ExamGecko
Home / CompTIA / CAS-004 / List of questions
Ask Question

CompTIA CAS-004 Practice Test - Questions Answers, Page 16

List of questions

Question 151

Report Export Collapse

A company's Chief Information Security Officer is concerned that the company's proposed move to the cloud could lead to a lack of visibility into network traffic flow logs within the VPC.

Which of the following compensating controls would be BEST to implement in this situation?

EDR
EDR
SIEM
SIEM
HIDS
HIDS
UEBA
UEBA
Suggested answer: B
asked 02/10/2024
Santosh Kumar
45 questions

Question 152

Report Export Collapse

A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization. The legal department provided the security team with a list of search terms to investigate.

This is an example of:

due intelligence
due intelligence
e-discovery.
e-discovery.
due care.
due care.
legal hold.
legal hold.
Suggested answer: A
asked 02/10/2024
Fermin Paneque Cabrera
44 questions

Question 153

Report Export Collapse

Which of the following protocols is a low power, low data rate that allows for the creation of PAN networks?

Zigbee
Zigbee
CAN
CAN
DNP3
DNP3
Modbus
Modbus
Suggested answer: A
asked 02/10/2024
Kingsley Tibs
44 questions

Question 154

Report Export Collapse

An organization's assessment of a third-party, non-critical vendor reveals that the vendor does not have cybersecurity insurance and IT staff turnover is high. The organization uses the vendor to move customer office equipment from one service location to another. The vendor acquires customer data and access to the business via an API.

Given this information, which of the following is a noted risk?

Feature delay due to extended software development cycles
Feature delay due to extended software development cycles
Financial liability from a vendor data breach
Financial liability from a vendor data breach
Technical impact to the API configuration
Technical impact to the API configuration
The possibility of the vendor's business ceasing operations
The possibility of the vendor's business ceasing operations
Suggested answer: A
asked 02/10/2024
Vahit Erciyas
46 questions

Question 155

Report Export Collapse

A cybersecurity analyst discovered a private key that could have been exposed.

Which of the following is the BEST way for the analyst to determine if the key has been compromised?

HSTS
HSTS
CRL
CRL
CSRs
CSRs
OCSP
OCSP
Suggested answer: C
asked 02/10/2024
nico farina
45 questions

Question 156

Report Export Collapse

A security administrator configured the account policies per security implementation guidelines. However, the accounts still appear to be susceptible to brute-force attacks. The following settings meet the existing compliance guidelines:

Must have a minimum of 15 characters

Must use one number

Must use one capital letter

Must not be one of the last 12 passwords used

Which of the following policies should be added to provide additional security?

Shared accounts
Shared accounts
Password complexity
Password complexity
Account lockout
Account lockout
Password history
Password history
Time-based logins
Time-based logins
Suggested answer: C
asked 02/10/2024
Muhammad Gul
46 questions

Question 157

Report Export Collapse

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic.

When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the network?

Packets that are the wrong size or length
Packets that are the wrong size or length
Use of any non-DNP3 communication on a DNP3 port
Use of any non-DNP3 communication on a DNP3 port
Multiple solicited responses over time
Multiple solicited responses over time
Application of an unsupported encryption algorithm
Application of an unsupported encryption algorithm
Suggested answer: C
asked 02/10/2024
Aur ROULIC
38 questions

Question 158

Report Export Collapse

A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence.

Which of the following techniques would BEST support this?

Configuring systemd services to run automatically at startup
Configuring systemd services to run automatically at startup
Creating a backdoor
Creating a backdoor
Exploiting an arbitrary code execution exploit
Exploiting an arbitrary code execution exploit
Moving laterally to a more authoritative server/service
Moving laterally to a more authoritative server/service
Suggested answer: B
asked 02/10/2024
SAI CHARAN TANGELLA
39 questions

Question 159

Report Export Collapse

Technicians have determined that the current server hardware is outdated, so they have decided to throw it out.

Prior to disposal, which of the following is the BEST method to use to ensure no data remnants can be recovered?

Drive wiping
Drive wiping
Degaussing
Degaussing
Purging
Purging
Physical destruction
Physical destruction
Suggested answer: B
asked 02/10/2024
Mounir Mrabet
45 questions

Question 160

Report Export Collapse

A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence.

Which of the following offers an authoritative decision about whether the evidence was obtained legally?

Lawyers
Lawyers
Court
Court
Upper management team
Upper management team
Police
Police
Suggested answer: A
asked 02/10/2024
Nadja Burkart
36 questions
Total 564 questions
Go to page: of 57
Search

Related questions