ExamGecko
Search Search Login
Home Home / CompTIA / CAS-004

CompTIA CAS-004 Practice Test - Questions Answers, Page 48

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
An loT device implements an encryption module built within its SoC where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware Which of the following should the loT manufacture do if the private key is compromised?
A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours. Based on RPO requirements, which of the following recommendations should the management team make?
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive. Based on the output above, from which of the following process IDs can the analyst begin an investigation?
in a situation where the cost of anti-malware exceeds the potential loss from a malware threat, which of the following is the most cost-effective risk response?
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services. Each user will have a unique allow list defined for access. The system will construct one-to-one subject/object access paths dynamically. Which of the following architectural designs should the organization use to meet these requirements?
A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed Data on this network must be protected at the same level of each clearance holder The need to know must be vended by the data owner Which of the following should the security officer do to meet these requirements?
An internal security assessor identified large gaps in a company's IT asset inventory system during a monthly asset review. The assessor is aware of an external audit that is underway. In an effort to avoid external findings, the assessor chooses not to report the gaps in the inventory system. Which of the following legal considerations is the assessor directly violating?

Question 471

Report
Export
Collapse

An application engineer is using the Swagger framework to leverage REST APIs to authenticate endpoints. The engineer is receiving HTTP 403 responses. Which of the following should the engineer do to correct this issue? (Select two).

A.
Obtain a security token.
A.
Obtain a security token.
Answers
B.
Obtain a public key.
B.
Obtain a public key.
Answers
C.
Leverage Kerberos for authentication
C.
Leverage Kerberos for authentication
Answers
D.
Leverage OAuth for authentication.
D.
Leverage OAuth for authentication.
Answers
E.
Leverage LDAP for authentication.
E.
Leverage LDAP for authentication.
Answers
F.
Obtain a hash value.
F.
Obtain a hash value.
Answers
Suggested answer: A, D

Explanation:

The HTTP 403 error indicates that the engineer does not have the appropriate permissions to access the endpoint. To correct this, the engineer should obtain a security token and leverage OAuth for authentication. OAuth is a widely used authorization framework for securing API endpoints, and obtaining a security token is a key step in authenticating API requests. These two steps will ensure the correct authentication process is followed, allowing access to the required API resources. CASP+ emphasizes the importance of using secure authentication mechanisms like OAuth for modern web applications and APIs.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (API Security, OAuth)

CompTIA CASP+ Study Guide: API Security and OAuth for Authentication

Question 472

Report
Export
Collapse

A company has identified a number of vulnerable, end-of-support systems with limited defensive capabilities. Which of the following would be the first step in reducing the attack surface in this environment?

A.
Utilizing hardening recommendations
A.
Utilizing hardening recommendations
Answers
B.
Deploying IPS/IDS throughout the environment
B.
Deploying IPS/IDS throughout the environment
Answers
C.
Installing and updating antivirus
C.
Installing and updating antivirus
Answers
D.
Installing all available patches
D.
Installing all available patches
Answers
Suggested answer: A

Explanation:

The first step in reducing the attack surface of vulnerable, end-of-support systems is to apply hardening recommendations. Hardening involves applying security configurations, such as disabling unnecessary services, enforcing strong authentication, and tightening access controls to mitigate vulnerabilities on systems that can no longer receive patches or support. While patching and deploying security tools like IPS/IDS and antivirus are important, hardening addresses the fundamental weakness of these legacy systems by reducing their exposure to threats. CASP+ recommends hardening as a crucial measure in environments where patching or upgrading may not be feasible, particularly for unsupported systems.

CASP+ CAS-004 Exam Objectives: Domain 2.0 -- Enterprise Security Operations (System Hardening)

CompTIA CASP+ Study Guide: System Hardening for End-of-Life Systems

Question 473

Report
Export
Collapse

A security analyst identified a vulnerable and deprecated runtime engine that is supporting a public-facing banking application. The developers anticipate the transition to modern development environments will take at least a month. Which of the following controls would best mitigate the risk without interrupting the service during the transition?

A.
Shutting down the systems until the code is ready
A.
Shutting down the systems until the code is ready
Answers
B.
Uninstalling the impacted runtime engine
B.
Uninstalling the impacted runtime engine
Answers
C.
Selectively blocking traffic on the affected port
C.
Selectively blocking traffic on the affected port
Answers
D.
Configuring IPS and WAF with signatures
D.
Configuring IPS and WAF with signatures
Answers
Suggested answer: D

Explanation:

Given the vulnerability in the deprecated runtime engine, configuring an IPS (Intrusion Prevention System) and WAF (Web Application Firewall) with appropriate signatures is the best temporary control. This allows the organization to monitor and block potential attacks targeting known vulnerabilities in the runtime engine while the developers work on the transition. Shutting down the systems or uninstalling the runtime engine would cause service interruptions, and blocking traffic might disrupt legitimate users. IPS and WAF provide an active layer of defense without interrupting service. CASP+ emphasizes the use of layered security, including IPS and WAF, to mitigate risks in public-facing applications.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (Web Application Firewalls, Intrusion Prevention Systems)

CompTIA CASP+ Study Guide: Mitigating Application Vulnerabilities with WAFs and IPS

Question 474

Report
Export
Collapse

The management team at a company with a large, aging server environment is conducting a server risk assessment in order to create a replacement strategy. The replacement strategy will be based upon the likelihood a server will fail, regardless of the criticality of the application running on a particular server. Which of the following should be used to prioritize the server replacements?

