Are you ready for another practice quiz for the next domain in our prep for the CCSK exam? Here it is! This one is a big area for us in the exam! It is all about Application Security, and of course, how the cloud makes many changes for us in this area.
CCSK Application Security
Start
Congratulations - you have completed CCSK Application Security.
You scored %%SCORE%% out of %%TOTAL%%.
Your performance has been rated as %%RATING%%
Your answers are highlighted below.
Question 1
Which of the following is not considered a challenge with cloud and application security?
A
DevOps
B
Limited detailed visibility
C
Increased application scope
D
Changing threat models
E
Reduced transparency
Question 2
Which is not a major area of application security?
A
SSDLC
B
Design and architecture
C
DevOps
D
SOA
E
CI/CD
Question 3
Which of the following "meta-phases" of software security would include technology like a WAF?
A
Secure Design and Development
B
Secure Deployment
C
Secure Operations
D
Secure Retirement
Question 4
In which phase of the secure design and development process for applications would you most likely engage in code review?
A
Training
B
Define
C
Design
D
Develop
E
Test
Question 5
Security can be enhanced for application design and architecture because the infrastructure can be made immutable. What does this mean?
A
The infrastructure calls upon serverless compute
B
The infrastructure is built using many microservices
C
The infrastructure is completed from a template and changes can be precisely controlled
D
The infrastructure features enhanced segregation
Question 6
Fuzzing might be employed as a testing technique during what type of application development approach?
A
SOAP
B
SOA
C
SAST
D
DAST
Once you are finished, click the button below. Any items you have not completed will be marked incorrect.
Get Results
There are 6 questions to complete.
←
List
→
Return
Shaded items are complete.
1
2
3
4
5
6
End
Return
You have completed
questions
question
Your score is
Correct
Wrong
Partial-Credit
You have not finished your quiz. If you leave this page, your progress will be lost.
Enjoy this CompTIA CASP+ practice quiz. Have fun! Any questions? Use the comments area below!
CASP+ Practice Quiz 5
Start
Congratulations - you have completed CASP+ Practice Quiz 5.
You scored %%SCORE%% out of %%TOTAL%%.
Your performance has been rated as %%RATING%%
Your answers are highlighted below.
Question 1
What dynamic routing protocol is used with remotely triggered black holes?
A
ICMP
B
RIP
C
BGP
D
OSPF
Question 2
Which is often considered a classic software development method?
A
Spiral
B
Waterfall
C
Agile
D
Ruby
Question 3
You are using a Try...Catch block in your Java code. What are you controlling?
A
Privilege escalation
B
Error and exception handling
C
Buffer overflows
D
Direct object references
Question 4
You have discovered that a new application has inherent flaws due to processes being tied to the order and timing of other events. What is this issue called?
A
Race conditions
B
Data remnants
C
Memory leaking
D
Buffer overflow
Question 5
A common approach to session fixation is to use what attack method?
A
Geotagging
B
SQL injection
C
Clickjacking
D
XSS
Question 6
What technique can help test your software for vulnerabilities in the accepted inputs?
A
Code reuse
B
Fuzzing
C
Sandboxing
D
WAF
Question 7
What is the term for the record of evidence handling from collection to presentation?
A
Race condition
B
COOP
C
Order of volatility
D
Chain of custody
Once you are finished, click the button below. Any items you have not completed will be marked incorrect.
Get Results
There are 7 questions to complete.
←
List
→
Return
Shaded items are complete.
1
2
3
4
5
6
7
End
Return
You have completed
questions
question
Your score is
Correct
Wrong
Partial-Credit
You have not finished your quiz. If you leave this page, your progress will be lost.
