If you are looking for free CAS-004 dumps than here we have some sample question answers available. You can prepare from our CompTIA CAS-004 exam questions notes and prepare exam with this practice test. Check below our updated CAS-004 exam dumps.
DumpsGroup are top class study material providers and our inclusive range of CAS-004 Real exam questions would be your key to success in CompTIA CompTIA CASP Certification Exam in just first attempt. We have an excellent material covering almost all the topics of CompTIA CAS-004 exam. You can get this material in CompTIA CAS-004 PDF and CAS-004 practice test engine formats designed similar to the Real Exam Questions. Free CAS-004 questions answers and free CompTIA CAS-004 study material is available here to get an idea about the quality and accuracy of our study material.
Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?
A company is moving most of its customer-facing production systems to the cloud-facingproduction systems to the cloud. IaaS is the service model being used. The ChiefExecutive Officer is concerned about the type of encryption available and requires thesolution must have the highest level of security.Which of the following encryption methods should the cloud security engineer select duringthe implementation phase?
Which of the following is required for an organization to meet the ISO 27018 standard?
A security architect works for a manufacturing organization that has many different branchoffices. The architect is looking for a way to reduce traffic and ensure the branch officesreceive the latest copy of revoked certificates issued by the CA at the organization’sheadquarters location. The solution must also have the lowest power requirement on theCA.Which of the following is the BEST solution?
Which of the following controls primarily detects abuse of privilege but does not prevent it?
During a remodel, a company’s computer equipment was moved to a secure storage roomwith cameras positioned on both sides of the door. The door is locked using a card readerissued by the security team, and only the security team and department managers haveaccess to the room. The company wants to be able to identify any unauthorized individualswho enter the storage room by following an authorized employee.Which of the following processes would BEST satisfy this requirement?
A security architect was asked to modify an existing internal network design toaccommodate the following requirements for RDP:• Enforce MFA for RDP• Ensure RDP connections are only allowed with secure ciphers.The existing network is extremely complex and not well segmented. Because of theselimitations, the company has requested that the connections not be restricted by networklevelfirewalls Of ACLs.Which of the following should the security architect recommend to meet theserequirements?
A company is looking at sending historical backups containing customer PII to a cloudservice provider to save on storage costs. Which of the following is the MOST importantconsideration before making this decision?
Clients are reporting slowness when attempting to access a series of load-balanced APIsthat do not require authentication. The servers that host the APIs are showing heavy CPUutilization. No alerts are found on the WAFs sitting in front of the APIs.Which of the following should a security engineer recommend to BEST remedy theperformance issues in a timely manner?
An organization is referencing NIST best practices for BCP creation while reviewing currentinternal organizational processes for mission-essential items.Which of the following phases establishes the identification and prioritization of criticalsystems and functions?
A developer wants to develop a secure external-facing web application. The developer islooking for an online community that produces tools, methodologies, articles, anddocumentation in the field ofweb-application security Which of the following is the BEST option?
An organization recently recovered from an attack that featured an adversary injectingMalicious logic into OS bootloaders on endpoint devices Therefore, the organizationdecided to require the use of TPM for measured boot and attestation, monitoring eachcomponent from the IJEFI through the full loading of OS components. of the following TPMstructures enables this storage functionality?
A SOC analyst is reviewing malicious activity on an external, exposed web server. During the investigation, the analyst determines specific traffic is not being logged, and there is novisibility from the WAF for the web application.Which of the following is the MOST likely cause?
A Chief Information Officer (CIO) wants to implement a cloud solution that will satisfy thefollowing requirements:Support all phases of the SDLC.Use tailored website portal software.Allow the company to build and use its own gateway software.Utilize its own data management platform.Continue using agent-based security tools.Which of the following cloud-computing models should the CIO implement?
A small business requires a low-cost approach to theft detection for the audio recordings itproduces and sells.Which of the following techniques will MOST likely meet the business’s needs?
Which of the following is the BEST disaster recovery solution when resources are runningin a cloud environment?
Which of the following is the MOST important cloud-specific risk from the CSP’s viewpoint?
Which of the following agreements includes no penalties and can be signed by two entitiesthat are working together toward the same goal?
A review of the past year’s attack patterns shows that attackers stopped reconnaissanceafter finding a susceptible system to compromise. The company would like to find a way touse this information to protect the environment while still gaining valuable attackinformation.Which of the following would be BEST for the company to implement?
A threat hunting team receives a report about possible APT activity in the network.Which of the following threat management frameworks should the team implement?
A security analyst is performing a vulnerability assessment on behalf of a client. Theanalyst must define what constitutes a risk to the organization.Which of the following should be the analyst’s FIRST action?
A cybersecurity analyst discovered a private key that could have been exposed.Which of the following is the BEST way for the analyst to determine if the key has beencompromised?
A penetration tester obtained root access on a Windows server and, according to the rulesof engagement, is permitted to perform post-exploitation for persistence.Which of the following techniques would BEST support this?
Immediately following the report of a potential breach, a security engineer creates aforensic image of the server in question as part of the organization incident responseprocedure. Which of the must occur to ensure the integrity of the image?
A company that all mobile devices be encrypted, commensurate with the full disk encryption scheme of assets, such as workstation, servers, and laptops. Which of thefollowing will MOST likely be a limiting factor when selecting mobile device managers forthe company?
A security consultant needs to set up wireless security for a small office that does not haveActive Directory. Despite the lack of central account management, the office managerwants to ensure a high level of defense to prevent brute-force attacks against wirelessauthentication.Which of the following technologies would BEST meet this need?
A security analyst is reviewing network connectivity on a Linux workstation and examiningthe active TCP connections using the command line.Which of the following commands would be the BEST to run to view only active Internetconnections?
Which of the following terms refers to the delivery of encryption keys to a CASB or a thirdpartyentity?
A software house is developing a new application. The application has the followingrequirements:Reduce the number of credential requests as much as possibleIntegrate with social networksAuthenticate usersWhich of the following is the BEST federation method to use for the application?
The Chief information Officer (CIO) wants to establish a non-banding agreement with athird party that outlines the objectives of the mutual arrangement dealing with datatransfers between both organizations before establishing a format partnership. Which of thefollow would MOST likely be used?
A security analyst wants to keep track of alt outbound web connections from workstations.The analyst's company uses an on-premises web filtering solution that forwards theoutbound traffic to a perimeter firewall. When the security analyst gets the connectionevents from the firewall, the source IP of the outbound web traffic is the translated IP of theweb filtering solution. Considering this scenario involving source NAT. which of thefollowing would be the BEST option to inject in the HTTP header to include the real sourceIP from workstations?
A security engineer at a company is designing a system to mitigate recent setbacks causedcompetitors that are beating the company to market with the new products. Several of theproducts incorporate propriety enhancements developed by the engineer’s company. Thenetwork already includes a SEIM and a NIPS and requires 2FA for all user access. Whichof the following system should the engineer consider NEXT to mitigate the associatedrisks?
A security is assisting the marketing department with ensuring the security of theorganization’s social media platforms. The two main concerns are:The Chief marketing officer (CMO) email is being used department wide as the usernameThe password has been shared within the departmentWhich of the following controls would be BEST for the analyst to recommend?
A security engineer needs to recommend a solution that will meet the followingrequirements:Identify sensitive data in the provider’s networkMaintain compliance with company and regulatory guidelinesDetect and respond to insider threats, privileged user threats, and compromised accountsEnforce datacentric security, such as encryption, tokenization, and access controlWhich of the following solutions should the security engineer recommend to address theserequirements?
