CompTIA CASP+ Security Architecture Test 5 with 100% Correct answers
1. What is the primary purpose of using firewalls in network security?
• A) To encrypt data in transit
• B) To monitor network traffic for anomalies
• C) To filter incoming and outgoing traffic based on security rules
• Answer: C) To filter incoming and outgoing traffic based on security rules
• Explanation: Firewalls are designed to enforce a set of security policies by allowing or blocking
traffic based on predetermined rules.
2. Which encryption standard is widely used for securing wireless networks?
• A) DES
• B) WPA2
• C) SSL
• Answer: B) WPA2
• Explanation: WPA2 (Wi-Fi Protected Access 2) is the standard for securing wireless networks
and offers strong encryption protocols.
3. What is the concept of "defense in depth"?
• A) Relying on a single security layer
• B) Implementing multiple layers of security controls
• C) Removing redundant security measures
• Answer: B) Implementing multiple layers of security controls
• Explanation: Defense in depth is a security strategy that uses multiple layers of security controls
to protect against various threats, ensuring that if one layer fails, others still provide protection.
4. Which type of malware is designed to replicate itself and spread to other
devices?
• A) Trojan
• B) Worm
• C) Ransomware
• Answer: B) Worm
• Explanation: A worm is a type of malware that self-replicates and spreads independently to
other devices without user intervention.
5. What is the role of a digital signature?
• A) To encrypt data
• B) To verify the authenticity and integrity of a message
• C) To compress files for storage
• Answer: B) To verify the authenticity and integrity of a message
, • Explanation: Digital signatures use cryptographic techniques to confirm that a message or
document is from a legitimate source and has not been altered.
6. Which access control model allows users to grant access to their own
resources?
• A) Mandatory Access Control (MAC)
• B) Discretionary Access Control (DAC)
• C) Role-Based Access Control (RBAC)
• Answer: B) Discretionary Access Control (DAC)
• Explanation: DAC allows owners of resources to make decisions on who can access those
resources, providing flexibility in permissions.
7. What does a security incident response plan typically include?
• A) Guidelines for improving employee productivity
• B) Steps for detecting, responding to, and recovering from security incidents
• C) Policies for data encryption
• Answer: B) Steps for detecting, responding to, and recovering from security incidents
• Explanation: An incident response plan outlines procedures for effectively managing and
mitigating security incidents to minimize impact.
8. Which of the following is an example of a passive security control?
• A) Intrusion prevention system
• B) Firewalls
• C) Security cameras
• Answer: C) Security cameras
• Explanation: Security cameras are passive controls that monitor activities and record events but
do not actively prevent incidents.
9. What is a common use case for multi-factor authentication (MFA)?
• A) To encrypt sensitive files
• B) To enhance user access control by requiring additional verification methods
• C) To monitor network traffic for intrusions
• Answer: B) To enhance user access control by requiring additional verification methods
• Explanation: MFA improves security by requiring users to provide multiple forms of verification,
making it harder for unauthorized users to gain access.
10. What does the acronym "SIEM" stand for in cybersecurity?
• A) Security Information and Event Management
• B) Security Infrastructure and Endpoint Management
• C) System Integration and Event Monitoring
• Answer: A) Security Information and Event Management
1. What is the primary purpose of using firewalls in network security?
• A) To encrypt data in transit
• B) To monitor network traffic for anomalies
• C) To filter incoming and outgoing traffic based on security rules
• Answer: C) To filter incoming and outgoing traffic based on security rules
• Explanation: Firewalls are designed to enforce a set of security policies by allowing or blocking
traffic based on predetermined rules.
2. Which encryption standard is widely used for securing wireless networks?
• A) DES
• B) WPA2
• C) SSL
• Answer: B) WPA2
• Explanation: WPA2 (Wi-Fi Protected Access 2) is the standard for securing wireless networks
and offers strong encryption protocols.
3. What is the concept of "defense in depth"?
• A) Relying on a single security layer
• B) Implementing multiple layers of security controls
• C) Removing redundant security measures
• Answer: B) Implementing multiple layers of security controls
• Explanation: Defense in depth is a security strategy that uses multiple layers of security controls
to protect against various threats, ensuring that if one layer fails, others still provide protection.
4. Which type of malware is designed to replicate itself and spread to other
devices?
• A) Trojan
• B) Worm
• C) Ransomware
• Answer: B) Worm
• Explanation: A worm is a type of malware that self-replicates and spreads independently to
other devices without user intervention.
5. What is the role of a digital signature?
• A) To encrypt data
• B) To verify the authenticity and integrity of a message
• C) To compress files for storage
• Answer: B) To verify the authenticity and integrity of a message
, • Explanation: Digital signatures use cryptographic techniques to confirm that a message or
document is from a legitimate source and has not been altered.
6. Which access control model allows users to grant access to their own
resources?
• A) Mandatory Access Control (MAC)
• B) Discretionary Access Control (DAC)
• C) Role-Based Access Control (RBAC)
• Answer: B) Discretionary Access Control (DAC)
• Explanation: DAC allows owners of resources to make decisions on who can access those
resources, providing flexibility in permissions.
7. What does a security incident response plan typically include?
• A) Guidelines for improving employee productivity
• B) Steps for detecting, responding to, and recovering from security incidents
• C) Policies for data encryption
• Answer: B) Steps for detecting, responding to, and recovering from security incidents
• Explanation: An incident response plan outlines procedures for effectively managing and
mitigating security incidents to minimize impact.
8. Which of the following is an example of a passive security control?
• A) Intrusion prevention system
• B) Firewalls
• C) Security cameras
• Answer: C) Security cameras
• Explanation: Security cameras are passive controls that monitor activities and record events but
do not actively prevent incidents.
9. What is a common use case for multi-factor authentication (MFA)?
• A) To encrypt sensitive files
• B) To enhance user access control by requiring additional verification methods
• C) To monitor network traffic for intrusions
• Answer: B) To enhance user access control by requiring additional verification methods
• Explanation: MFA improves security by requiring users to provide multiple forms of verification,
making it harder for unauthorized users to gain access.
10. What does the acronym "SIEM" stand for in cybersecurity?
• A) Security Information and Event Management
• B) Security Infrastructure and Endpoint Management
• C) System Integration and Event Monitoring
• Answer: A) Security Information and Event Management
