CASP: A-D EXAM 2025 QUESTIONS
AND ANSWERS
802.11 - ....ANSWER ...-A wireless specification created by the Institute of
Electrical and Electronics Engineers (IEEE) that helped globally standardize wireless
local area network communications.
802.1x - ....ANSWER ...-A port-based network access control method that requires
users to authenticate prior to connecting to a wired or wireless network.
acceptable use policy (AUP) - ....ANSWER ...-A policy that states what employee
responsibilities are with respect to accessing and using information resources within the
organization.
acceptance testing - ....ANSWER ...-A testing method used to determine if
software is performing in a way that is acceptable to users based on business
requirements.
access control list (ACL) - ....ANSWER ...-In terms of file systems, it's a list of
permissions by user, computer, and group accounts, associated with a specific object.
Active Directory (AD) - ....ANSWER ...-A Microsoft Windows directory service
technology that pro- vides a structured, secure, and hierarchical object database for a
network including users, computers, group policies, printers, and other services.
...©️ 2025, ALL RIGHTS RESERVED 1
,ActiveX - ....ANSWER ...-A Microsoft software framework designed for Internet
Explorer, built on object-oriented programming technologies, for the purpose of running
dynamic media content.
Address Space Layout Randomization (ASLR) - ....ANSWER ...-Involves the
operating system randomizing the operating locations of various portions of an
application (such as the application executable, APIs, libraries, and heap memory) in
order to confuse a hacker's attempt at predicting a buffer overflow target.
Advanced Encryption Standard (AES) - ....ANSWER ...-A symmetric block
encryption algorithm adopted by the U.S. government and widely used to encrypt data.
after-action report - ....ANSWER ...-A post-incident process that implements the
security recommendations gleaned from the lessons-learned report.
Agile - ....ANSWER ...-An accelerated development approach that favors smaller
milestones, reduced long-term planning, and the ability to revisit previous phases
without restriction.
alert fatigue - ....ANSWER ...-The result of administrators no longer monitoring
alerts due to too many false positives.
Algorithm - ....ANSWER ...-A step-by-step mathematical process frequently used
for cryptography.
annualized loss expectancy (ALE) - ....ANSWER ...-The expected monetary loss
associated with an asset and a specific risk over a one-year period. It can be expressed as
the product of the single loss expectancy (SLE) and the annualized rate of occurrence
(ARO).
...©️ 2025, ALL RIGHTS RESERVED 2
, annualized rate of occurrence (ARO) - ....ANSWER ...-The probability that a
specific risk will occur in a single year.
artificial intelligence (AI) - ....ANSWER ...-Involves computers performing tasks
with a human-like intelligence.
Asynchronous JavaScript and XML (AJAX) - ....ANSWER ...-A common
programming methodology used to improve the end-user experience in web applications
by permitting web applications to send and retrieve data from a server in the background
without interfering with the content of the existing page.
Attestation - ....ANSWER ...-The act of certifying some element to be true and
doing so in a fashion that provides a form of evidence as to its authenticity.
Audit - ....ANSWER ...-The process of inspecting organizational records and
processes to determine compliance with requirements.
Authentication - ....ANSWER ...-The process of verifying the legitimacy of a
claimed identity.
Authentication, Authorization, and Accounting (AAA) - ....ANSWER ...-The set of
security services used to manage the critical functions of determining identity,
permissions, and activity tracking.
Authentication Header (AH) - ....ANSWER ...-A protocol from the IPSec suite that
provides integrity, data origin authentication, and protection from replay attacks. AH
does not provide confidentiality.
Authorization - ....ANSWER ...-The process of determining the access scope and
permissions a user has to resources.
...©️ 2025, ALL RIGHTS RESERVED 3
AND ANSWERS
802.11 - ....ANSWER ...-A wireless specification created by the Institute of
Electrical and Electronics Engineers (IEEE) that helped globally standardize wireless
local area network communications.
802.1x - ....ANSWER ...-A port-based network access control method that requires
users to authenticate prior to connecting to a wired or wireless network.
acceptable use policy (AUP) - ....ANSWER ...-A policy that states what employee
responsibilities are with respect to accessing and using information resources within the
organization.
acceptance testing - ....ANSWER ...-A testing method used to determine if
software is performing in a way that is acceptable to users based on business
requirements.
access control list (ACL) - ....ANSWER ...-In terms of file systems, it's a list of
permissions by user, computer, and group accounts, associated with a specific object.
Active Directory (AD) - ....ANSWER ...-A Microsoft Windows directory service
technology that pro- vides a structured, secure, and hierarchical object database for a
network including users, computers, group policies, printers, and other services.
...©️ 2025, ALL RIGHTS RESERVED 1
,ActiveX - ....ANSWER ...-A Microsoft software framework designed for Internet
Explorer, built on object-oriented programming technologies, for the purpose of running
dynamic media content.
Address Space Layout Randomization (ASLR) - ....ANSWER ...-Involves the
operating system randomizing the operating locations of various portions of an
application (such as the application executable, APIs, libraries, and heap memory) in
order to confuse a hacker's attempt at predicting a buffer overflow target.
Advanced Encryption Standard (AES) - ....ANSWER ...-A symmetric block
encryption algorithm adopted by the U.S. government and widely used to encrypt data.
after-action report - ....ANSWER ...-A post-incident process that implements the
security recommendations gleaned from the lessons-learned report.
Agile - ....ANSWER ...-An accelerated development approach that favors smaller
milestones, reduced long-term planning, and the ability to revisit previous phases
without restriction.
alert fatigue - ....ANSWER ...-The result of administrators no longer monitoring
alerts due to too many false positives.
Algorithm - ....ANSWER ...-A step-by-step mathematical process frequently used
for cryptography.
annualized loss expectancy (ALE) - ....ANSWER ...-The expected monetary loss
associated with an asset and a specific risk over a one-year period. It can be expressed as
the product of the single loss expectancy (SLE) and the annualized rate of occurrence
(ARO).
...©️ 2025, ALL RIGHTS RESERVED 2
, annualized rate of occurrence (ARO) - ....ANSWER ...-The probability that a
specific risk will occur in a single year.
artificial intelligence (AI) - ....ANSWER ...-Involves computers performing tasks
with a human-like intelligence.
Asynchronous JavaScript and XML (AJAX) - ....ANSWER ...-A common
programming methodology used to improve the end-user experience in web applications
by permitting web applications to send and retrieve data from a server in the background
without interfering with the content of the existing page.
Attestation - ....ANSWER ...-The act of certifying some element to be true and
doing so in a fashion that provides a form of evidence as to its authenticity.
Audit - ....ANSWER ...-The process of inspecting organizational records and
processes to determine compliance with requirements.
Authentication - ....ANSWER ...-The process of verifying the legitimacy of a
claimed identity.
Authentication, Authorization, and Accounting (AAA) - ....ANSWER ...-The set of
security services used to manage the critical functions of determining identity,
permissions, and activity tracking.
Authentication Header (AH) - ....ANSWER ...-A protocol from the IPSec suite that
provides integrity, data origin authentication, and protection from replay attacks. AH
does not provide confidentiality.
Authorization - ....ANSWER ...-The process of determining the access scope and
permissions a user has to resources.
...©️ 2025, ALL RIGHTS RESERVED 3
