Home > CompTIA Advanced Security Practitioner (CASP+) > Quizzes > CompTIA CASP+ CAS-004 Skill Assessment Test 1
CompTIA CASP+ CAS-004 Skill Assessment Test 1
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 0% Most missed: “Your IT Security Head or the CISO is concerned that systems administrators with …”

Test of Advanced Cybersecurity Concepts.

CompTIA CASP+ CAS-004 Skill Assessment Test 1
Time left 00:00
10 Questions

1. While attending a meeting with the human resources department, an organization's information security officer sees an employee using a username and password written on a memo pad to log into a specific service. When the information security officer inquires further as to why passwords are being written down, the response is that there are too many passwords to remember for all the different services the human resources department is required to use. Additionally, each password has specific complexity requirements and different expiration timeframes. Which of the following would be the BEST solution for the information security officer to recommend?
2. Your IT Security Head or the CISO is concerned that systems administrators with privileged access may be reading other users' emails. A review of a tool's output shows the administrators have used webmail to log into other users' inboxes. Which of the following tools would show this type of output?
3. A Chief Information Security Officer (CISO) is reviewing the controls in place to support the organization's vulnerability management program. The CISO finds patching and vulnerability scanning policies and procedures are in place. However, the CISO is concerned the organization is siloed and is not maintaining awareness of new risks to the organization. The CISO determines systems administrators need to participate in industry security events. Which of the following is the CISO looking to improve?
4. A security engineer is managing operational, excess, and available equipment for a customer. Three pieces of expensive leased equipment, which are supporting a highly confidential portion of the customer network, have recently been taken out of operation. The engineer determines the equipment lease runs for another 18 months. Which of the following is the BEST course of action for the engineer to take to decommission the equipment properly?
5. A pharmaceutical company is considering moving its technology operations from on-premises to externally hosted to reduce costs while improving security and resiliency. These operations contain data that includes the prescription records, medical doctors' notes about treatment options, and the success rates of prescribed drugs. The company wants to maintain control over its operations because many custom applications are in use. Which of the following options represent the MOST secure technical deployment options?
6. The highest priority security-related concern for BYOD is
7. Which of the following describes a contract that is used to define the various levels of maintenance to be provided by an external business vendor in a secure environment?
8. A power outage is caused by a severe thunderstorm and a facility is on generator power. The CISO decides to activate a plan and shut down non-critical systems to reduce power consumption. Which of the following is the CISO activating to identify critical systems and the required steps?
9. During the decommissioning phase of a hardware project, a security administrator is tasked with ensuring no sensitive data is released inadvertently. All paper records are scheduled to be shredded in a crosscut shredder, and the waste will be burned. The system drives and removable media have been removed before e-cycling the hardware. Which of the following would ensure no data is recovered from the system drives once they are disposed of?
10. During a security assessment, activities were divided into two phases: internal and external exploitation. The security assessment team set a hard time limit on external activities before moving to a compromised box within the enterprise perimeter. Which of the following methods is the assessment team most likely to employ NEXT?