A local government that is investigating a data exfiltration claim was asked to review thefingerprint of the malicious user's actions. An investigator took a forensic image of the VMan downloaded the image to a secured USB drive to share with the government. Which ofthe following should be taken into consideration during the process of releasing the drive tothe government?
The OS on several servers crashed around the same time for an unknown reason. Theservers were restored to working condition, and all file integrity was verified. Which of thefollowing should the incident response team perform to understand the crash and prevent itin the future?
A company’s product site recently had failed API calls, resulting in customers being unableto check out and purchase products. This type of failure could lead to the loss of customersand damage to the company’s reputation in the market. Which of the following should the company implement to address the risk of systemunavailability?
A company wants to quantify and communicate the effectiveness of its security controls butmust establish measures. Which of the following is MOST likely to be included in aneffective assessment roadmap for these controls?
An attack team performed a penetration test on a new smart card system. The team demonstrated that by subjecting the smart card to high temperatures, the secret key couldbe revealed.Which of the following side-channel attacks did the team use?
A forensic investigator would use the foremost command for:
A security analyst receives an alert from the SIEM regarding unusual activity on anauthorized public SSH jump server. To further investigate, the analyst pulls the event logsdirectly from /var/log/auth.log: graphic.ssh_auth_log.Which of the following actions would BEST address the potential risks by the activity in thelogs?
A company requires a task to be carried by more than one person concurrently. This is anexample of:
A high-severity vulnerability was found on a web application and introduced to theenterprise. The vulnerability could allow an unauthorized user to utilize an open-sourcelibrary to view privileged user information. The enterprise is unwilling to accept the risk, butthe developers cannot fix the issue right away.Which of the following should be implemented to reduce the risk to an acceptable level untilthe issue can be fixed?
A high-severity vulnerability was found on a web application and introduced to theenterprise. The vulnerability could allow an unauthorized user to utilize an open-sourcelibrary to view privileged user information. The enterprise is unwilling to accept the risk, butthe developers cannot fix the issue right away.Which of the following should be implemented to reduce the risk to an acceptable level untilthe issue can be fixed?
A security engineer needs 10 implement a CASB to secure employee user web traffic. AKey requirement is mat relevant event data must be collected from existing on-premisesinfrastructure components and consumed by me CASB to expand traffic visibility. Thesolution must be nighty resilient to network outages. Which of the following architecturalcomponents would BEST meet these requirements?
An attacker infiltrated the code base of a hardware manufacturer and inserted malwarebefore the code was compiled. The malicious code is now running at the hardware levelacross a number of industries and sectors. Which of the following categories BESTdescribes this type of vendor risk?
Due to adverse events, a medium-sized corporation suffered a major operational disruptionthat caused its servers to crash and experience a major power outage. Which of thefollowing should be created to prevent this type of issue in the future?
A pharmaceutical company recently experienced a security breach within its customerfacingweb portal. The attackers performed a SQL injection attack and exported tables fromthe company’s managed database, exposing customer information.The company hosts the application with a CSP utilizing the IaaS model. Which of thefollowing parties is ultimately responsible for the breach?
The Chief information Officer (CIO) of a large bank, which uses multiple third-partyorganizations to deliver a service, is concerned about the handling and security ofcustomer data by the parties. Which of the following should be implemented to BESTmanage the risk?
An organization developed a social media application that is used by customers in multipleremote geographic locations around the world. The organization’s headquarters and onlydatacenter are located in New York City. The Chief Information Security Officer wants toensure the following requirements are met for the social media application:Low latency for all mobile users to improve the users’ experienceSSL offloading to improve web server performanceProtection against DoS and DDoS attacksHigh availabilityWhich of the following should the organization implement to BEST ensure all requirementsare met?
An organization’s existing infrastructure includes site-to-site VPNs between datacenters. Inthe past year, a sophisticated attacker exploited a zero-day vulnerability on the VPNconcentrator. Consequently,the Chief Information Security Officer (CISO) is making infrastructure changes to mitigatethe risk of service loss should another zero-day exploit be used against the VPN solution.Which of the following designs would be BEST for the CISO to use?
