[Jul 03, 2023] Pass CompTIA CAS-004 Exam Info and Free Practice Test [Q145-Q167]

4/5 - (1 vote)

[Jul 03, 2023] Pass CompTIA CAS-004 Exam Info and Free Practice Test

CAS-004 Exam Dumps PDF Updated Dump from DumpsTorrent Guaranteed Success

The CompTIA CASP+ certification exam consists of 90 multiple-choice and performance-based questions. The exam is designed to test the knowledge and skills of IT professionals in real-world scenarios. This means that the exam questions are based on actual situations that IT professionals might encounter in their day-to-day work. The exam is designed to be challenging, but also fair and relevant to the skills and knowledge required for the job.

QUESTION 145
A recent data breach revealed that a company has a number of files containing customer data across its storage environment. These files are individualized for each employee and are used in tracking various customer orders, inquiries, and issues. The files are not encrypted and can be accessed by anyone. The senior management team would like to address these issues without interrupting existing processes.
Which of the following should a security architect recommend?

A DLP program to identify which files have customer data and delete them

An ERP program to identify which processes need to be tracked

A CMDB to report on systems that are not configured to security baselines

A CRM application to consolidate the data and provision access based on the process and need

QUESTION 146
A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software. Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run in serial to restore nominal performance. The ISP wants this process to be automated.
Which of the following techniques would be BEST suited for this requirement?

Deploy SOAR utilities and runbooks.

Replace the associated hardware.

Provide the contractors with direct access to satellite telemetry data.

Reduce link latency on the affected ground and satellite segments.

QUESTION 147
Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.
Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

Implement rate limiting on the API.

Implement geoblocking on the WAF.

Implement OAuth 2.0 on the API.

Implement input validation on the API.

QUESTION 148
A company has moved its sensitive workloads lo the cloud and needs to ensure high availability and resiliency of its web-based application. The cloud architecture team was given the following requirements
* The application must run at 70% capacity at all times
* The application must sustain DoS and DDoS attacks.
* Services must recover automatically.
Which of the following should the cloud architecture team implement? (Select THREE).

Read-only replicas

BCP

Autoscaling

WAF

CDN

Encryption

Continuous snapshots

Containenzation

QUESTION 149
An organization is assessing the security posture of a new SaaS CRM system that handles sensitive Pll and identity information, such as passport numbers. The SaaS CRM system does not meet the organization’s current security standards. The assessment identifies the following:
1- There will be a $20,000 per day revenue loss for each day the system is delayed going into production.
2- The inherent risk is high.
3- The residual risk is low.
4- There will be a staged deployment to the solution rollout to the contact center.
Which of the following risk-handling techniques will BEST meet the organization’s requirements?

Apply for a security exemption, as the risk is too high to accept.

Transfer the risk to the SaaS CRM vendor, as the organization is using a cloud service.

Accept the risk, as compensating controls have been implemented to manage the risk.

Avoid the risk by accepting the shared responsibility model with the SaaS CRM provider.

QUESTION 150
A developer wants to develop a secure external-facing web application. The developer is looking for an online community that produces tools, methodologies, articles, and documentation in the field of
web-application security Which of the following is the BEST option?

ICANN

PCI DSS

OWASP

CSA

NIST

QUESTION 151
An organization’s existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently, the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.
Which of the following designs would be BEST for the CISO to use?

Adding a second redundant layer of alternate vendor VPN concentrators

Using Base64 encoding within the existing site-to-site VPN connections

Distributing security resources across VPN sites

Implementing IDS services with each VPN concentrator

Transitioning to a container-based architecture for site-based services

QUESTION 152
A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization.
Which of the following should be the analyst’s FIRST action?

Create a full inventory of information and data assets.

Ascertain the impact of an attack on the availability of crucial resources.

Determine which security compliance standards should be followed.

Perform a full system penetration test to determine the vulnerabilities.

QUESTION 153
An organization is implementing a new identity and access management architecture with the following objectives:
Supporting MFA against on-premises infrastructure
Improving the user experience by integrating with SaaS applications
Applying risk-based policies based on location
Performing just-in-time provisioning
Which of the following authentication protocols should the organization implement to support these requirements?

Kerberos and TACACS

SAML and RADIUS

OAuth and OpenID

OTP and 802.1X

QUESTION 154
Ann, a CIRT member, is conducting incident response activities on a network that consists of several hundred virtual servers and thousands of endpoints and users. The network generates more than 10,000 log messages per second. The enterprise belong to a large, web-based cryptocurrency startup, Ann has distilled the relevant information into an easily digestible report for executive management . However, she still needs to collect evidence of the intrusion that caused the incident. Which of the following should Ann use to gather the required information?

Traffic interceptor log analysis

Log reduction and visualization tools

Proof of work analysis

Ledger analysis software

QUESTION 155
A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line.
Which of the following commands would be the BEST to run to view only active Internet connections?

sudo netstat -antu | grep “LISTEN” | awk ‘{print$5}’

sudo netstat -nlt -p | grep “ESTABLISHED”

sudo netstat -plntu | grep -v “Foreign Address”

sudo netstat -pnut -w | column -t -s $’w’

sudo netstat -pnut | grep -P ^tcp

QUESTION 156
A vulnerability analyst identified a zero-day vulnerability in a company’s internally developed software. Since the current vulnerability management system does not have any checks for this vulnerability, an engineer has been asked to create one.
Which of the following would be BEST suited to meet these requirements?

ARF

ISACs

Node.js

OVAL

QUESTION 157
The goal of a Chief information Security Officer (CISO) providing up-to-date metrics to a bank’s risk committee is to ensure:

Budgeting for cybersecurity increases year over year.

The committee knows how much work is being done.

Business units are responsible for their own mitigation.

The bank is aware of the status of cybersecurity risks

QUESTION 158
A security analyst discovered that a database administrator’s workstation was compromised by malware. After examining the Jogs. the compromised workstation was observed connecting to multiple databases through ODBC. The following query behavior was captured:

Assuming this query was used to acquire and exfiltrate data, which of the following types of data was compromised, and what steps should the incident response plan contain?
A) Personal health information: Inform the human resources department of the breach and review the DLP logs.
) Account history; Inform the relationship managers of the breach and create new accounts for the affected users.
C) Customer IDs: Inform the customer service department of the breach and work to change the account numbers.
D) PAN: Inform the legal department of the breach and look for this data in dark web monitoring.

Option A

Option B

Option C

Option D

QUESTION 159
A security analyst discovered that the company’s WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests:

Which of the following would BEST mitigate this vulnerability?

CAPTCHA

Input validation

Data encoding

Network intrusion prevention

QUESTION 160
Leveraging cryptographic solutions to protect data that is in use ensures the data is encrypted:

when it is passed across a local network.

in memory during processing

when it is written to a system’s solid-state drive.

by an enterprise hardware security module.

QUESTION 161
Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?

Key sharing

Key distribution

Key recovery

Key escrow

QUESTION 162
A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One Of the requirements for the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which of the following would BEST achieve this objective?

Deploy endpoint agents that monitor local web traffic and control access according to centralized policy.

Deploy endpoint agents that monitor local web traffic to enforce DLP and encryption policies.

Implement cloud infrastructure to proxy all user web traffic and control access according to centralized policy.

Implement cloud infrastructure to proxy all user web traffic to enforce DI-P and encryption policies.

QUESTION 163
A threat analyst notices the following URL while going through the HTTP logs.

Which of the following attack types is the threat analyst seeing?

SQL injection

CSRF

Session hijacking

XSS

QUESTION 164
An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors.
Which of the following categories BEST describes this type of vendor risk?

SDLC attack

Side-load attack

Remote code signing

Supply chain attack

QUESTION 165
A cybersecurity analyst discovered a private key that could have been exposed.
Which of the following is the BEST way for the analyst to determine if the key has been compromised?

HSTS

CRL

CSRs

OCSP

QUESTION 166
An auditor Is reviewing the logs from a web application to determine the source of an Incident. The web application architecture Includes an Internet-accessible application load balancer, a number of web servers In a private subnet, application servers, and one database server In a tiered configuration. The application load balancer cannot store the logs. The following are sample log snippets:

Which of the following should the auditor recommend to ensure future incidents can be traced back to the sources?

Enable the x-Forwarded-For header al the load balancer.

Install a software-based HIDS on the application servers.

Install a certificate signed by a trusted CA.

Use stored procedures on the database server.

Store the value of the $_server ( ‘ REMOTE_ADDR ‘ ] received by the web servers.

QUESTION 167
An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following:
Unstructured data being exfiltrated after an employee leaves the organization
Data being exfiltrated as a result of compromised credentials
Sensitive information in emails being exfiltrated
Which of the following solutions should the security team implement to mitigate the risk of data loss?

Mobile device management, remote wipe, and data loss detection

Conditional access, DoH, and full disk encryption

Mobile application management, MFA, and DRM

Certificates, DLP, and geofencing

The CASP+ certification exam is designed for experienced IT professionals who are looking to advance their cybersecurity knowledge and skills. The exam covers various topics, such as enterprise security architecture and design, risk management, security operations and incident response, technical integration of enterprise security, research and collaboration, and governance, risk, and compliance. CASP+ certification holders are recognized for their ability to design and implement advanced-level security solutions for organizations, and their knowledge of the latest cybersecurity trends and technologies. The certification is also a requirement for many high-level cybersecurity positions in government agencies and defense organizations.

Pass Your CompTIA Exam with CAS-004 Exam Dumps: https://www.dumpstorrent.com/CAS-004-exam-dumps-torrent.html

[Jul 03, 2023] Pass CompTIA CAS-004 Exam Info and Free Practice Test [Q145-Q167]

admin

Leave a Reply Cancel reply