CASP: CompTIA Advanced Security Practitioner Study Guide Questions

Chapter 1
Which of the following is known as a ROT 3 cipher:;
A. Caesar;
B. Scytale;
C. DES;
D. AES;
A;
Caesar cipher is an early form of encryption and is also known as a ROT3 cipher.
Which of the following is not one of the four common goals of cryptography?;
A. Privacy;
B. Authentication;
C. Availability;
D. Integrity;
C;
The four common goals of cryptography include privacy, authentication, integrity,
and non-repudiation.;
The act of obtaining plain text from cipher text without a cryptographic key is
known as what?;
A. Encryption;
B. Cryptanalysis;
C. Hashing;
D. Integrity verification;
B;
Cryptanalysis is the act of obtaining plain text from cipher text without a
cryptographic key.;
______ is a measure of the randomness of data collected by an application or even
an operating system and used to create a cryptography key;
A. Encryption;
B. Hashing;
C. Entropy;
D. Confusion;
C;
While key size is important, the randomness of the key is also critical. Entropy is
a measure of the randomness of data collected by an application or even an
operating system and used to create a cryptography key
Which of the following is not a symetric algrothim?;
A. CAST;
B. RC5;
C. DES;
D. RSA;
D;
Example of symmetric encryption techniques include CAST, DES, and RC5. RSA is a
asymmetric algorithm.
6. DES does how many rounds during the encryption process?
A. 2
B. 8
C. 16
D. 48
Answer: C
DES does 16 rounds of substitution and transposition during the encryption process.
7. 3DES does how many rounds during the encryption process?
A. 2
B. 8
C. 16
D. 48
Answer: D
3DES does 48 rounds of substitution and transposition during the encryption
process.
8. Which of the following makes use of a stream cipher process?
A. DES ECB
B. RC4
C. RC5
D. CAST
Answer: B
RC4 is considered a stream cipher whereas DES ECB, RC5, and RC6 are block ciphers.
9. SAFER uses ___ blocks of data?
A. 8
B. 32
C. 64
D. 256
Answer: C
Secure and Fast Encryption Routine is a block-based cipher that processes data in
blocks of 64 and 128 bits.
10. DES has an effective key length of?
A. 32
B. 56
C. 64
D. 256
Answer: B
The DES key size is 56- bits, and DES has four primary modes of operation
Chapter 2

11. Cisco first came up with which of the following remote access technology?
A. TACACS
B. RADIUS
C. Diameter
D. XTACACS
Answer: A
Cisco has implemented a variety of remote access methods through its networking
hardware and software. Originally, this was Terminal Access Controller Access
Control System (TACACS).
12. These devices can perform deep packet inspection and look at requests and
responses within the HTTP/HTTPS/SOAP/XML-RPC/Web Service layers.
A. Proxy
B. IDS
C. DMZ
D. WAF
Answer: D
A WAF is a firewall sitting between a web- client and a web server, analyzing OSI
Layer-7 traffic.
13. What is another name for digital controllers?
A. SCADA
B. JK Flip/Flops
C. Cyber systems
D. NAC
Answer: A
Yesterday�s analog controls have become today�s digital systems. These digital
controls are known as Supervisory Control And Data Acquisition (SCADA) systems.
14. Which of the following doe VoIP not use?
A. IAX
B. H.121
C. SIP
D. RTP
Answer: B
VoIP makes use of protocols such as Session Initiation Protocol (SIP), H.323,
Inter-Asterisk eXchange protocol (IAX), and Real-time Transport Protocol (RTP).
15. HTTP functions at which layer of the TCP model?
A. Application
B. Host-to-host
C. Internet
D. Data link
Answer: A
HTTP, and other protocols like Telnet and SNMP, function at the application layer
where they provide network services.
16. What TCP port does SMTP use?
A. 21
B. 23
C. 25
D. 80
Answer: C
SMTP uses TCP port 25
17. What UDP port does TFTP use?
A. 21
B. 69
C. 25
D. 161
Answer: B
UDP port 69 is used for TFTP.
18. This protocol is no longer used in IPv6?
A. ICMP
B. TCP
C. ARP
D. DNS
Answer: C
Say goodbye to ARP. While ARP is an integral part of IPv4, it is not used with
IPv6. IPV6 makes use of NDP, the neighbor discovery protocol (NDP).
19. An IPv4 header has a default length of _______________ .
A. 16 bytes
B. 8 bytes
C. 20 bytes
D. 40 bytes
Answer: C
IPv4 has a 20-byte default header length and can be 60 bytes maximum with options.
20. An ICMP type 8 message is best defined as?
A. Unreachable
B. Ping
C. Redirect
D. Time exceeded
Answer: B
ICMP is used for logical errors and diagnostics. An ICMP type 8 is a ping request.
Chapter 3
21. ___________________ describes a cloud solution where you are buying
infrastructure
A. IaaS
B. BasF
C. MaaS
D. SaaS
Answer: A
IaaS describes a cloud solution where you are buying infrastructure. You purchase
virtual power to execute your software as needed.
22. This approach includes monitoring for networks, application, servers,
applications, and remote systems .
A. IaaS
B. BasF
C. MaaS
D. SaaS
Answer: C
MaaS includes monitoring for networks, application, servers, applications, and
remote systems .
23. Another name for a confused deputy attack is?
A. XSS
B. DoS
C. Session hijacking
D. Sniffing
Answer: A
Another name for a confused deputy attack is a XSS. There are many ways to attack
authentication, such as cross cross-site scripting (XSS) and cross cross-site
request forgery (CSRF).
24. This Cisco VLAN technology wraps the Ethernet frame, yet but it is not a
standard used by all vendors.
A. ISL
B. QLAN
C. 802.1q
D. STP
Answer: A
ISL (Inner-switch Link) wraps the Ethernet frame, yet but it is not a standard used
by all vendors as a VLAN standard.
25. This VLAN standard places information inside the Ethernet frame.
A. ISL
B. QLAN
C. 802.1q
D. STP
Answer: C
The 802.1q VLAN standard places information inside the Ethernet frame.
26. ______ is an attack in which an attacker tries to send data to hosts that
belong to other VLANs
A. Spanning
B. VLAN hopping
C. Bridging
D. Scanning
Answer: B
VLAN hopping an attack in which an attacker tries to send data to hosts that belong
to other VLANs
27. ______ is a SAN standard used for connecting data storage facilities and
allowing remote SCSI devices to communicate
A. HBA
B. vSCAN
C. FCoE
D. iSCSI
Answer: D
iSCSI is a SAN standard used for connecting data storage facilities and allowing
remote SCSI devices to communicate
28. ______ can operate at speeds of 10 Gigabits gigabits per second and rides on
top of the Ethernet protocol.
A. HBA
B. vSCAN
C. FCoE
D. iSCSI
Answer: C
FCoE can operate at speeds of 10 Gigabits gigabits per second and rides on top of
the Ethernet protocol.
29. _______ is implemented primarily at the HBA level.
A. LUN masking
B. vSCAN
C. FCoE
D. iSCSI
Answer: A
LUN masking is implemented primarily at the HBA level.
30. _________ is the process of removing redundant data to improve enterprise
storage utilization.
A. Data scanning
B. Data aggregation
C. Data duplication
D. Data mining
Answer: C
Data duplication is the process of removing redundant data to improve enterprise
storage utilization
Chapter 4