Company A is establishing a contractual with Company B. The terms of the agreement areformalized in a document covering the payment terms, limitation of liability, and intellectualproperty rights. Which of the following documents will MOST likely contain these elements
The Chief Information Security Officer of a startup company has asked a security engineerto implement a software security program in an environment that previously had littleoversight.Which of the following testing methods would be BEST for the engineer to utilize in thissituation?
A company is looking for a solution to hide data stored in databases. The solution mustmeet the following requirements:Be efficient at protecting the production environmentNot require any change to the applicationAct at the presentation layerWhich of the following techniques should be used?
An organization requires a contractual document that includes• An overview of what is covered• Goals and objectives• Performance metrics for each party• A review of how the agreement is managed by all partiesWhich of the following BEST describes this type of contractual document?
A large telecommunications equipment manufacturer needs to evaluate the strengths ofsecurity controls in a new telephone network supporting first responders. Which of thefollowing techniques would the company use to evaluate data confidentiality controls?
A municipal department receives telemetry data from a third-party provider The servercollecting telemetry sits in the municipal departments screened network and acceptsconnections from the third party over HTTPS. The daemon has a code executionvulnerability from a lack of input sanitization of out-of-bound messages, and therefore, thecybersecurity engineers would like to Implement nsk mitigations. Which of the followingactions, if combined, would BEST prevent exploitation of this vulnerability? (Select TWO).
An organization’s assessment of a third-party, non-critical vendor reveals that the vendordoes not have cybersecurity insurance and IT staff turnover is high. The organization usesthe vendor to move customer office equipment from one service location to another. Thevendor acquires customer data and access to the business via an API.Given this information, which of the following is a noted risk?
A business stores personal client data of individuals residing in the EU in order to processrequests for mortgage loan approvals.Which of the following does the business’s IT manager need to consider?
An application server was recently upgraded to prefer TLS 1.3, and now users are unableto connect their clients to the server. Attempts to reproduce the error are confirmed, andclients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCHWhich of the following is MOST likely the root cause?
The goal of a Chief information Security Officer (CISO) providing up-to-date metrics to abank’s risk committee is to ensure:
A company's Chief Information Officer wants to Implement IDS software onto the currentsystem's architecture to provide an additional layer of security. The software must be ableto monitor system activity, provide Information on attempted attacks, and provide analysisof malicious activities to determine the processes or users Involved. Which of the followingwould provide this information?
A company processes data subject to NDAs with partners that define the processing andstorage constraints for the covered data. The agreements currently do not permit movingthe covered data to the cloud, and the company would like to renegotiate the terms of theagreements.Which of the following would MOST likely help the company gain consensus to move thedata to the cloud?
While investigating a security event, an analyst finds evidence that a user opened an emailattachment from an unknown source. Shortly after the user opened the attachment, agroup of servers experienced a large amount of network and resource activity. Uponinvestigating the servers, the analyst discovers the servers were encrypted by ransomwarethat is demanding payment within 48 hours or all data will be destroyed. The company hasno response plans for ransomware.Which of the following is the NEXT step the analyst should take after reporting the incidentto the management team?
An engineering team is developing and deploying a fleet of mobile devices to be used forspecialized inventory management purposes. These devices should:* Be based on open-source Android for user familiarity and ease.* Provide a single application for inventory management of physical assets.* Permit use of the camera be only the inventory application for the purposes of scanning* Disallow any and all configuration baseline modifications.* Restrict all access to any device resource other than those requirement ?
A development team created a mobile application that contacts a company’s back-endAPIs housed in a PaaS environment. The APIs have been experiencing high processorutilization due to scraping activities. The security engineer needs to recommend a solutionthat will prevent and remedy the behavior.Which of the following would BEST safeguard the APIs? (Choose two.)