Limited Time Discount Offer 30% Off - Ends in 02:00:00

×

CompTIA CA1-001 Exam - CompTIA Advanced Security Practitioner (CASP) Beta

Questions & Answers for CompTIA CA1-001

Showing 1-15 of 208 Questions

Question #1 - Topic 1

_____________applies enterprise architecture concepts and practices in the information
security domain.

A. ESA

B. OWASP

C. OVAL

D. AAR

Explanation:
Enterprise Security Architecture (ESA) is a system for applying network architecture
principles and guidelines to network security.
Answer option D is incorrect. An After Action Report (AAR) is conducted to assess what
went wrong after a breach.
Answer option C is incorrect. Open Vulnerability and Assessment Language (OVAL) is a
standard to assess vulnerabilities in a system.
Answer option B is incorrect. The Open Web Application Security Project (OWASP) is a set
of standards for security web applications.

Question #2 - Topic 1

Which of the following statements are true about capability-based security?

A. It is a concept in the design of secure computing systems, one of the existing security models.

B. It is a computer security model based on the Actor model of computation.

C. It is a scheme used by some computers to control access to memory.

D. It is a concept in the design of secure computing systems.

Explanation:
Capability-based security is a concept in the design of secure computing systems. A
capability (known in some systems as a key) is a communicable, unforgivable token of
authority. It refers to a value that references an object along with an associated set of
access rights. A user program on a capability-based operating system must use a
capability to access an object. Capability-based security refers to the principle of designing
user programs such that they directly share capabilities with each other according to the
principle of least privilege, and to the operating system infrastructure necessary to make
such transactions efficient and secure.
Although most operating systems implement a facility which resembles capabilities, they
typically do not provide enough support to allow for the exchange of capabilities among
possibly mutually untrusting entities to be the primary means of granting and distributing
access rights throughout the system. A capability-based system, in contrast, is designed
with that goal in mind.
Answer options B, C, and A are incorrect. These are not correct statements about
capability-based security.

Question #3 - Topic 1

Which of the following refers to an operating system that provides sufficient support for
multilevel security and evidence of correctness to meet a particular set of government
requirements?

A. Trusted OS

B. Distributed operating system

C. Network operating system

D. Real time operating system

Explanation:
Trusted Operating System (TOS) refers to an operating system that provides sufficient
support for multilevel security and evidence of correctness to meet a particular set of
government requirements.
The Common Criteria, combined with the Security Functional Requirements (SFRs) for
Labeled Security Protection Profile (LSPP) and Mandatory Access Control(MAC) is the
most common set of criteria for trusted operating system design. The Common Criteria is
the outcome of a multi-year effort by the governments of the U.S., Canada. United
Kingdom, France, Germany- the Netherlands and other countries with an aim to develop a
harmonized security criteria for IT products.
Answer option D is incorrect. A real-time operating system (RTOS) is an operating system
used to serve real-time application requests. It is an operating system that guarantees a
certain capability within a specified time constraint. A key characteristic of an RTOS is the
level of its consistency concerning the amount of time it takes to accept and complete an
application s task. A real-time OS has an advanced algorithm for scheduling and is more
frequently dedicated to a narrow set of applications.
Answer option C is incorrect. The network operating system (NOS) manages resources on
a network, offers services to one or more clients, and enables clients to access remote
drives as if the drives where on clients own computer. The functions provided by a network
operating system are as follows:
File and print sharing
Account administration for users
Security
Answer option B is incorrect. A distributed operating system is the logical aggregation of
operating system software over a collection of independent, networked, communicating,
and spatially disseminated computational nodes.

Question #4 - Topic 1

Which of the following are the reasons to use SAN?
Each correct answer represents a complete solution. Choose all that apply.

A. Faster backup of large amounts of data

B. Fast and extensive disaster recovery

C. Better disk utilization

D. Cost effectiveness

E. Better availability for applications

Explanation:
Reasons to use SAN are as follows:
Better disk utilization
Fast and extensive disaster recovery
Better availability for applications
Faster backup of large amounts of data
Answer option D is incorrect. Installing SAN is expensive and it is not a reason to use SAN.

Question #5 - Topic 1

In which of the following level of likelihood is the threat-source highly motivated and
sufficiently capable, and controls to prevent the vulnerability from being exercised are
ineffective?

A. Average

B. Low

C. High

D. Medium

Explanation: Answer option C is correct. Following are the three levels of likelihood:
High: In this level, the threat-source is highly motivated and sufficiently capable, and
controls to prevent the vulnerability from being exercised are ineffective.
Medium: In this level the threat-source is motivated and capable, but controls are in place
that may impede successful exercise of the vulnerability.
Low: In this level, the threat-source lacks motivation or capability, or controls are in place
to prevent, or at least significantly impede, the vulnerability from being exercised.

Question #6 - Topic 1

Which of the following terms is about communicating the user's need and ability to
communicate, and the medium through which that communication may occur?

A. Data sharing

B. Presence

C. Instant messaging

D. Audio conferencing

Explanation:
Presence, in the world of telephony, is about communicating the user's need and ability to
communicate, and the medium through which that communication may occur. If a user is
connected to the Internet, presence may dictate that the user wants to be reached through
the medium of IP telephony. The point of presence is to allow the user to be located and
contacted wherever the user is physically using the preferred method of the user.
Answer option A is incorrect. Data sharing is one important element of collaboration. H.323
also offers data sharing as an optional capability. Data sharing is the practice of making
data used for scholarly research available to other investigators.
Answer option D is incorrect. Audio conferencing is a method of communication in which
the calling party wishes to have more than one called party listens in to the audio portion of
the call. The conference calls may be designed to allow the called party to participate
during the call, or the call may be set up so that the called party merely listens into the call
and cannot speak. It can be designed so that the calling party calls the other participants
and adds them to the call.
Answer option C is incorrect. Instant messaging (IM) is a form of real-time direct text-based
communication between two or more people using personal computers or other devices,
along with shared software clients. The user's text is conveyed over a network, such as the
Internet. More advanced instant messaging software clients also allow enhanced modes of
communication, such as live voice or video calling.
IM falls under the umbrella term online chat, as it is a real-time text-based networked
communication system, but is distinct in that it is based on clients that facilitate connections
between specified known users (often using Buddy List, Friend List or Contact List),
whereas online chat also includes web-based applications that allow communication
between users in a multi-user environment.

Question #7 - Topic 1

In which of the following attacks does an attacker intercept call-signaling SIP message
traffic and masquerade as the calling party to the called party and vice-versa?

A. Call tampering

B. Man-in-the-middle

C. Eavesdropping

D. Denial of Service

Explanation: VoIP is more vulnerable to man-in-the-middle attacks. In the man-in-the-
middle attack, the attacker intercepts call-signaling SIP message traffic and masquerades
as the calling party to the called party, and vice-versa. The attacker can hijack calls via a
redirection server after gaining this position.
Answer option A is incorrect. Call tampering involves tampering a phone call in progress.
Answer option D is incorrect. DoS attacks occur by flooding a target with unnecessary SIP
call-signaling messages. It degrades the service and causes calls to drop prematurely and
halts call processing.
Answer option C is incorrect. In eavesdropping, hackers steal credentials and other
information.

Question #8 - Topic 1

Which of the following elements are essential elements of a privacy policy? Each correct
answer represents a complete solution. Choose two.

A. Opt-out provision

B. Reliability

C. Availability

D. Notification

Explanation:
The essential elements of a privacy policy, which provides a high-level management
statement of direction, are notifications and opt-out provisions.

Question #9 - Topic 1

Which is the process of comparing the business processes and performance metrics
including cost, cycle time, productivity, or quality?

A. Agreement

B. Service Improvement Plan

C. Benchmarking

D. COBIT

Explanation:
Benchmarking is also recognized as Best Practice Benchmarking or Process
Benchmarking. It is a process used in management and mostly useful for strategic
management. It is the process of comparing the business processes and performance
metrics including cost, cycle time, productivity, or quality to another that is widely
considered to be an industry standard benchmark or best practice. It allows organizations
to develop plans on how to implement best practice with the aim of increasing some aspect
of performance.
Benchmarking might be a one-time event, although it is frequently treated as a continual
process in which organizations continually seek out to challenge their practices. It allows
organizations to develop plans on how to make improvements or adapt specific best
practices, usually with the aim of increasing some aspect of performance.
Answer option A is incorrect. COBIT stands for Control Objectives for Information and
Related Technology. COBIT is a set of best practices (framework) for information
technology (IT) management created by the Information Systems Audit and Control
Association (ISACA), and the IT Governance Institute (ITGI) in 1996. COBIT provides
managers, auditors, and IT users with a set of generally accepted measures, indicators,
processes, and best practices to assist them in maximizing the benefits derived through the
use of information technology and developing appropriate IT governance and control in a
company.
Answer options B and D are incorrect. These are not valid options.

Question #10 - Topic 1

You work as a System Administrator for uCertify Inc. The company has a Windows-based
network. A user requests you to provide him instructions regarding the installation of
application softwares on his computer. You want to show the user how to perform the
configuration by taking control of his desktop. Which of the following tools will you use to
accomplish the task?

A. Remote desktop

B. Task Manager

C. Remote Assistance

D. Computer Management

Explanation:
In order to accomplish the task, you should use the Remote Assistance tool. By using
Remote Assistance, you can take shared control of the users desktop, which will allow you
to perform the necessary configurations on the shared desktop while the remote user is
watching it straight away.

Question #11 - Topic 1

Which of the following teams has the responsibility of accounting for personnel and
rendering aid?

A. Physical security team

B. Emergency response team

C. Emergency management team

D. Damage assessment team

Explanation:
The emergency response team has the responsibility of accounting for personnel and
rendering aid. The emergency response team includes fire wardens for each floor and
those persons trained in administering first aid.
Answer option D is incorrect. The damage assessment team assesses the damage of the
disaster in order to provide the estimate of time required to recover.
Answer option A is incorrect. The physical security team addresses crowd control and
security and operates 24 hours a day to protect individuals and organizational assets.
Answer option C is incorrect. The Emergency management team consists of executives
and line managers to make strong decisions at the Emergency Operations Center. This
team coordinates with the managers still operating on undamaged areas of the business
and makes decisions about the allocation of personnel necessary to support the response
and recovery efforts. The leaders of each team report to the emergency management
team.

Question #12 - Topic 1

Juan is working as a Security Administrator for a credit card processing company. He is
concerned about PCI compliance and so, he uses network segmentation. How does
segmentation help Juan?

A. Segmentation would help prevent viruses.

B. Segmentation reduces the scope of machines that need to be PCI compliant.

C. Segmentation is required by PCI regulations.

D. Segmentation would have no effect.

Explanation:
By segmenting the network, Juan reduces the number of machines that require PCI
compliance, and thus makes PCI administration simpler.
Answer option C is incorrect, PCI regulations does not require network segmentation.
Answer option D is incorrect. By reducing the scope of network that requires segmentation,
it is easier to maintain compliance.
Answer option A is incorrect. Segmentation may slow down the spread of a virus, but the
impact of segmentation on viruses is based on what is done in each segment, not the
segmentation itself.

Question #13 - Topic 1

Which of the following is a written document and is used in those cases where parties do
not imply a legal commitment or in those situations where the parties are unable to create a
legally enforceable agreement?

A. Patent law

B. Memorandum of understanding (MOU)

C. Memorandum of agreement (MOA)

D. Certification and Accreditation (COA or CnA)

Explanation:
A memorandum of understanding (MOU) is a document that defines a bilateral or
multilateral agreement between two parties. This document specifies a convergence of will
between the parties, representing a proposed common line of action. A memorandum of
understanding is generally used in those cases where parties do not imply a legal
commitment or in those situations where the parties are unable to create a legally
enforceable agreement. It is a proper substitute of a gentlemen's agreement.
Answer option A is incorrect. Patent laws are used to protect the duplication of software.
Software patents cover the algorithms and techniques that are used in creating the
software. It does not cover the entire program of the software. Patents give the author the
right to make and sell his product. The time of the patent of a product is limited though, i.e.,
the author of the product has the right to use the patent for only a specific length of time.
Answer option C is incorrect. A memorandum of agreement (MOU) is a document that is
written between two parties to cooperatively work together on a project for meeting the pre-
decided objectives. The principle of an MOA is to keep a written understanding of the
agreement between two parties.
A memorandum of agreement is used in various heritage projects. It can also be used
between agencies, the public and the federal or state governments, communities, and
individuals. A memorandum of agreement (MOA) lays out the main principles of a positive
cooperative effort.
Answer option D is incorrect. Certification and Accreditation (C&A or CnA) is a process for
implementing information security. It is a systematic procedure for evaluating, describing,
testing, and authorizing systems prior to or after a system is in operation. The C8A process
is used extensively in the U.S. Federal Government. Some C&A processes include FISMA,
NIACAP, DIACAP, and DCID 6/3.
Certification is a comprehensive assessment of the management, operationa

Question #14 - Topic 1

Which of the following is a flexible set of design principles used during tine phases of
systems development and integration?

A. Service-oriented modeling framework (SOMF)

B. Sherwood Applied Business Security Architecture (SABSA)

C. Service-oriented modeling and architecture (SOMA)

D. Service-oriented architecture (SOA)

Explanation:
A service-oriented architecture (SOA) is a flexible set of design principles used during the
phases of systems development and integration. A deployed SOA-based architecture will
provide a loosely integrated suite of services that can be used within multiple business
domains. SOA also generally provides a way for consumers of services, such as web-
based applications- to be aware of available SOA-based services.
Answer option C is incorrect. The service-oriented modeling and architecture (SOMA)
includes an analysis and design method that extends traditional object-oriented and
component-based analysis and design methods to include concerns relevant to and
supporting SOA.
Answer option A is incorrect. The service-oriented modeling framework (SOMF) has been
proposed by author Michael 8ell as a service-oriented modeling language for software
development that employs disciplines and a holistic language to provide strategic solutions
to enterprise problems.
The service-oriented modeling framework (SOMF) is a service-oriented development life
cycle methodology. It offers a number of modeling practices and disciplines that contribute
to a successful service-oriented life cycle management and modeling. The service-oriented
modeling framework illustrates the major elements that identify the "what to do" aspects of
a service development scheme.
Answer option B is incorrect. SABSA (Sherwood Applied Business Security Architecture) is
a framework and methodology for Enterprise Security Architecture and Service
Management. It is a model and a methodology for developing risk-driven enterprise
information security architectures and for delivering security infrastructure solutions that
support critical business initiatives.

Question #15 - Topic 1

Which of the following is a structured review process to analyze what happened, why it
happened, and how it can be done better, by the participants and those responsible for the
project or event?

A. After action report

B. After action analysis

C. After action summary

D. After action review

Explanation:
An after action review (AAR) is a structured review process to analyze what happened, why
it happened, and how it can be done better, by the participants and those responsible for
the project or event. It occurs within a cycle of establishing the leader's intent, planning,
preparation, action and review.
Answer options A, B, and C are incorrect. These are not valid options.

You Need Avanset VCE Player in Order to Open VCE Files

AUTUMN SALE: 30% DISCOUNT
This is ONE TIME OFFER

You save
30%

Enter Your Email Address to Receive Your 30% Discount Code

AUTUMN SALE: 30% DISCOUNT

You save
30%

Use Discount Code:

A confirmation link was sent to your e-mail.

Please check your mailbox for a message from support@exam-labs.com and follow the directions.