31. What implicit command is at the end of every ACL?

A. A default deny all
B. An end statement
C. A default allow all
D. An allow statement
Answer: A
By default, there is an implicit deny all clause at the end of every ACL.
32. Snort can not filter on which of the following traffic types
A. IP
B. TCP
C. UDP
D. OSPF
Answer: D
Snort can filter on TCP, IP, and UDP, not OSPF.
33. Extended ACL's canot by default examine which of the following?
A. Protocol
B. IPSEC data
C. DSCP
D. Precedent value
Answer: B
There are also extended ACLs. These rules have the ability to look more closely at
the traffic and inspect for more items. These include: protocol, port numbers,
differentiated services code point (DSCP) value, precedence value, and the state of
the synchronize sequence number (SYN) bit.
34. What is wrong with the following ACL?
interface Eth0
deny ip any any
deny tcp 10.10.10.128 0.0.0.63 any eq smtp
deny tcp any eq 23 int ethernet 0 ip
access-group 110 out
A. Access-group statement
B. Interface Eth0
C. Deny TCP statement
D. Deny all statement
Answer: D
The �deny ip any any� will prevent the additional lines below it from processing.
Once the ACL reaches a matching rule such as deny all IP, the two entries below
will not be acted upon.
35. Which model uses the following, "This property states that an object at one
level of integrity is not permitted to write to an object of higher integrity."
A. Bell-LaPadula
B. Biba
C. Clark Wilson
D. Brewer Nash
Answer: B
The Biba uses a no write up model.
36. Which of the following Evaluation Assurance Levels (EAL) matches methodically
designed tested, and reviewed?
A. EAL 1
B. EAL 2
C. EAL 3
D. EAL 4
Answer: D
EAL 4 a common baseline for security in commercial systems. EAL 4 is methodically
designed tested, and reviewed.
37. Structurally tested is what EAL level?
A. EAL 1
B. EAL 2
C. EAL 3
D. EAL 4
Answer: B
Structurally tested is EAL 2.
38. ITSEC was designed for use in what region of the world?
A. China
B. Canada
C. Europe
D. USA
Answer: C
ITSEC was developed in the 1980s to meet the needs of the European market.
39. TCSEC was designed for use in what region of the world?
A. China
B. Canada
C. Europe
D. USA
Answer: D
TCSEC, also known as the Orange Book, was developed to evaluate stand alone systems
and was developed for use in the United States.
40. Which of the following is a confidentiality based model?
A. Bell-LaPadula
B. Biba
C. Clark Wilson
D. Brewer Nash
Answer: A
The Bell-LaPadula model enforces confidentiality. The Bell-LaPadula model uses
mandatory access control to enforce the Department of Defense (DoD) multilevel
security policy.
Chapter 5

41. ______ is not a replacement for a traditional firewall but simply adds
another layer of protection
A. NAC
B. IDP
C. IDS
D. WAF
Answer: D
WAF is not a replacement for a traditional firewall but simply adds another layer
of protection. While traditional firewalls simply block or allow traffic, WAFs can
protect against cross cross-site scripting, hidden field tampering, cookie
poisoning, and even SQL injection.
42. You just finished a port scan and have found port 88 open. What application
uses port 88?.
A. TFTP
B. Kerberos
C. LDAP
D. Finger
Answer: B
Kerberos use port 88.
43. How many steps of the TCP startup are completed in a stealth scan?
A. One
B. Two
C. Three
D. None
Answer: B
A TCP stealth scan completed two of the three steps of the TCP startup process?
44. After completing a port scan you have identified TCP port 80 as open. What
should be your next step?
A. Banner grab
B. Map the attack surface
C. Launch a IIS exploit
D. Launch a Apache exploit
Answer: A
After finding open ports a pen tester should next banner grab to help determine
what specify service is running.
45. With this form of test there is very little or no knowledge of the target
network or its systems.
A. Crystal box
B. White box
C. Gray box
D. Black box
Answer: D
With a black box test there is very little or no knowledge of the target network or
its systems.
46. This type of attack targets availability and is characterized by large
amounts of traffic.
A. Session hijacking
B. Sniffing
C. DoS
D. SQL injection
Answer: C
DoS attacks target availability.
47. You have identified a system that may not have a functioning antivirus
program. How can you check to see if it is working properly?
A. EICAR
B. Load known malware
C. Port scan
D. FERPA
Answer: A
An EICAR test is designed to test the functionality of anti-virus.
48. Your IDS has identified network traffic that appears to be a series of ARP
replies with no corresponding ARP requests. What might be the purpose of this
activity?
A. DNS poisoning
B. IPv6 traffic
C. ARP cache poisoning
D. Network discovery traffic
Answer: C
ARP cache poisoning is one common technique used to bypass the functionality of a
switch. ARP poisonings works by sending our spoofed ARP replies.
49. This technique is used to determine the OS of a system by injecting traffic.
A. Hijacking
B. Active OS fingerprinting
C. Sniffing
D. Passive OS fingerprinting
Answer: B
Active OS fingerprinting, crafts and sends odd packet settings to the target in
hopes of eliciting a response which will identify it. While active fingerprinting
is more accurate, it is not as stealthy as passive fingerprinting.
50. _______ is the process of configuring a switch to see all the traffic on one
specific port.
A. SPAN
B. ARP poisoning
C. Spoofing
D. Hijacking
Answer: A
Because switches segment traffic, it is no longer possible to monitor all of the
traffic by attaching a promiscuous-mode device to a single port. Today this is
accomplished by Spanning a port.
Chapter 6

