ExamGecko
Search Search Login
Home Home / CompTIA / CAS-004

CompTIA CAS-004 Practice Test - Questions Answers, Page 16

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
An loT device implements an encryption module built within its SoC where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware Which of the following should the loT manufacture do if the private key is compromised?
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours. Based on RPO requirements, which of the following recommendations should the management team make?
A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive. Based on the output above, from which of the following process IDs can the analyst begin an investigation?
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services. Each user will have a unique allow list defined for access. The system will construct one-to-one subject/object access paths dynamically. Which of the following architectural designs should the organization use to meet these requirements?
in a situation where the cost of anti-malware exceeds the potential loss from a malware threat, which of the following is the most cost-effective risk response?
A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed Data on this network must be protected at the same level of each clearance holder The need to know must be vended by the data owner Which of the following should the security officer do to meet these requirements?
An internal security assessor identified large gaps in a company's IT asset inventory system during a monthly asset review. The assessor is aware of an external audit that is underway. In an effort to avoid external findings, the assessor chooses not to report the gaps in the inventory system. Which of the following legal considerations is the assessor directly violating?

Question 151

Report
Export
Collapse

A company's Chief Information Security Officer is concerned that the company's proposed move to the cloud could lead to a lack of visibility into network traffic flow logs within the VPC.

Which of the following compensating controls would be BEST to implement in this situation?

A.
EDR
A.
EDR
Answers
B.
SIEM
B.
SIEM
Answers
C.
HIDS
C.
HIDS
Answers
D.
UEBA
D.
UEBA
Answers
Suggested answer: B

Question 152

Report
Export
Collapse

A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization. The legal department provided the security team with a list of search terms to investigate.

This is an example of:

A.
due intelligence
A.
due intelligence
Answers
B.
e-discovery.
B.
e-discovery.
Answers
C.
due care.
C.
due care.
Answers
D.
legal hold.
D.
legal hold.
Answers
Suggested answer: A

Question 153

Report
Export
Collapse

Which of the following protocols is a low power, low data rate that allows for the creation of PAN networks?

A.
Zigbee
A.
Zigbee
Answers
B.
CAN
B.
CAN
Answers
C.
DNP3
C.
DNP3
Answers
D.
Modbus
D.
Modbus
Answers
Suggested answer: A

Question 154

Report
Export
Collapse

An organization's assessment of a third-party, non-critical vendor reveals that the vendor does not have cybersecurity insurance and IT staff turnover is high. The organization uses the vendor to move customer office equipment from one service location to another. The vendor acquires customer data and access to the business via an API.

Given this information, which of the following is a noted risk?

A.
Feature delay due to extended software development cycles
A.
Feature delay due to extended software development cycles
Answers
B.
Financial liability from a vendor data breach
B.
Financial liability from a vendor data breach
Answers
C.
Technical impact to the API configuration
C.
Technical impact to the API configuration
Answers
D.
The possibility of the vendor's business ceasing operations
D.
The possibility of the vendor's business ceasing operations
Answers
Suggested answer: A

Question 155

Report
Export
Collapse

A cybersecurity analyst discovered a private key that could have been exposed.

Which of the following is the BEST way for the analyst to determine if the key has been compromised?

A.
HSTS
A.
HSTS
Answers
B.
CRL
B.
CRL
Answers
C.
CSRs
C.
CSRs
Answers
D.
OCSP
D.
OCSP
Answers
Suggested answer: C

Question 156

Report
Export
Collapse

A security administrator configured the account policies per security implementation guidelines. However, the accounts still appear to be susceptible to brute-force attacks. The following settings meet the existing compliance guidelines:

Must have a minimum of 15 characters

Must use one number

Must use one capital letter

Must not be one of the last 12 passwords used

Which of the following policies should be added to provide additional security?

A.
Shared accounts
A.
Shared accounts
Answers
B.
Password complexity
B.
Password complexity
Answers
C.
Account lockout
C.
Account lockout
Answers
D.
Password history
D.
Password history
Answers
E.
Time-based logins
E.
Time-based logins
Answers
Suggested answer: C

Question 157

Report
Export
Collapse

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic.

When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the network?

A.
Packets that are the wrong size or length
A.
Packets that are the wrong size or length
Answers
B.
Use of any non-DNP3 communication on a DNP3 port
B.
Use of any non-DNP3 communication on a DNP3 port
Answers
C.
Multiple solicited responses over time
C.
Multiple solicited responses over time
Answers
D.
Application of an unsupported encryption algorithm
D.
Application of an unsupported encryption algorithm
Answers
Suggested answer: C

Question 158

Report
Export
Collapse

A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence.

Which of the following techniques would BEST support this?

A.
Configuring systemd services to run automatically at startup
A.
Configuring systemd services to run automatically at startup
Answers
B.
Creating a backdoor
B.
Creating a backdoor
Answers
C.
Exploiting an arbitrary code execution exploit
C.
Exploiting an arbitrary code execution exploit
Answers
D.
Moving laterally to a more authoritative server/service
D.
Moving laterally to a more authoritative server/service
Answers
Suggested answer: B

Question 159

Report
Export
Collapse

Technicians have determined that the current server hardware is outdated, so they have decided to throw it out.

Prior to disposal, which of the following is the BEST method to use to ensure no data remnants can be recovered?

A.
Drive wiping
A.
Drive wiping
Answers
B.
Degaussing
B.
Degaussing
Answers
C.
Purging
C.
Purging
Answers
D.
Physical destruction
D.
Physical destruction
Answers
Suggested answer: B

Question 160

Report
Export
Collapse

A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence.

Which of the following offers an authoritative decision about whether the evidence was obtained legally?

A.
Lawyers
A.
Lawyers
Answers
B.
Court
B.
Court
Answers
C.
Upper management team
C.
Upper management team
Answers
D.
Police
D.
Police
Answers
Suggested answer: A
Total 510 questions
Go to page: of 51
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms