CompTIA CASP+ Security Engineering Test 5 with 100% Correct answers
1. What is the primary purpose of encryption in data storage?
• A) Increase data accessibility
• B) Ensure data confidentiality
• C) Improve data processing speed
• Answer: B) Ensure data confidentiality
• Explanation: Encryption protects stored data by making it unreadable to unauthorized users,
ensuring confidentiality.
2. Which technique provides protection against SQL injection attacks?
• A) Data obfuscation
• B) Input validation
• C) Network segmentation
• Answer: B) Input validation
• Explanation: Input validation verifies and sanitizes user inputs, which prevents malicious SQL
code execution in databases.
3. Which access control model restricts access based on users' roles in an
organization?
• A) Discretionary Access Control (DAC)
• B) Role-Based Access Control (RBAC)
• C) Mandatory Access Control (MAC)
• Answer: B) Role-Based Access Control (RBAC)
• Explanation: RBAC assigns permissions based on roles, streamlining access control and ensuring
consistent permission assignment.
4. What is the main benefit of network segmentation in a security strategy?
• A) Reduces latency
• B) Increases traffic speed
• C) Limits attack spread within the network
• Answer: C) Limits attack spread within the network
• Explanation: Network segmentation isolates different parts of a network, containing potential
breaches and limiting the impact of an attack.
5. Which cryptographic function is used to verify data integrity?
• A) Encryption
• B) Hashing
• C) Tokenization
• Answer: B) Hashing
, • Explanation: Hashing creates a unique hash value for data, allowing verification of integrity by
comparing hash values.
6. What is the primary role of a Security Operations Center (SOC)?
• A) Deploying new applications
• B) Conducting risk assessments
• C) Monitoring and responding to security incidents
• Answer: C) Monitoring and responding to security incidents
• Explanation: A SOC continuously monitors systems for security incidents and responds promptly
to potential threats.
7. Which protocol secures data transmission over the internet by encrypting
data?
• A) HTTP
• B) TLS
• C) FTP
• Answer: B) TLS
• Explanation: TLS (Transport Layer Security) encrypts data in transit, providing confidentiality and
data integrity for internet communications.
8. What is the purpose of two-factor authentication (2FA)?
• A) To improve encryption strength
• B) To enhance user authentication security
• C) To simplify password management
• Answer: B) To enhance user authentication security
• Explanation: 2FA adds an extra layer of security by requiring two forms of verification, making
unauthorized access more difficult.
9. What best defines the concept of “least privilege” in access control?
• A) Granting users full system access
• B) Allowing only minimal required permissions
• C) Assigning permissions based on seniority
• Answer: B) Allowing only minimal required permissions
• Explanation: Least privilege ensures users only have access necessary for their tasks, minimizing
potential misuse of permissions.
10. Which type of malware is designed to spread across networks by itself?
• A) Virus
• B) Worm
• C) Trojan
• Answer: B) Worm
1. What is the primary purpose of encryption in data storage?
• A) Increase data accessibility
• B) Ensure data confidentiality
• C) Improve data processing speed
• Answer: B) Ensure data confidentiality
• Explanation: Encryption protects stored data by making it unreadable to unauthorized users,
ensuring confidentiality.
2. Which technique provides protection against SQL injection attacks?
• A) Data obfuscation
• B) Input validation
• C) Network segmentation
• Answer: B) Input validation
• Explanation: Input validation verifies and sanitizes user inputs, which prevents malicious SQL
code execution in databases.
3. Which access control model restricts access based on users' roles in an
organization?
• A) Discretionary Access Control (DAC)
• B) Role-Based Access Control (RBAC)
• C) Mandatory Access Control (MAC)
• Answer: B) Role-Based Access Control (RBAC)
• Explanation: RBAC assigns permissions based on roles, streamlining access control and ensuring
consistent permission assignment.
4. What is the main benefit of network segmentation in a security strategy?
• A) Reduces latency
• B) Increases traffic speed
• C) Limits attack spread within the network
• Answer: C) Limits attack spread within the network
• Explanation: Network segmentation isolates different parts of a network, containing potential
breaches and limiting the impact of an attack.
5. Which cryptographic function is used to verify data integrity?
• A) Encryption
• B) Hashing
• C) Tokenization
• Answer: B) Hashing
, • Explanation: Hashing creates a unique hash value for data, allowing verification of integrity by
comparing hash values.
6. What is the primary role of a Security Operations Center (SOC)?
• A) Deploying new applications
• B) Conducting risk assessments
• C) Monitoring and responding to security incidents
• Answer: C) Monitoring and responding to security incidents
• Explanation: A SOC continuously monitors systems for security incidents and responds promptly
to potential threats.
7. Which protocol secures data transmission over the internet by encrypting
data?
• A) HTTP
• B) TLS
• C) FTP
• Answer: B) TLS
• Explanation: TLS (Transport Layer Security) encrypts data in transit, providing confidentiality and
data integrity for internet communications.
8. What is the purpose of two-factor authentication (2FA)?
• A) To improve encryption strength
• B) To enhance user authentication security
• C) To simplify password management
• Answer: B) To enhance user authentication security
• Explanation: 2FA adds an extra layer of security by requiring two forms of verification, making
unauthorized access more difficult.
9. What best defines the concept of “least privilege” in access control?
• A) Granting users full system access
• B) Allowing only minimal required permissions
• C) Assigning permissions based on seniority
• Answer: B) Allowing only minimal required permissions
• Explanation: Least privilege ensures users only have access necessary for their tasks, minimizing
potential misuse of permissions.
10. Which type of malware is designed to spread across networks by itself?
• A) Virus
• B) Worm
• C) Trojan
• Answer: B) Worm