51. Which of the following is the formula for SLE?

A. AV * ALE
B. AV * EF
C. AV / EF
D. AV * ARO
Answer: B
The formula for SLE is AV * EF.
52. Which of the following is the formula for ALE?
A. SRE * ARO
B. AV * SLE
C. EF * ARO
D. SLE * ARO
Answer: D
The formula for ALE is SLE * ARO.
53. An ______is an item of value to an institution such as data, hardware,
software, or physical property
A. Asset
B. Vulnerability
C. Tangible item
D. Risk
Answer: A
An asset is an item of value to an institution such as data, hardware, software, or
physical property
54. A _________ can be best defined as a type of business entity in which two or
more entities share potential profit and risk with each other
A. Incorporation
B. Partnership
C. Merger
D. Sole proprietorship
Answer: B
A partnership can be best defined as a type of business entity in which two or more
entities share potential profit and risk with each other
55. A ________ is a weakness in a system design, a weakness in the implementation
of an operational procedure, or a weakness in how software or code
A. Asset
B. Vulnerability
C. Tangible item
D. Risk
Answer: A
A vulnerability is a weakness in a system design, a weakness in the implementation
of an operational procedure, or a weakness in how software or code
56. This law was signed into law in 1999 and resulted in the most sweeping
overhaul of financial services regulation in the United States
A. Patriot Act
B. HIPAA
C. GLBA
D. FISMA
Answer: C
GLBA was signed into law in 1999 and resulted in the most sweeping overhaul of
financial services regulation in the United States. Under GLBA law, financial
institutions are required to protect the confidentiality of individual privacy
information.
57. This encryption method is a type of secure cryptoprocessor targeted at
managing cryptographic keys.
A. TrueCrypt
B. HSM
C. EFS
D. TPM
Answer: B
(HSM) is a type of secure cryptoprocessor targeted at managing cryptographic keys.
HSMs come in two varieties.: blades that plug into the peripheral component
interconnect (PCI) slots on a computer's motherboard, and standalone external
devices.
58. Which of the following is a a specialized chip that can be installed on the
motherboard of a client and is used for encryption.
A. TrueCrypt
B. HSM
C. EFS
D. TPM
Answer: B
A TPM is a specialized chip that can be installed on the motherboard of a client
59. Which of the following encryption algorithms can be used for data at rest and
is based on the Rijndael algorithm?
A. AES
B. DES
C. RC
D. CAST
Answer: A
The Advanced Encryption Standard (AES) is based on the Rijndael encryption
algorithm. It is a replacement to DES.
60. ANSI X12 is used for which of the following?
A. Unix file transfers
B. PKI
C. Digital certificates
D. EDI
Answer: D
EDI is used to exchange data in a format that both the sending and receiving
systems can understand. ANSI X12 is the most common of the formats used.
Chapter 7

61. This document dictates management�s commitment to the use, operation, and
security of information systems
A. Procedure
B. Policy
C. Standard
D. Baseline
Answer: B
The security policy is the document that dictates management�s commitment to the
use, operation, and security of information systems
62. This document is considered step by step and can be tied closely to hardware.
A. Procedure
B. Policy
C. Guideline
D. Baseline
Answer: A
A policy offers step by step instruction.
63. These are considered tactical documents, as they lay out specific steps or
processes required to meet a certain requirement
A. Procedure
B. Policy
C. Standard
D. Baseline
Answer: C
Standards can be considered tactical documents, as they lay out specific steps or
processes required to meet a certain requirement
64. While preparing to develop a document on patch management you have been asked
to review current vulnerabilities. Which U.S. government agency is responsible for
the creation of lists of known vulnerabilities in operating systems?
A. DoD
B. Secret service
C. NSA
D. NIST
Answer: D
NIST (The National Institute of Standards and Technology) is responsible for the
creation of standards and reporting on known vulnerabilities.
65. In the realm of Internet standards what document is used fore the creation of
new requirements?
A. MOU
B. RFC
C. RFP
D. SLA
Answer: B
A Request For Comment (RFC) is a proposed standard document. Examples of RFC's
include RFC 792 and 793.
66. This document specifies conditions and applied terms for outsourcing partner
organizations that must share data and information resources.
A. MOU
B. RFC
C. RFP
D. SLA
Answer: A
A memorandum of understanding (MOU) typically documents conditions and applied
terms for outsourcing partner organizations that must share data and information
resources.
67. This document specifies the maximum amount of outage time?
A. MOU
B. RFC
C. RFP
D. SLA
Answer: A
The SLA should specify the uptime, response time, and maximum outage time that they
are agreeing to. An SLA can also be used as a type of contract with a hardware
vendor that provides a certain level of protection.
68. This document can be used to specify what former employees can discuss about
company business after leaving the company.
A. BPA
B. MOU
C. NDA
D. SLA
Answer: C
A Nondisclosure Agreement (NDAs) are is designed to protect confidential
information.
69. _______ is another example of a legally binding document that is designed to
provide safeguards and compel certain actions among business partners
A. BPA
B. MOU
C. NDA
D. SLA
Answer: A
A BPA is another example of a legally binding document that is designed to provide
safeguards and compel certain actions among business partners in relation to
specific security security-related activities.
70. This personal control is used to reduce fraud and ensure a backup if the
employee is unavailable.
A. PKCS
B. SSL
C. TTS
D. Telnet
Answer: B
Rotation of duties rotates employees to new areas of assignment. This not only
helps ensure backup if an employee is not unavailable, but it also can reduce fraud
or misuse by providing the company the means of rotating people to prevent an
individual from having too much control over an area.
Chapter 8

