Some end users of an e-commerce website are reporting a delay when browsing pages. The website uses TLS 1.2. A security architect for the website troubleshoots by connecting from home to thewebsite and capturing tramc via Wire-shark. The security architect finds that the issue is the time required to validate the certificate. Which of the following solutions should the security architectrecommend?

Implementing OCSP stapling on the server

Adding more nodes to the web server clusters

Changing the cipher algorithm used on the web server

Implementing OCSP stapling on the server

A security architect is tasked with securing a new cloud-based videoconferencing and collaboration platform to support a new distributed workforce. The security architect's key objectives are to:* Maintain customer trust* Minimize data leakage* Ensure non-repudiationWhich of the following would be the BEST set of recommendations from the security architect?

Disable file exchange, enable watermarking, and enable the user authentication requirement.

Enable the user authentication requirement, enable end-to-end encryption, and enable waiting rooms.

Disable file exchange, enable watermarking, and enable the user authentication requirement.

Enable end-to-end encryption, disable video recording, and disable file exchange.

Enable watermarking, enable the user authentication requirement, and disable video recording.

An investigator is attempting to determine if recent data breaches may be due to issues with a company's web server that offers news subscription services. The investigator has gathered the followingdata:* Clients successfully establish TLS connections to web services provided by the server.* After establishing the connections, most client connections are renegotiated* The renegotiated sessions use cipher suite SHR.Which of the following is the MOST likely root cause?

An entity is performing downgrade attacks on path

The clients disallow the use of modern cipher suites

The web server is misconfigured to support HTTP/1.1.

A ransomware payload dropper has been installed

An entity is performing downgrade attacks on path

A company has decided that only administrators are permitted to use PowerShell on their Windows computers. Which of the following is the BEST way for an administrator to implement this decision?

Configure user settings in Group Policy.

Monitor the Application and Services Logs group within Windows Event Log.

Uninstall PowerSheII from all workstations.

Configure user settings in Group Policy.

Provide user education and training.

An engineering team has deployed a new VPN service that requires client certificates to be used in order to successfully connect. On iOS devices, however, the following error occurs after importing the .p12 certificate file:mbedTLS: ca certificate undefinedWhich of the following is the root cause of this issue?

The iOS keychain imported only the client public and private keys.

iOS devices have an empty root certificate chain by default.

OpenSSL is not configured to support PKCS#12 certificate files.

The VPN client configuration is missing the CA private key.

The iOS keychain imported only the client public and private keys.

A security consultant is designing an infrastructure security solution for a client company that has provided the following requirements:* Access to critical web services at the edge must be redundant and highly available.* Secure access services must be resilient to a proprietary zero-day vulnerability in a single component.* Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff.Which of the following solutions BEST meets these requirements?

Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks.

Implementation of multiple IPSec VPN solutions with diverse endpoint configurations enabling user optionality in the selection of a remote access provider

Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks.

Two separate secure access solutions orchestrated by SOAR with components provided by the same vendor for compatibility.

Reverse TLS proxy configuration using OpenVPN/OpenSSL with scripted failover functionality that connects critical web services out to endpoint computers.

A security solution uses a sandbox environment to execute zero-day software and collect indicators of compromise. Which of the following should the organization do to BEST take advantage of this solution?

Deliver an updated threat signature throughout the EDR system

Develop an Nmap plug-in to detect the indicator of compromise.

Update the organization's group policy.

Include the signature in the vulnerability scanning tool.

Deliver an updated threat signature throughout the EDR system

A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.Which of the following scan types will provide the systems administrator with the MOST accurate information?

A passive, non-credentialed scan

An active, non-credentialed scan

A networking team asked a security administrator to enable Flash on its web browser. The networking team explained that an important legacy embedded system gathers SNMP information from various devices. The system can only be managed through a web browser running Flash. The embedded system will be replaced within the year but is still critical at the moment.Which of the following should the security administrator do to mitigate the risk?

Isolate the management interface to a private VLAN where a legacy browser in a VM can be used as needed to manage the system.

Explain to the networking team the reason Flash is no longer available and insist the team move up the timetable for replacement.

Air gap the legacy system from the network and dedicate a laptop with an end-of-life OS on it to connect to the system via crossover cable for management.

Suggest that the networking team contact the original embedded system's vendor to get an update to the system that does not require Flash.

Isolate the management interface to a private VLAN where a legacy browser in a VM can be used as needed to manage the system.

A host on a company's network has been infected by a worm that appears to be spreading via SMB. A security analyst has been tasked with containing the incident while also maintaining evidence for a subsequent investigation and malware analysis.Which of the following steps would be best to perform FIRST?

