[2023] CAS-004 Exam Dumps, Test Engine Practice Test Questions
Pass CAS-004 exam [Apr 22, 2023] Updated 256 Questions
NEW QUESTION # 84
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.
Which of the following would be the BEST option to implement?
- A. Distributed connection allocation
- B. SD-WAN vertical heterogeneity
- C. Content delivery network
- D. Local caching
Answer: C
NEW QUESTION # 85
A security analyst is reviewing the following vulnerability assessment report:
Which of the following should be patched FIRST to minimize attacks against Internet-facing hosts?
- A. Server1
- B. Server 3
- C. Server2
- D. Servers
Answer: A
NEW QUESTION # 86
A pharmaceutical company recently experienced a security breach within its customer-facing web portal. The attackers performed a SQL injection attack and exported tables from the company's managed database, exposing customer information.
The company hosts the application with a CSP utilizing the IaaS model. Which of the following parties is ultimately responsible for the breach?
- A. The pharmaceutical company
- B. The database software vendor
- C. The cloud software provider
- D. The web portal software vendor
Answer: C
NEW QUESTION # 87
Leveraging cryptographic solutions to protect data that is in use ensures the data is encrypted:
- A. when it is passed across a local network.
- B. when it is written to a system's solid-state drive.
- C. in memory during processing
- D. by an enterprise hardware security module.
Answer: C
NEW QUESTION # 88
While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?
- A. Isolate the servers to prevent the spread.
- B. Request that the affected servers be restored immediately.
- C. Pay the ransom within 48 hours.
- D. Notify law enforcement.
Answer: D
NEW QUESTION # 89
A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization.
Which of the following actions would BEST resolve the issue? (Choose two.)
- A. Deploy an IDS.
- B. Conduct input sanitization.
- C. Deploy a SIEM.
- D. Deploy a WAF.
- E. Deploy a reverse proxy
- F. Patch the OS
- G. Use containers.
Answer: C,F
NEW QUESTION # 90
An organization mat provides a SaaS solution recently experienced an incident involving customer data loss.
The system has a level of sell-healing that includes monitoring performance and available resources. When me system detects an issue, the self-healing process is supposed to restart pans of me software.
During the incident, when me self-healing system attempted to restart the services, available disk space on the data drive to restart all the services was inadequate. The self-healing system did not detect that some services did not fully restart and declared me system as fully operational. Which of the following BEST describes me reason why the silent failure occurred?
- A. The number of nodes in me self-healing cluster was healthy,
- B. The system logs rotated prematurely.
- C. The disk utilization alarms are higher than what me service restarts require.
- D. Conditional checks prior to the service restart succeeded.
Answer: D
NEW QUESTION # 91
A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information. Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?
- A. Private SaaS solution in a single tenancy cloud.
- B. SaaS solution in a community cloud
- C. Pass solution in a multinency cloud
- D. Hybrid IaaS solution in a single-tenancy cloud
Answer: A
NEW QUESTION # 92
An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key.
Which of the following would BEST secure the REST API connection to the database while preventing the use of a hard-coded string in the request string?
- A. Deploy MFA for the service accounts.
- B. Sign the key with DSA.
- C. Implement a VPN for all APIs.
- D. Utilize HMAC for the keys.
Answer: D
NEW QUESTION # 93
A SOC analyst is reviewing malicious activity on an external, exposed web server. During the investigation, the analyst determines specific traffic is not being logged, and there is no visibility from the WAF for the web application.
Which of the following is the MOST likely cause?
- A. The user agent client is not compatible with the WAF.
- B. HTTP traffic is not forwarding to HTTPS to decrypt.
- C. Old, vulnerable cipher suites are still being used.
- D. A certificate on the WAF is expired.
Answer: D
NEW QUESTION # 94
A security engineer has been asked to close all non-secure connections from the corporate network. The engineer is attempting to understand why the corporate UTM will not allow users to download email via IMAPS. The engineer formulates a theory and begins testing by creating the firewall ID 58, and users are able to download emails correctly by using IMAP instead. The network comprises three VLANs:
The security engineer looks at the UTM firewall rules and finds the following:
Which of the following should the security engineer do to ensure IMAPS functions properly on the corporate user network?
- A. Create an IMAPS firewall rule to ensure email is allowed.
- B. Make sure the UTM certificate is imported on the corporate computers.
- C. Confirm the email server certificate is installed on the corporate computers.
- D. Contact the email service provider and ask if the company IP is blocked.
Answer: B
NEW QUESTION # 95
A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.
Which of the following scan types will provide the systems administrator with the MOST accurate information?
- A. An active, non-credentialed scan
- B. A passive, non-credentialed scan
- C. A passive, credentialed scan
- D. An active, credentialed scan
Answer: D
NEW QUESTION # 96
A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following:
The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:
Which of the following is an appropriate security control the company should implement?