71. Which of the following is not a vulnerability scanner?

A. Nessus
B. Wireshark
C. Satan
D. Saint
Answer: B
Software such as Nessus, Retina, LanGuard, Sara, and Saint, etc. are used by many
companies for the purpose of periodic vulnerability assessment
72. An Nmap full connect scan uses which of the following?
A. Nmap -O
B. Nmap -sS
C. Nmap -sU
D. Nmap -sT
Answer: D
The syntax for an Nmap full connect scan is Nmap -sT
73. Which of the following is used of identifying the version of OS running on a
computer?
A. Nmap -O
B. Nmap -sS
C. Nmap -sU
D. Nmap -sT
Answer: A
Nmap -O is used for OS fingerprinting
74. Which of the following would best be used for forensic examination of a hard
disk?
A. Helix
B. Backtrack
C. Knoppix
D. Auditor
Answer: A
Helix is a well know package of forensic tools.
75. You have captured the following traffic with Windump. What best describes
this protocol or application?
ICMP Type 3 Code 13
A. Ping message
B. Unreachable message
C. Redirect message
D. TTL failure message
Answer: B
An ICMP type 3 code 13 is a unreachable message.
76. Type 1 errors are also known as?
A. CER
B. FRR
C. Zepher
D. FAR
Answer: B
Type 1 errors are also known as the false rejection rate and is a common biometric
measurement.
77. Type 2 errors are also known as?
A. CER
B. FRR
C. Zepher
D. FAR
Answer: D
Type 2 errors (False Acceptance Rate [FAR]) are a biometric value used to measure
the percentage of individuals who gained access that shouldn�t have.
78. Which of the following is true about CER??
A. A higher number is better
B. The number should always be 100%
C. A lower number is better
D. The number is always zero.
Answer: C
The point at which the FRR and FAR meet is known as the Crossover Error Rate (CER).
The CER is a key accuracy factor: the lower the CER, the more accurate the system.
79. This form of biometric authentication can report false errors because of
heart disease or other vascular problems.
A. Iris
B. Palm
C. Retina
D. Hand geometry
Answer: C
While retina scanning is considered very accurate. Issues such as heart disease
can cause errors.
80. This RFC defines the Internet protocol.
A. RFC 1766
B. RFC 791
C. RFC 792
D. RFC 1700
Answer: B
The IETF�s role is to oversee the creation of technical documents that guide how
the Internet is designed, used, and managed. A big part of this mission is centered
on the creation of RFC�s. RFC 791 defines the IP protocol.
Chapter 9

81. The CIA4N concept includes all of the following except.

A. Authorization
B. Non-repudiation
C. Identification
D. Accounting
Answer: C
The CIA4N concept includes confidentiality, integrity, authentication,
authorization, accounting, availability, and non-repudiation.
82. Which of the following is about finding the balance between the costs of
security against the value of assets.
A. Performance management
B. Value delivery
C. Integration
D. Resource management
Answer: B
Value delivery is about finding the balance between the costs of security against
the value of assets.
83. _________ is about utilizing the security infrastructure efficiently and
effectively with minimum waste.
A. Performance management
B. Value delivery
C. Enterprise architecture
D. Resource management
Answer: D
Resource management is about utilizing the security infrastructure efficiently and
effectively with minimum waste.
84. ___________________ is the practice within information technology of
organizing and documenting a company�s IT assets so that planning, management, and
expansion can be enhanced
A. Performance management
B. Value delivery
C. Enterprise architecture
D. Resource management
Answer: C
Enterprise Architecture is the practice within information technology of organizing
and documenting a company�s IT assets so that planning, management, and expansion
can be enhanced
85. This risk assessment method is similar to the structured review yet
individuals present for the meeting must write their responses down and hand them
to the team lead for review
A. Alpha Review
B. Structured Review
C. ODFM
D. Modified Delphi
Answer: D
The modified Delphi technique is similar to the structured review, yet individuals
present for the meeting must write their responses down and hand them to the team
lead for review
86. Security awareness is an example of which control category?
A. Detective
B. Preventive
C. Corrective
D. Compensating
Answer: B
Security awareness is an example of a preventive control.
87. Clustering is an example of a ____________ control.
A. Detective
B. Preventive
C. Corrective
D. Compensating
Answer: D
Clustering is an example of a compensating control.
88. Patching is an example of which of the following controls?
A. Detective
B. Preventive
C. Corrective
D. Compensating
Answer: C
Patching is a correcting control as it seeks to overcome a weakness of
vulnerability in software.
89. Reviewing audit logs is an example of which of the following?
A. Detective
B. Preventive
C. Corrective
D. Compensating
Answer: A
Reviewing audit logs is an example of a detective control.
90. Another name for the software vulnerability version model is which of the
following?
A. Plan, do, check, and correct
B. Plan, secure, confirm, and remediate
C. Plan, detect, respond, and improve
D. Initial, repeatable, defined, and optimized
Answer: B
Another name for the software vulnerability version model is plan, secure, confirm,
and remediate
Chapter 10

91. You have completed a port scan and found port 31337 open. What application
commonly uses this port?
A. NetBus
B. Beast
C. Back orifice
D. Loki
Answer: C
Netbus uses port 31337.
92. You have completed a port scan and found port 12345 open. What application
commonly uses this port?
A. NetBus
B. Beast
C. Back orifice
D. Loki
Answer: A
NetBus uses port 12345
93. Presence is used for which of the following?
A. Video conferencing for PC's
B. Remote access for Apple computers
C. Video conferencing for Apple computers
D. Remote access for PC's
Answer: B
Presence is an Apple software product that is somewhat similar to Windows Remote
Desktop.
94. Which email application uses TCP port 143 by default?
A. SMTP
B. POP3
C. IMAP
D. SNMP
Answer: C
IMAP can be used as a replacement for POP3 and offers advantages over POP3 for
mobile users. IMAP has the ability to work with mail remotely and uses port 143.
95. Which email application uses TCP port 110 by default?
A. SMTP
B. POP3
C. IMAP
D. SNMP
Answer: A
POP3 uses port 110 by default and is widely used to retrieve messages from a mail
server.
96. What is a SPAN port used for?
A. Mirroring traffic on a switch
B. A type of port scan
C. Used with VLAN's to segment traffic
D. Used with VoIP
Answer: A
SPAN ports are used to mirror traffic on a switch and can be used with an IDS and
sniffers.
97. Which of the following best defines SPIT?
A. A type of session hijack
B. Used for sniffing
C. A form on MiTM attack
D. A type of SPAM
Answer: D
SPIT is spam over Internet phone. SPIT offers spammers a low-cost alternative to
unsolicited marketing.
98. ______ is the variations in transmission latency that can cause packet loss
and degraded VoIP call quality
A. Wow
B. Jitter
C. Flutter
D. Latency
Answer: B
Jitter is the variations in transmission latency that can cause packet loss and
degraded VoIP call quality
99. _______ is a delay in the transmission of a data packet
A. Wow
B. Jitter
C. Flutter
D. Latency
Answer: D
Latency is a delay in the transmission of a data packet
100. This technology was seen as an improvement over RADUS and is a form of
centralized authentication.
A. Diameter
B. LDAP
C. CHAP
D. KryptoKnight
Answer: A
The DIAMETER protocol was designed to be an improvement over RADIUS and have better
handling of mobile users (IP mobility). DIAMETER provides the functions for
authentication, authorization, and accounting.
9781118930847 Instructor Materials

CASP: CompTIA Advanced Security Practitioner Study Guide 2nd edition Instructor
Materials. � Wiley Inc. 2014. All Rights Reserved.