ExamGecko
Search Search Login
Home Home / CompTIA / CAS-004

CompTIA CAS-004 Practice Test - Questions Answers, Page 14

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
An loT device implements an encryption module built within its SoC where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware Which of the following should the loT manufacture do if the private key is compromised?
A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours. Based on RPO requirements, which of the following recommendations should the management team make?
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive. Based on the output above, from which of the following process IDs can the analyst begin an investigation?
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services. Each user will have a unique allow list defined for access. The system will construct one-to-one subject/object access paths dynamically. Which of the following architectural designs should the organization use to meet these requirements?
in a situation where the cost of anti-malware exceeds the potential loss from a malware threat, which of the following is the most cost-effective risk response?
A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed Data on this network must be protected at the same level of each clearance holder The need to know must be vended by the data owner Which of the following should the security officer do to meet these requirements?
An internal security assessor identified large gaps in a company's IT asset inventory system during a monthly asset review. The assessor is aware of an external audit that is underway. In an effort to avoid external findings, the assessor chooses not to report the gaps in the inventory system. Which of the following legal considerations is the assessor directly violating?

Question 131

Report
Export
Collapse

An engineering team is developing and deploying a fleet of mobile devices to be used for specialized inventory management purposes. These devices should:

* Be based on open-source Android for user familiarity and ease.

* Provide a single application for inventory management of physical assets.

* Permit use of the camera be only the inventory application for the purposes of scanning

* Disallow any and all configuration baseline modifications.

* Restrict all access to any device resource other than those requirement ?

A.
Set an application wrapping policy, wrap the application, distributes the inventory APK via the MAM tool, and test the application restrictions.
A.
Set an application wrapping policy, wrap the application, distributes the inventory APK via the MAM tool, and test the application restrictions.
Answers
B.
Write a MAC sepolicy that defines domains with rules, label the inventory application, build the policy, and set to enforcing mode.
B.
Write a MAC sepolicy that defines domains with rules, label the inventory application, build the policy, and set to enforcing mode.
Answers
C.
Swap out Android Linux kernel version for >2,4,0, but the internet build Android, remove unnecessary functions via MDL, configure to block network access, and perform integration testing
C.
Swap out Android Linux kernel version for >2,4,0, but the internet build Android, remove unnecessary functions via MDL, configure to block network access, and perform integration testing
Answers
D.
Build and install an Android middleware policy with requirements added, copy the file into/ user/init, and then built the inventory application.
D.
Build and install an Android middleware policy with requirements added, copy the file into/ user/init, and then built the inventory application.
Answers
Suggested answer: A

Question 132

Report
Export
Collapse

A company's employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email traveling . Which of the following is the MOST likely explanation? (Select TWO.)

A.
Outdated escalation attack
A.
Outdated escalation attack
Answers
B.
Privilege escalation attack
B.
Privilege escalation attack
Answers
C.
VPN on the mobile device
C.
VPN on the mobile device
Answers
D.
Unrestricted email administrator accounts
D.
Unrestricted email administrator accounts
Answers
E.
Chief use of UDP protocols
E.
Chief use of UDP protocols
Answers
F.
Disabled GPS on mobile devices
F.
Disabled GPS on mobile devices
Answers
Suggested answer: C, F

Explanation:


Question 133

Report
Export
Collapse

A Chief information Security Officer (CISO) has launched to create a rebuts BCP/DR plan for the entire company. As part of the initiative , the security team must gather data supporting s operational importance for the applications used by the business and determine the order in which the application must be back online. Which of the following be the FIRST step taken by the team?

A.
Perform a review of all policies an procedures related to BGP a and DR and created an educated educational module that can be assigned to at employees to provide training on BCP/DR events.
A.
Perform a review of all policies an procedures related to BGP a and DR and created an educated educational module that can be assigned to at employees to provide training on BCP/DR events.
Answers
B.
Create an SLA for each application that states when the application will come back online and distribute this information to the business units.
B.
Create an SLA for each application that states when the application will come back online and distribute this information to the business units.
Answers
C.
Have each business unit conduct a BIA and categories the application according to the cumulative data gathered.
C.
Have each business unit conduct a BIA and categories the application according to the cumulative data gathered.
Answers
D.
Implement replication of all servers and application data to back up detacenters that are geographically from the central datacenter and release an upload BPA to all clients.
D.
Implement replication of all servers and application data to back up detacenters that are geographically from the central datacenter and release an upload BPA to all clients.
Answers
Suggested answer: C

Question 134

Report
Export
Collapse

An organization developed a social media application that is used by customers in multiple remote geographic locations around the world. The organization's headquarters and only datacenter are located in New York City. The Chief Information Security Officer wants to ensure the following requirements are met for the social media application:

Low latency for all mobile users to improve the users' experience

SSL offloading to improve web server performance

Protection against DoS and DDoS attacks

High availability

Which of the following should the organization implement to BEST ensure all requirements are met?

A.
A cache server farm in its datacenter
A.
A cache server farm in its datacenter
Answers
B.
A load-balanced group of reverse proxy servers with SSL acceleration
B.
A load-balanced group of reverse proxy servers with SSL acceleration
Answers
C.
A CDN with the origin set to its datacenter
C.
A CDN with the origin set to its datacenter
Answers
D.
Dual gigabit-speed Internet connections with managed DDoS prevention
D.
Dual gigabit-speed Internet connections with managed DDoS prevention
Answers
Suggested answer: B

Question 135

Report
Export
Collapse

A security architect is reviewing the following proposed corporate firewall architecture and configuration:

Both firewalls are stateful and provide Layer 7 filtering and routing. The company has the following requirements:

Web servers must receive all updates via HTTP/S from the corporate network.