Isolate the infected host from the network by removing all network connections.

Turn off the infected host immediately.

Run a full anti-malware scan on the infected host.

Modify the smb.conf file of the host to prevent outgoing SMB connections.

Isolate the infected host from the network by removing all network connections.

A company's product site recently had failed API calls, resulting in customers being unable to check out and purchase products. This type of failure could lead to the loss of customers and damage to the company's reputation in the market.Which of the following should the company implement to address the risk of system unavailability?

User and entity behavior analytics

Which of the following represents the MOST significant benefit of implementing a passwordless authentication solution?

The likelihood of account compromise is reduced.

Biometric authenticators are immutable.

The likelihood of account compromise is reduced.

Which of the following is a risk associated with SDN?

Increased hardware management costs

Reduced visibility of scaling capabilities

Which of the following objectives BEST supports leveraging tabletop exercises in business continuity planning?

Assess the effectiveness of documented processes against a realistic scenario.

Determine the optimal placement of hot/warm sites within the enterprise architecture.

Create new processes for identified gaps in continuity planning.

Establish new staff roles and responsibilities for continuity of operations.

Assess the effectiveness of documented processes against a realistic scenario.

A significant weather event caused all systems to fail over to the disaster recovery site successfully. However, successful data replication has not occurred in the last six months, which has resulted inthe service being unavailable. V*Vh1ch of the following would BEST prevent this scenario from happening again?

Implementing scheduled, full interruption tests

Performing routine tabletop exercises

Implementing scheduled, full interruption tests

Performing department disaster recovery walk-throughs

Company A acquired Company B. During an initial assessment, the companies discover they are using the same SSO system. To help users with the transition, Company A is requiring the following:* Before the merger is complete, users from both companies should use a single set of usernames and passwords.* Users in the same departments should have the same set of rights and privileges, but they should have different sets of rights and privileges if they have different IPs.* Users from Company B should be able to access Company A's available resources.Which of the following are the BEST solutions? (Select TWO).

Establishing one-way trust from Company B to Company A

Implementing attribute-based access control

Installing new Group Policy Object policies

Establishing one-way trust from Company B to Company A

Enabling multifactor authentication

Implementing attribute-based access control

Installing Company A's Kerberos systems in Company B's network

A network administrator for a completely air-gapped and closed system has noticed that anomalous external files have been uploaded to one of the critical servers. The administrator has reviewed logs in the SIEM that were collected from security appliances, network infrastructure devices, and endpoints. Which of the following processes, if executed, would be MOST likely to expose an attacker?

Reviewing video from IP cameras within the facility

Reconfiguring the SIEM connectors to collect data from the perimeter network hosts

Implementing integrity checks on endpoint computing devices

Looking for privileged credential reuse on the network

An organization is moving its intellectual property data from on premises to a CSP and wants to secure the data from theft. Which of the following can be used to mitigate this risk?

An additional layer of encryption

A third-party data integrity monitoring solution

A complete backup that is created before moving the data

Additional application firewall rules specific to the migration

A hospitality company experienced a data breach that included customer Pll. The hacker used social engineering to convince an employee to grant a third-party application access to some company documents within a cloud file storage service. Which of the following is the BEST solution to help prevent this type of attack in the future?

CASB for OAuth application permission control

NGFW for web traffic inspection and activity monitoring

CSPM for application configuration control

Targeted employee training and awareness exercises

CASB for OAuth application permission control

A consultant needs access to a customer's cloud environment. The customer wants to enforce the following engagement requirements:* All customer data must remain under the control of the customer at all times.* Third-party access to the customer environment must be controlled by the customer.* Authentication credentials and access control must be under the customer's control.Which of the following should the consultant do to ensure all customer requirements are satisfied when accessing the cloud environment?

use the customer-provided VDI solution to perform work on the customer's environment.

use the customer's SSO with read-only credentials and share data using the customer's provisioned secure network storage

use the customer-provided VDI solution to perform work on the customer's environment.

Provide code snippets to the customer and have the customer run code and securely deliver its output

Request API credentials from the customer and only use API calls to access the customer's environment.

CompTIA CAS-004 Practice Test 8 - Free Online Exam Questions 281-320

A security manager wants to transition the organization to a zero trust architecture. To meet this requirement, the security manager has instructed administrators to remove trusted zones, role-based access, and one-time authentication. Which of the following will need to be implemented to achieve this objective? (Select THREE).

Become a Premium Member for full access

Unlock Premium Member

CompTIA CAS-004 Practice Test 8

Question

CompTIA CAS-004 Practice Tests

Practice Tests