CASP TEST 1 2025 QUESTIONS AND
ANSWERS
You are conducting a grep search on a log file using the following REGEX expression:
\b[A-Za-z0-9_%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b
Which of the following strings would be included in the output of the search? -
....ANSWER ...-
Which of the following security policies could help detect fraudulent cases that occur
even when other security controls are already in place? - ....ANSWER ...-
Mandatory Vacation
Keith wants to validate the application file that he downloaded from the vendor of the
application. Which of the following should he compare against the file to verify the
integrity of the downloaded application? - ....ANSWER ...-MD5 or SHA1 hash
digest of the file
You are conducting a quick nmap scan of a target network. You want to conduct an SYN
scan, but you don't have raw socket privileges on your workstation. Which of the
following commands should you use to conduct the SYN scan from your workstation? -
....ANSWER ...-nmap -sT (used when SYN scan (-sS) is not an option)
A new security appliance was installed on a network as part of a managed service
deployment. The vendor controls the appliance, and the IT team cannot log in or
...©️ 2025, ALL RIGHTS RESERVED 1
, configure it. The IT team is concerned about the appliance receiving the necessary
updates. Which of the following mitigations should be performed to minimize the
concern for the appliance and updates? - ....ANSWER ...-Vulnerability scanning
Dion Training installed a new router 183 days ago and it stopped working today due to a
faulty power supply. The network technicians replaced the power supply and the router
was returned to service within 4 hours. Which of the following terms would BEST
represent the 4-hour timeframe? - ....ANSWER ...-Mean time to repair (MTTR)
Which of the following should a domain administrator utilize to BEST protect their
endpoints from buffer overflow attacks? - ....ANSWER ...-Ensure ASLR is enabled
on the endpoint (feature that randomly arranges the address space of the memory so that
attacker cannot place their code into predetermined spots. Prevents buffer overflow,
difficult to determine location of executable files stored in RAM)
Which of the following cipher suites supports does not support the more secure
ephemeral key agreement mode? - ....ANSWER ...-
TLS_RSA_WITH_AES_256_CBC_SHA256
You have been asked to select the best endpoint security control to meet the following
requirement. The endpoint is a user workstation that is used by a typical office employee
to conduct basic office functions like word processing and creating spreadsheets. Your
organization wants to be able to determine if any unexpected behavior occurs on the
endpoint or the system state is changed. Which of the following endpoint security
controls would create alerts based on signature rules matching known malicious activity
on the endpoint? - ....ANSWER ...-HIDS
...©️ 2025, ALL RIGHTS RESERVED 2
ANSWERS
You are conducting a grep search on a log file using the following REGEX expression:
\b[A-Za-z0-9_%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,6}\b
Which of the following strings would be included in the output of the search? -
....ANSWER ...-
Which of the following security policies could help detect fraudulent cases that occur
even when other security controls are already in place? - ....ANSWER ...-
Mandatory Vacation
Keith wants to validate the application file that he downloaded from the vendor of the
application. Which of the following should he compare against the file to verify the
integrity of the downloaded application? - ....ANSWER ...-MD5 or SHA1 hash
digest of the file
You are conducting a quick nmap scan of a target network. You want to conduct an SYN
scan, but you don't have raw socket privileges on your workstation. Which of the
following commands should you use to conduct the SYN scan from your workstation? -
....ANSWER ...-nmap -sT (used when SYN scan (-sS) is not an option)
A new security appliance was installed on a network as part of a managed service
deployment. The vendor controls the appliance, and the IT team cannot log in or
...©️ 2025, ALL RIGHTS RESERVED 1
, configure it. The IT team is concerned about the appliance receiving the necessary
updates. Which of the following mitigations should be performed to minimize the
concern for the appliance and updates? - ....ANSWER ...-Vulnerability scanning
Dion Training installed a new router 183 days ago and it stopped working today due to a
faulty power supply. The network technicians replaced the power supply and the router
was returned to service within 4 hours. Which of the following terms would BEST
represent the 4-hour timeframe? - ....ANSWER ...-Mean time to repair (MTTR)
Which of the following should a domain administrator utilize to BEST protect their
endpoints from buffer overflow attacks? - ....ANSWER ...-Ensure ASLR is enabled
on the endpoint (feature that randomly arranges the address space of the memory so that
attacker cannot place their code into predetermined spots. Prevents buffer overflow,
difficult to determine location of executable files stored in RAM)
Which of the following cipher suites supports does not support the more secure
ephemeral key agreement mode? - ....ANSWER ...-
TLS_RSA_WITH_AES_256_CBC_SHA256
You have been asked to select the best endpoint security control to meet the following
requirement. The endpoint is a user workstation that is used by a typical office employee
to conduct basic office functions like word processing and creating spreadsheets. Your
organization wants to be able to determine if any unexpected behavior occurs on the
endpoint or the system state is changed. Which of the following endpoint security
controls would create alerts based on signature rules matching known malicious activity
on the endpoint? - ....ANSWER ...-HIDS
...©️ 2025, ALL RIGHTS RESERVED 2
