D488 CYBERSECURITY ARCHITECTURE AND ENGINEERING (CASP+)

D488 CYBERSECURITY
ARCHITECTURE AND
ENGINEERING (CASP+)
"An organization is developing a new telemedicine platform to provide remote healthcare
services to patients and has asked a cybersecurity analyst to help develop a risk management
plan for the new platform.

What is the correct sequence of steps in the risk management process in this scenario?

A) Identify business assets, identify known vulnerabilities, identify threats, identify business
impact, and identify risk response
B) Identify known vulnerabilities, identify business assets, identify threats, identify business
impact, and identify risk response
C) Identify business impact, identify known vulnerabilities, identify business assets, identify
threats, and identify risk response
D) Identify known vulnerabilities, identify business impact, identify business assets, identify
threats, and identify risk response - CORRECT ANSWER=> A) Identify business assets, identify
known vulnerabilities, identify threats, identify business impact, and identify risk response"

"A large financial institution has experienced a significant increase in phishing attacks targeting
its employees. The institution is concerned about the potential financial and reputational
damages caused by a successful phishing attack.

Which security control will mitigate the risk of a successful phishing attack on the financial
institution's employees?

A) Conducting regular security awareness training for employees

1|Page

,B) Implementing network segmentation to isolate sensitive data
C) Enforcing strong password policies for all employees
D) Installing antivirus software on all employee devices - CORRECT ANSWER=> A) Conducting
regular security awareness training for employees"

"A marketing agency has discovered a known vulnerability in its web content management
system. The system contains a large number of obsolete and insecure snapshots of virtual
machines, which can potentially be exploited by attackers to compromise the web content
management system. The agency has decided to implement hardening techniques and endpoint
security controls to mitigate the risk.

Which technique will meet the needs of this agency?

A) Removing outdated and unsecured images and templates
B) Implementing a web application firewall to monitor incoming traffic
C) Enforcing strict access control policies for all users
D) Conducting regular penetration testing to identify potential vulnerabilities - CORRECT
ANSWER=> A) Removing outdated and unsecured images and templates"


"A manufacturing company is concerned about the potential risks associated with firmware
attacks on its industrial control systems. The company has decided to implement hardening
techniques and endpoint security controls to mitigate the risk.

Which hardening technique will meet the needs of the company?

A) Regularly updating and securing firmware
B) Enforcing strict access control policies for all users
C) Implementing a host-based intrusion detection and prevention system
D) Conducting regular security awareness training for employees - CORRECT ANSWER=> A)
Regularly updating and securing firmware"

"A financial institution is concerned about the potential risks associated with unauthorized
access to sensitive data on its servers. The company has decided to implement hardening
techniques and endpoint security controls to mitigate the risk.

Which technique will provide a secure operating system with access controls for user
applications?



2|Page

,A) SELinux
B) Multifactor authentication (MFA) for user accounts
C) Regular vulnerability assessments and penetration testing
D) Windows 10 - CORRECT ANSWER=> A) SELinux"

"A company is concerned about the security of its network and wants to implement a control
that will allow only preapproved software to run on its endpoints.

Which control should the company implement to achieve this goal?

A) Allowlisting
B) Blacklisting
C) Encryption
D) Multifactor authentication - CORRECT ANSWER=> A) Allowlisting"

"A company is concerned about the potential risks associated with unauthorized access to its
cloud infrastructure. The company has decided to implement security controls to mitigate the
risk.

Which actions can ensure the integrity and authenticity of the cloud infrastructure and
applications?

A) Implementing attestation services
B) Implementing a load balancer to distribute traffic
C) Conducting regular vulnerability assessments and penetration testing
D) Using a web application firewall - CORRECT ANSWER=> A) Implementing attestation services"

"A company is looking to protect sensitive data stored on its storage devices and ensure that
this data is secure from unauthorized access. The company is looking for a solution that
provides a high level of security and protection for its data.

Which security technology will protect sensitive data stored on the company's storage devices
by automatically initiating security procedures as they are written to the device?

A) Self-encrypting drives
B) Hardware security module (HSM)
C) Two-factor authentication
D) Measured boot - CORRECT ANSWER=> A) Self-encrypting drives"

3|Page

, "A company is concerned about advanced persistent threats and targeted attacks on its
computer systems. The company wants to implement a security solution that can detect and
respond to any suspicious activity on its systems.

Which security technology meets the needs of this company?

A) Endpoint detection and response (EDR) software
B) Hardware security module (HSM)
C) Two-factor authentication
D) Antivirus tools - CORRECT ANSWER=> A) Endpoint detection and response (EDR) software"

"An enterprise is deploying a new software application that requires a cryptographic protocol to
secure data transmission. The application will be used to process sensitive customer
information, and the company wants to ensure that the data is protected during transmission.

Which cryptographic protocol meets the needs of the enterprise?

A) Transport Layer Security (TLS) with Advanced Encryption Standard (AES)
B) Secure Sockets Layer (SSL) with Data Encryption Standard (DES)
C) Point-to-Point Tunneling Protocol (PPTP) with Triple Data Encryption Standard (3DES)
D) Hypertext Transfer Protocol Secure (HTTPS) with Rivest-Shamir-Adleman (RSA) - CORRECT
ANSWER=> A) Transport Layer Security (TLS) with Advanced Encryption Standard (AES)"


"Which emerging technology has the potential to significantly impact the security of current
encryption methods by making it possible to quickly solve mathematical problems that are
currently considered difficult or impossible to solve?

A) Quantum computing
B) Blockchain
C) Artificial intelligence (AI)
D) Augmented reality (AR) - CORRECT ANSWER=> A) Quantum computing"

"Which public-key cryptosystem uses prime factorization as the basis for its security?

A) Rivest-Shamir-Adleman (RSA)
B) Digital Signature Algorithm (DSA)
C) Elliptic Curve Digital Signature Algorithm (ECDSA)

4|Page