Web servers should not initiate communication with the Internet.

Web servers should only connect to preapproved corporate database servers.

Employees' computing devices should only connect to web services over ports 80 and 443.

Which of the following should the architect recommend to ensure all requirements are met in the MOST secure manner? (Choose two.)

A.
Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP 80,443
A.
Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP 80,443
Answers
B.
Add the following to Firewall_A: 15 PERMIT FROM 192.168.1.0/24 TO 0.0.0.0 TCP 80,443
B.
Add the following to Firewall_A: 15 PERMIT FROM 192.168.1.0/24 TO 0.0.0.0 TCP 80,443
Answers
C.
Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP/UDP 0-65535
C.
Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP/UDP 0-65535
Answers
D.
Add the following to Firewall_B: 15 PERMIT FROM 0.0.0.0/0 TO 10.0.0.0/16 TCP/UDP 0-65535
D.
Add the following to Firewall_B: 15 PERMIT FROM 0.0.0.0/0 TO 10.0.0.0/16 TCP/UDP 0-65535
Answers
E.
Add the following to Firewall_B: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0 TCP/UDP 0-65535
E.
Add the following to Firewall_B: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0 TCP/UDP 0-65535
Answers
F.
Add the following to Firewall_B: 15 PERMIT FROM 192.168.1.0/24 TO 10.0.2.10/32 TCP 80,443
F.
Add the following to Firewall_B: 15 PERMIT FROM 192.168.1.0/24 TO 10.0.2.10/32 TCP 80,443
Answers
Suggested answer: A, D

Question 136

Report
Export
Collapse

As part of the customer registration process to access a new bank account, customers are required to upload a number of documents, including their passports and driver's licenses. The process also requires customers to take a current photo of themselves to be compared against provided documentation.

Which of the following BEST describes this process?

A.
Deepfake
A.
Deepfake
Answers
B.
Know your customer
B.
Know your customer
Answers
C.
Identity proofing
C.
Identity proofing
Answers
D.
Passwordless
D.
Passwordless
Answers
Suggested answer: C

Question 137

Report
Export
Collapse

A user from the sales department opened a suspicious file attachment. The sales department then contacted the SOC to investigate a number of unresponsive systems, and the team successfully identified the file and the origin of the attack.

Which of the following is t he NEXT step of the incident response plan?

A.
Remediation
A.
Remediation
Answers
B.
Containment
B.
Containment
Answers
C.
Response
C.
Response
Answers
D.
Recovery
D.
Recovery
Answers
Suggested answer: B

Question 138

Report
Export
Collapse

A recent data breach stemmed from unauthorized access to an employee's company account with a cloud-based productivity suite. The attacker exploited excessive permissions granted to a third-party OAuth application to collect sensitive information.

Which of the following BEST mitigates inappropriate access and permissions issues?

A.
SIEM
A.
SIEM
Answers
B.
CASB
B.
CASB
Answers
C.
WAF
C.
WAF
Answers
D.
SOAR
D.
SOAR
Answers
Suggested answer: C

Question 139

Report
Export
Collapse

A security engineer is hardening a company's multihomed SFTP server. When scanning a public-facing network interface, the engineer finds the following ports are open:

22

25

110

137

138

139

445

Internal Windows clients are used to transferring files to the server to stage them for customer download as part of the company's distribution process.

Which of the following would be the BEST solution to harden the system?

A.
Close ports 110, 138, and 139. Bind ports 22, 25, and 137 to only the internal interface.
A.
Close ports 110, 138, and 139. Bind ports 22, 25, and 137 to only the internal interface.
Answers
B.
Close ports 25 and 110. Bind ports 137, 138, 139, and 445 to only the internal interface.
B.
Close ports 25 and 110. Bind ports 137, 138, 139, and 445 to only the internal interface.
Answers
C.
Close ports 22 and 139. Bind ports 137, 138, and 445 to only the internal interface.
C.
Close ports 22 and 139. Bind ports 137, 138, and 445 to only the internal interface.
Answers
D.
Close ports 22, 137, and 138. Bind ports 110 and 445 to only the internal interface.
D.
Close ports 22, 137, and 138. Bind ports 110 and 445 to only the internal interface.
Answers
Suggested answer: A

Question 140

Report
Export
Collapse

A recent data breach revealed that a company has a number of files containing customer data across its storage environment. These files are individualized for each employee and are used in tracking various customer orders, inquiries, and issues. The files are not encrypted and can be accessed by anyone. The senior management team would like to address these issues without interrupting existing processes.

Which of the following should a security architect recommend?

A.
A DLP program to identify which files have customer data and delete them
A.
A DLP program to identify which files have customer data and delete them
Answers
B.
An ERP program to identify which processes need to be tracked
B.
An ERP program to identify which processes need to be tracked
Answers
C.
A CMDB to report on systems that are not configured to security baselines
C.
A CMDB to report on systems that are not configured to security baselines
Answers
D.
A CRM application to consolidate the data and provision access based on the process and need
D.
A CRM application to consolidate the data and provision access based on the process and need
Answers
Suggested answer: D
Total 510 questions
Go to page: of 51
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms