ExamGecko
Search Search Login
Home Home / CompTIA / CAS-004

CompTIA CAS-004 Practice Test - Questions Answers, Page 19

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
An loT device implements an encryption module built within its SoC where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware Which of the following should the loT manufacture do if the private key is compromised?
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours. Based on RPO requirements, which of the following recommendations should the management team make?
A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive. Based on the output above, from which of the following process IDs can the analyst begin an investigation?
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services. Each user will have a unique allow list defined for access. The system will construct one-to-one subject/object access paths dynamically. Which of the following architectural designs should the organization use to meet these requirements?
in a situation where the cost of anti-malware exceeds the potential loss from a malware threat, which of the following is the most cost-effective risk response?
A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed Data on this network must be protected at the same level of each clearance holder The need to know must be vended by the data owner Which of the following should the security officer do to meet these requirements?
An internal security assessor identified large gaps in a company's IT asset inventory system during a monthly asset review. The assessor is aware of an external audit that is underway. In an effort to avoid external findings, the assessor chooses not to report the gaps in the inventory system. Which of the following legal considerations is the assessor directly violating?

Question 181

Report
Export
Collapse

A company just released a new video card. Due to limited supply and nigh demand, attackers are employing automated systems to purchase the device through the company's web store so they can resell it on the secondary market. The company's Intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems. Which of the following now describes the level of risk?

A.
Inherent Low
A.
Inherent Low
Answers
B.
Mitigated
B.
Mitigated
Answers
C.
Residual
C.
Residual
Answers
D.
Transferred
D.
Transferred
Answers
Suggested answer: C

Question 182

Report
Export
Collapse

A forensic investigator would use the foremost command for:

A.
cloning disks.
A.
cloning disks.
Answers
B.
analyzing network-captured packets.
B.
analyzing network-captured packets.
Answers
C.
recovering lost files.
C.
recovering lost files.
Answers
D.
extracting features such as email addresses
D.
extracting features such as email addresses
Answers
Suggested answer: C

Question 183

Report
Export
Collapse

An organization mat provides a SaaS solution recently experienced an incident involving customer data loss. The system has a level of sell-healing that includes monitoring performance and available resources. When me system detects an issue, the self-healing process is supposed to restart pans of me software.

During the incident, when me self-healing system attempted to restart the services, available disk space on the data drive to restart all the services was inadequate. The self-healing system did not detect that some services did not fully restart and declared me system as fully operational. Which of the following BEST describes me reason why the silent failure occurred?

A.
The system logs rotated prematurely.
A.
The system logs rotated prematurely.
Answers
B.
The disk utilization alarms are higher than what me service restarts require.
B.
The disk utilization alarms are higher than what me service restarts require.
Answers
C.
The number of nodes in me self-healing cluster was healthy,
C.
The number of nodes in me self-healing cluster was healthy,
Answers
D.
Conditional checks prior to the service restart succeeded.
D.
Conditional checks prior to the service restart succeeded.
Answers
Suggested answer: D

Question 184

Report
Export
Collapse

A healthcare system recently suffered from a ransomware incident As a result the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits and had open RDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would BEST solve these challenges? (Select THREE).

A.
SD-WAN
A.
SD-WAN
Answers
B.
PAM
B.
PAM
Answers
C.
Remote access VPN
C.
Remote access VPN
Answers
D.
MFA
D.
MFA
Answers
E.
Network segmentation
E.
Network segmentation
Answers
F.
BGP
F.
BGP
Answers
G.
NAC
G.
NAC
Answers
Suggested answer: A, C, E

Question 185

Report
Export
Collapse

A business wants to migrate its workloads from an exclusively on-premises IT infrastructure to the cloud but cannot implement all the required controls. Which of the following BEST describes the risk associated with this implementation?

A.
Loss of governance
A.
Loss of governance
Answers
B.
Vendor lockout
B.
Vendor lockout
Answers
C.
Compliance risk
C.
Compliance risk
Answers
D.
Vendor lock-in
D.
Vendor lock-in
Answers
Suggested answer: C

Question 186

Report
Export
Collapse

As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents.

Which of the following BEST describes this kind of risk response?

A.
Risk rejection
A.
Risk rejection
Answers
B.
Risk mitigation
B.
Risk mitigation
Answers
C.
Risk transference
C.
Risk transference
Answers
D.
Risk avoidance
D.
Risk avoidance
Answers
Suggested answer: C

Question 187

Report
Export
Collapse

A DevOps team has deployed databases, event-driven services, and an API gateway as PaaS solution that will support a new billing system. Which of the following security responsibilities will the DevOps team need to perform?

A.
Securely configure the authentication mechanisms
A.
Securely configure the authentication mechanisms
Answers
B.
Patch the infrastructure at the operating system
B.
Patch the infrastructure at the operating system
Answers
C.
Execute port scanning against the services
C.
Execute port scanning against the services
Answers
D.
Upgrade the service as part of life-cycle management
D.
Upgrade the service as part of life-cycle management
Answers
Suggested answer: A

Question 188

Report
Export
Collapse

An auditor needs to scan documents at rest for sensitive text. These documents contain both text and Images. Which of the following software functionalities must be enabled in the DLP solution for the auditor to be able to fully read these documents? (Select TWO).

A.
Document interpolation
A.
Document interpolation
Answers
B.
Regular expression pattern matching
B.
Regular expression pattern matching
Answers
C.
Optical character recognition functionality
C.
Optical character recognition functionality
Answers
D.
Baseline image matching
D.
Baseline image matching
Answers
E.
Advanced rasterization
E.
Advanced rasterization
Answers
F.
Watermarking
F.
Watermarking
Answers
Suggested answer: A, C

Question 189

Report
Export
Collapse

Due to adverse events, a medium-sized corporation suffered a major operational disruption that caused its servers to crash and experience a major power outage. Which of the following should be created to prevent this type of issue in the future?

A.
SLA
A.
SLA
Answers
B.
BIA
B.
BIA
Answers
C.
BCM
C.
BCM
Answers
D.
BCP
D.
BCP
Answers
E.
RTO
E.
RTO
Answers
Suggested answer: D

Explanation:

A Business Continuity Plan (BCP) is a set of policies and procedures that outline how an organization should respond to and recover from disruptions[1]. It is designed to ensure that critical operations and services can be quickly restored and maintained, and should include steps to identify risks, develop plans to mitigate those risks, and detail the procedures to be followed in the event of a disruption. Resources:

CompTIA Advanced Security Practitioner (CASP+) Study Guide, Chapter 4: ''Business Continuity Planning,'' Wiley, 2018.https://www.wiley.com/en-us/CompTIA+Advanced+Security+Practitioner+CASP%2B+Study+Guide%2C+2nd+Edition-p-9781119396582

Question 190

Report
Export
Collapse

A security analyst discovered that the company's WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests:

Which of the following would BEST mitigate this vulnerability?

A.
Network intrusion prevention
A.
Network intrusion prevention
Answers
B.
Data encoding
B.
Data encoding
Answers
C.
Input validation
C.
Input validation
Answers
D.
CAPTCHA
D.
CAPTCHA
Answers
Suggested answer: C
Total 510 questions
Go to page: of 51
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms