01. A security engineer estimates the company's popular web application experiences 100 attempted breaches per day. In the past four years, the company's data has been breached two times.
Which of the following should the engineer report as the ARO for successful breaches?
a) 8
b) 0.5
c) 50
d) 36,500
02. Which of the following describes a contract that is used to define the various levels of maintenance to be provided by an external business vendor in a secure environment?
a) NDA
b) MOU
c) BIA
d) SLA
03. An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial patches against a recent exploit that could gain root access.
Which of the following describes the administrator's discovery?
a) A vulnerability
b) A threat
c) A breach
d) A risk
04. A company recently migrated from on-premises to cloud to meet a new requirement that the cloud provider reacts to any security vulnerabilities related to the underlying service.
Which of the following risk handling techniques is described?
a) Avoid
b) Transfer
c) Accept
d) Mitigate
05. An organization recently started processing, transmitting, and storing its customers' credit card information. Within a week of doing so, the organization suffered a massive breach that resulted in the exposure of the customers' information.
Which of the following provides the BEST guidance for protecting such information while it is at rest and in transit?
a) NIST
b) GDPR
c) PCI DSS
d) ISO
06. A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software.
Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run in serial to restore nominal performance. The ISP wants this process to be automated.
Which of the following techniques would be BEST suited for this requirement?
a) Deploy SOAR utilities and runbooks.
b) Replace the associated hardware.
c) Provide the contractors with direct access to satellite telemetry data.
d) Reduce link latency on the affected ground and satellite segments.
07. As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents. Which of the following BEST describes this kind of risk response?
a) Risk rejection
b) Risk mitigation
c) Risk transference
d) Risk avoidance
08. Which of the following is the GREATEST security concern with respect to BYOD?
a) The filtering of sensitive data out of data flows at geographic boundaries
b) Removing potential bottlenecks in data transmission paths
c) The transfer of corporate data onto mobile corporate devices
d) The migration of data into and out of the network in an uncontrolled manner
09. Many of an organization's recent security incidents on the corporate network involve third-party software vulnerabilities. Which of the following would reduce the risk presented by these vulnerabilities?
a) Only allow approved applications to be installed on workstations.
b) Block all malicious and hard to manage applications from being installed.
c) Perform software composition analysis for all software developed in-house.
d) Properly manage third-party libraries in the development environment.
10. A review of the past year's attack patterns shows that attackers stopped reconnaissance after finding a susceptible system to compromise.
The company would like to find a way to use this information to protect the environment while still gaining valuable attack information.
Which of the following would be BEST for the company to implement?
a) A WAF
b) An IDS
c) A SIEM
d) A honeypot
The purpose of this Sample Question Set is to provide you with information about the CompTIA Advanced Security Practitioner exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CAS-004 certification test. To get familiar with real exam environment, we suggest you try our Sample CompTIA CASP+ Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual CompTIA Advanced Security Practitioner (CASP+) certification exam.