted and managed
• Explanation: An access control model outlines the policies and procedures that dictate how
access to resources is determined and enforced.
6. In which access control model are access rights based on user roles?
• A) Mandatory Access Control (MAC)
• B) Role-Based Access Control (RBAC)
• C) Discretionary Access Control (DAC)
• Answer: B) Role-Based Access Control (RBAC)
• Explanation: RBAC assigns access rights based on user roles within an organization, allowing for
easier management of permissions.
7. What is the primary function of a firewall?
• A) To encrypt data
• B) To monitor network performance
• C) To control incoming and outgoing network traffic
• Answer: C) To control incoming and outgoing network traffic
• Explanation: A firewall acts as a barrier between a trusted internal network and untrusted
external networks, controlling the flow of traffic based on predefined security rules.
8. Which of the following describes "least privilege" in security?
• A) Users have unrestricted access to all resources
• B) Users are given only the access necessary to perform their job functions
• C) Access rights are granted based on seniority
• Answer: B) Users are given only the access necessary to perform their job functions
• Explanation: The principle of least privilege limits users' access rights to only those necessary for
their roles, reducing the risk of unauthorized access.
9. Which type of attack involves intercepting communication between two
parties?
• A) Man-in-the-middle attack
• B) Phishing
• C) Denial of Service (DoS)
• Answer: A) Man-in-the-middle attack
• Explanation: A man-in-the-middle attack occurs when an attacker secretly relays and possibly
alters the communication between two parties who believe they are directly communicating
with each other.
10. What is the primary purpose of data encryption?
• A) To improve system performance
• B) To protect data integrity
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller UndisputedPundit. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $8.49. You're not tied to anything after your purchase.
