PRACTICE EXAM 1 – CASP 2025
QUESTIONS AND ANSWERS
While conducting a penetration test of a web application, you enter the following URL,
http://test.diontraining.com/../../../../etc/shadow. What type of exploit are you
attempting? - ....ANSWER ...-Directory traversal
You are working as part of a penetration testing team during an engagement. A
coworker just entered "New-Service -Name "DionTrainingApp" -BinaryPathName
C:\Windows\temp\WindowsTools.exe" in PowerShell on the Windows server the team
exploited. What action is your coworker performing with this command? -
....ANSWER ...-To enable persistence on the server
You are planning an engagement with a new client. The client wants your penetration
testers to target their web and email servers that are hosted in a screened subnet and are
accessible to visitors over the Internet. Which target type best describes these targets? -
....ANSWER ...-External
You have been asked to help design a new architecture for Dion Training's website. The
current architecture involves a single server that hosts the website in its entirety. The
company's newest course has been creating a lot of interest on social media. The CIO is
concerned that the single server will not be able to handle the increased demand that
could result from this increased publicity. What technology should you implement in the
...©️ 2025, ALL RIGHTS RESERVED 1
, new architecture to allow multiple web servers to serve up the courses and meet this
expected increase in demand from new students? - ....ANSWER ...-Load balancer
You are conducting static analysis of an application's source code and see the following:
Based on this code snippet, which of the following security flaws exists in this
application? - ....ANSWER ...-Improper input validation
A forensic analyst needs to access a macOS encrypted drive that uses FileVault 2. Which
of the following methods is NOT a means of unlocking the volume? -
....ANSWER ...-Conduct a brute-force attack against the FileVault 2 encryption
As a SOC analyst, you receive an alert concerning a dramatic slowdown affecting the
company's e-commerce server due to the load balancer's critical failure. Your company
depends on online sales for all of its business, and you know the immediate impact of
this event will be a loss of sales. Which of the following is an appropriate classification of
the impact in terms of the total impact and notification requirements? (SELECT
THREE) - ....ANSWER ...-Organization impact is anticipated
Total impact includes a loss of customers
Notification of external authorities is optional
You are in the recovery steps of an incident response. Throughout the incident, your
team never successfully determined the root cause of the network compromise. Which of
the following options would you LEAST likely perform as part of your recovery and
...©️ 2025, ALL RIGHTS RESERVED 2
QUESTIONS AND ANSWERS
While conducting a penetration test of a web application, you enter the following URL,
http://test.diontraining.com/../../../../etc/shadow. What type of exploit are you
attempting? - ....ANSWER ...-Directory traversal
You are working as part of a penetration testing team during an engagement. A
coworker just entered "New-Service -Name "DionTrainingApp" -BinaryPathName
C:\Windows\temp\WindowsTools.exe" in PowerShell on the Windows server the team
exploited. What action is your coworker performing with this command? -
....ANSWER ...-To enable persistence on the server
You are planning an engagement with a new client. The client wants your penetration
testers to target their web and email servers that are hosted in a screened subnet and are
accessible to visitors over the Internet. Which target type best describes these targets? -
....ANSWER ...-External
You have been asked to help design a new architecture for Dion Training's website. The
current architecture involves a single server that hosts the website in its entirety. The
company's newest course has been creating a lot of interest on social media. The CIO is
concerned that the single server will not be able to handle the increased demand that
could result from this increased publicity. What technology should you implement in the
...©️ 2025, ALL RIGHTS RESERVED 1
, new architecture to allow multiple web servers to serve up the courses and meet this
expected increase in demand from new students? - ....ANSWER ...-Load balancer
You are conducting static analysis of an application's source code and see the following:
Based on this code snippet, which of the following security flaws exists in this
application? - ....ANSWER ...-Improper input validation
A forensic analyst needs to access a macOS encrypted drive that uses FileVault 2. Which
of the following methods is NOT a means of unlocking the volume? -
....ANSWER ...-Conduct a brute-force attack against the FileVault 2 encryption
As a SOC analyst, you receive an alert concerning a dramatic slowdown affecting the
company's e-commerce server due to the load balancer's critical failure. Your company
depends on online sales for all of its business, and you know the immediate impact of
this event will be a loss of sales. Which of the following is an appropriate classification of
the impact in terms of the total impact and notification requirements? (SELECT
THREE) - ....ANSWER ...-Organization impact is anticipated
Total impact includes a loss of customers
Notification of external authorities is optional
You are in the recovery steps of an incident response. Throughout the incident, your
team never successfully determined the root cause of the network compromise. Which of
the following options would you LEAST likely perform as part of your recovery and
...©️ 2025, ALL RIGHTS RESERVED 2