- A. Separate the items in the system call to prevent command injection.
- B. Use server-side processing to avoid XSS vulnerabilities in path input.
- C. Parameterize a query in the path variable to prevent SQL injection.
- D. Restrict directory permission to read-only access.
Answer: A
NEW QUESTION # 97
A security auditor needs to review the manner in which an entertainment device operates. The auditor is analyzing the output of a port scanning tool to determine the next steps in the security review. Given the following log output.
The best option for the auditor to use NEXT is:
- A. Fuzzing
- B. A SCAP assessment.
- C. Network interception.
- D. Reverse engineering
Answer: C
NEW QUESTION # 98
A security engineer needs to implement a solution to increase the security posture of user endpoints by providing more visibility and control over local administrator accounts. The endpoint security team is overwhelmed with alerts and wants a solution that has minimal operational burdens. Additionally, the solution must maintain a positive user experience after implementation.
Which of the following is the BEST solution to meet these objectives?
- A. Implement Privileged Access Management (PAM), keep users in the local administrators group, and enable local administrator account monitoring.
- B. Implement PAM, remove users from the local administrators group, and prompt users for explicit approval when elevated privileges are required.
- C. Implement EDR, keep users in the local administrators group, and enable user behavior analytics.
- D. Implement EDR, remove users from the local administrators group, and enable privilege escalation monitoring.
Answer: A
NEW QUESTION # 99
A large telecommunications equipment manufacturer needs to evaluate the strengths of security controls in a new telephone network supporting first responders. Which of the following techniques would the company use to evaluate data confidentiality controls?
- A. On-path
- B. RF sidelobe sniffing
- C. Eavesdropping
- D. Cryptanalysis
- E. Code signing
Answer: C
NEW QUESTION # 100
An organization is planning for disaster recovery and continuity of operations.
INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected host.
After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.
Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Answer:
Explanation:
NEW QUESTION # 101
After a security incident, a network security engineer discovers that a portion of the company's sensitive external traffic has been redirected through a secondary ISP that is not normally used.
Which of the following would BEST secure the routes while allowing the network to function in the event of a single provider failure?
- A. Implement an inbound BGP prefix list.
- B. Disable BGP and implement OSPF.
- C. Disable BGP and implement a single static route for each internal network.
- D. Implement a BGP route reflector.
Answer: A
Explanation:
Defenses against BGP hijacks include IP prefix filtering, meaning IP address announcements are sent and accepted only from a small set of well-defined autonomous systems, and monitoring Internet traffic to identify signs of abnormal traffic flows.
NEW QUESTION # 102
A security engineer needs to recommend a solution that will meet the following requirements:
Identify sensitive data in the provider's network
Maintain compliance with company and regulatory guidelines
Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements?
- A. SWG
- B. DLP
- C. CASB
- D. WAF
Answer: C
NEW QUESTION # 103
An analyst execute a vulnerability scan against an internet-facing DNS server and receives the following report:
Which of the following tools should the analyst use FIRST to validate the most critical vulnerability?
- A. Port scanner
- B. Password cracker
- C. Exploitation framework
- D. Account enumerator
Answer: B
NEW QUESTION # 104
A security administrator configured the account policies per security implementation guidelines. However, the accounts still appear to be susceptible to brute-force attacks. The following settings meet the existing compliance guidelines:
Must have a minimum of 15 characters
Must use one number
Must use one capital letter
Must not be one of the last 12 passwords used
Which of the following policies should be added to provide additional security?
- A. Password complexity
- B. Shared accounts
- C. Account lockout
- D. Time-based logins
- E. Password history
Answer: C
NEW QUESTION # 105
A security analyst is reviewing the following vulnerability assessment report:
Which of the following should be patched FIRST to minimize attacks against Internet-facing hosts?
- A. Server1
- B. Server 3
- C. Server2
- D. Servers
Answer: A
NEW QUESTION # 106
A small business requires a low-cost approach to theft detection for the audio recordings it produces and sells.
Which of the following techniques will MOST likely meet the business's needs?
- A. Implementing steganography
- B. Performing deep-packet inspection of all digital audio files
- C. Purchasing and installing a DRM suite
- D. Adding identifying filesystem metadata to the digital audio files
Answer: A
NEW QUESTION # 107
......
CompTIA CAS-004 Real 2023 Braindumps Mock Exam Dumps: https://www.suretorrent.com/CAS-004-exam-guide-torrent.html
CompTIA CAS-004 Actual Questions and 100% Cover Real Exam Questions: https://drive.google.com/open?id=11Q4vUUEiW4uNmADef5q5rA1-fRIZqZ1s