:

Step by Step

NIST (National Institute of Standards and Technology): Provides comprehensive password guidelines

(e.g., SP 800-63B) widely used for securing systems, including handling PII.

GDPR (General Data Protection Regulation): Focuses on data privacy laws rather than technical

password policies.

CMMI (Capability Maturity Model Integration): Addresses process improvement, not password

complexity.

COPPA (Children's Online Privacy Protection Act): Focuses on child data privacy, not password rules.

Reference: CASP+ Exam Objectives 5.3 – Implement security controls and best practices using NIST

standards.

A network traffic analyzer (also known as a packet sniffer) is the best tool to identify credentials

being transmitted in plaintext, such as those used in Telnet sessions. Since Telnet transmits data

without encryption, a network traffic analyzer can capture the traffic between the client and the

network switches, revealing sensitive information, including login credentials, in clear text. This tool

helps identify insecure protocols and enables remediation by switching to encrypted alternatives like

SSH. CASP+ highlights the importance of using secure protocols and tools like traffic analyzers to

identify vulnerabilities in network communications.

Reference:

CASP+ CAS-004 Exam Objectives: Domain 2.0 – Enterprise Security Operations (Network Traffic

Analysis and Insecure Protocols)

CompTIA CASP+ Study Guide: Monitoring Network Traffic for Plaintext Credentials

A runbook is a detailed guide that provides step-by-step instructions on how to respond to specific

types of incidents. It is used by the SOC team to ensure a consistent, organized, and efficient

response to incidents. In this case, after the incident investigation, creating a runbook would help

standardize the response process for future security incidents, enabling the team to act quickly and

effectively. CASP+ emphasizes the importance of having detailed runbooks for incident response as

part of an organization's overall incident response strategy.

Reference:

CASP+ CAS-004 Exam Objectives: Domain 2.0 – Enterprise Security Operations (Incident Response

and Runbooks)

CompTIA CASP+ Study Guide: Incident Response Procedures and Runbooks

To meet the mobile platform security requirements, the manufacturer should implement the following technologies: eFuse: This hardware feature helps track and prevent unauthorized firmware by physically "blowing" fuses to record events, such as firmware tampering, making it impossible to revert to older, unapproved firmware. Secure boot: This ensures that only trusted and authorized firmware can be loaded during the boot process, preventing malicious or unauthorized software from running. Secure enclave: A secure enclave is used to store sensitive information like biometric data in a hardware-isolated environment, protecting it from tampering or unauthorized access. These three solutions provide the tamper resistance, secure firmware validation, and protection of sensitive data required for the platform. CASP+ emphasizes the use of hardware-based security features for protecting sensitive information and enforcing secure boot processes in embedded and mobile systems. Reference: CASP+ CAS-004 Exam Objectives: Domain 3.0 – Enterprise Security Architecture (Secure Hardware and Firmware Protection) CompTIA CASP+ Study Guide: Hardware Security Features (eFuse, Secure Boot, Secure Enclave)

Step by Step

The information disclosed in the error message (e.g., "Apache Tomcat 7.0.52") provides attackers

insights into the software version, which may have known vulnerabilities.

Correcting this issue ensures that attackers cannot use the disclosed information to tailor more

sophisticated or targeted attacks.

Best practices include suppressing unnecessary error details to mitigate the risk of information

disclosure.

Reference: CASP+ Exam Objectives 5.3 – Mitigate vulnerabilities related to service information

leakage.

PCI DSS (Payment Card Industry Data Security Standard) is the most appropriate governance

framework when collecting and processing credit card data, including international user data. PCI

DSS establishes security standards for organizations that handle payment card transactions and

ensures theprotection of cardholder data globally. The other options, such as ISO 27001 and NIST

800-53, provide general security frameworks, but PCI DSS is specifically designed for payment card

security, which is critical when handling credit card information. CASP+ emphasizes the role of PCI

DSS in ensuring the secure handling of payment data.

Reference:

CASP+ CAS-004 Exam Objectives: Domain 1.0 – Risk Management (PCI DSS Compliance for Payment

Systems)

CompTIA CASP+ Study Guide: Payment Systems Security and PCI DSS

Step by Step

RPO (Recovery Point Objective): Specifies the maximum acceptable amount of data loss measured in

time. If data loss of more than one hour is unacceptable, the RPO should be set to less than or equal

to one hour.

RTO (Recovery Time Objective): Refers to the acceptable duration of system downtime, which is not

relevant to the question.

The BCP, DRP, and SLA do not directly address data loss.

Reference: CASP+ Exam Objectives 1.3 – Analyze BIA results to determine RPO and RTO

requirements.

While the company has implemented Single Sign-On (SSO) with strong passwords, additional security

controls are required to mitigate attacks such as LDAP injections, brute-force, whaling, and spear-

phishing. Two-factor authentication (2FA) provides an additional layer of security by requiring users

to provide two different forms of authentication (e.g., a password and a security token or a biometric

factor), reducing the likelihood of unauthorized access even if passwords are compromised. CASP+

emphasizes the importance of using multi-factor authentication mechanisms to strengthen access

control and protect against such attacks.

Reference:

CASP+ CAS-004 Exam Objectives: Domain 2.0 – Enterprise Security Operations (Access Control and

Multi-factor Authentication)

CompTIA CASP+ Study Guide: Implementing Two-Factor Authentication for System Access

Before determining which data should be deleted during a data cleanup project, it is critical to first

review retention schedules. Retention schedules specify how long data must be retained to comply

with legal, regulatory, or business requirements. Deleting data prematurely could result in non-

compliance or the loss of important information. By consulting retention schedules, the security

administrator ensures that data is deleted in a compliant and controlled manner, based on its

retention policy. CASP+ highlights data retention management as a key element in data governance

and security.

Reference:

CASP+ CAS-004 Exam Objectives: Domain 1.0 – Risk Management (Data Governance and Retention

Policies)

CompTIA CASP+ Study Guide: Data Retention, Deletion, and Compliance Requirements