A.
SLE
A.
SLE
Answers
B.
MTTR
B.
MTTR
Answers
C.
TCO
C.
TCO
Answers
D.
MTBF
D.
MTBF
Answers
E.
MSA
E.
MSA
Answers
Suggested answer: D

Explanation:

To prioritize server replacements based on the likelihood of failure, the MTBF (Mean Time Between Failures) metric is most appropriate. MTBF provides a measure of the average time a server or system is expected to operate before experiencing failure. This allows the management team to assess which servers are more likely to fail soon, irrespective of the application criticality, and thus should be replaced first. CASP+ highlights the use of MTBF in hardware lifecycle management and risk assessments.

CASP+ CAS-004 Exam Objectives: Domain 1.0 -- Risk Management (MTBF in Hardware Lifecycle)

CompTIA CASP+ Study Guide: Server Risk Assessments Using MTBF and Reliability Metrics

Question 475

Report
Export
Collapse

A recent security assessment generated a recommendation to transition Wi-Fi to WPA2/WPA3 Enterprise requiring EAP-TLS. Which of the following conditions must be met for the organization's mobile devices to be able to successfully join the corporate wireless network?

A.
Client computer X.509 certificates have been installed.
A.
Client computer X.509 certificates have been installed.
Answers
B.
Supplicants are configured to provide a 64-bit authenticator.
B.
Supplicants are configured to provide a 64-bit authenticator.
Answers
C.
A hardware TOTP token has been issued to mobile users.
C.
A hardware TOTP token has been issued to mobile users.
Answers
D.
The device's IPSec configuration matches the VPN concentrator.
D.
The device's IPSec configuration matches the VPN concentrator.
Answers
Suggested answer: A

Explanation:

For an organization transitioning its Wi-Fi to WPA2/WPA3 Enterprise with EAP-TLS, X.509 certificates are crucial. EAP-TLS (Extensible Authentication Protocol-Transport Layer Security) is a certificate-based authentication protocol, and for it to work, both the client and server must have valid X.509 certificates. This ensures that the mobile devices can authenticate themselves securely to the wireless network. Other options like IPSec configurations or TOTP tokens are not relevant in the context of EAP-TLS wireless authentication. CASP+ highlights the importance of certificate management in secure wireless authentication protocols.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (Wireless Authentication and EAP-TLS)

CompTIA CASP+ Study Guide: Certificate Management for EAP-TLS

Question 476

Report
Export
Collapse

An accounting team member received a voicemail message from someone who sounded like the Chief Financial Officer (CFO). In the voicemail message, the caller requested a wire transfer to a bank account the organization had not used before. Which of the following best describes this type of attack?

A.
The attacker used deepfake technology to simulate the CFO's voice.
A.
The attacker used deepfake technology to simulate the CFO's voice.
Answers
B.
The CFO tried to commit a form of embezzlement.
B.
The CFO tried to commit a form of embezzlement.
Answers
C.
The attacker used caller ID spoofing to imitate the CFO's internal phone extension.
C.
The attacker used caller ID spoofing to imitate the CFO's internal phone extension.
Answers
D.
The attacker successfully phished someone in the accounts payable department.
D.
The attacker successfully phished someone in the accounts payable department.
Answers
Suggested answer: A

Explanation:

In this scenario, the voicemail requesting a wire transfer from an unfamiliar bank account is indicative of a deepfake attack, where attackers use advanced technology to simulate a person's voice or likeness. Deepfake technology is increasingly being used in social engineering attacks to impersonate executives or trusted individuals. This attack attempts to manipulate employees by making them believe they are receiving legitimate requests from high-ranking personnel. CASP+ discusses advanced threats like deepfakes, which leverage AI to bypass traditional security awareness defenses.

CASP+ CAS-004 Exam Objectives: Domain 2.0 -- Enterprise Security Operations (Advanced Social Engineering Threats)

CompTIA CASP+ Study Guide: Social Engineering and Deepfake Risks

Question 477

Report
Export
Collapse

A compliance officer is responsible for selecting the right governance framework to protect individuals' data. Which of the following is the appropriate framework for the company to consult when collecting international user data for the purpose of processing credit cards?

A.
ISO 27001
A.
ISO 27001
Answers
B.
COPPA
B.
COPPA
Answers
C.
NIST 800-53
C.
NIST 800-53
Answers
D.
PCI DSS
D.
PCI DSS
Answers
Suggested answer: D

Explanation:

PCI DSS (Payment Card Industry Data Security Standard) is the most appropriate governance framework when collecting and processing credit card data, including international user data. PCI DSS establishes security standards for organizations that handle payment card transactions and ensures the protection of cardholder data globally. The other options, such as ISO 27001 and NIST 800-53, provide general security frameworks, but PCI DSS is specifically designed for payment card security, which is critical when handling credit card information. CASP+ emphasizes the role of PCI DSS in ensuring the secure handling of payment data.

CASP+ CAS-004 Exam Objectives: Domain 1.0 -- Risk Management (PCI DSS Compliance for Payment Systems)

CompTIA CASP+ Study Guide: Payment Systems Security and PCI DSS

Question 478

Report
Export
Collapse

A company would like to move its payment card data to a cloud provider. Which of the following solutions will best protect account numbers from unauthorized disclosure?

A.
Storing the data in an encoded file
A.
Storing the data in an encoded file
Answers
B.
Implementing database encryption at rest
B.
Implementing database encryption at rest
Answers
C.
Only storing tokenized card data
C.
Only storing tokenized card data
Answers
D.
Implementing data field masking
D.
Implementing data field masking
Answers
Suggested answer: C

Explanation:

Tokenization is the best solution to protect payment card data from unauthorized disclosure when moving to the cloud. Tokenization replaces sensitive card data with unique identifiers (tokens) that have no exploitable value outside the tokenization system. Even if the data is compromised, the attacker would not obtain actual card numbers. This is in line with PCI DSS requirements for protecting payment card information. Other solutions like encryption at rest or field masking help, but tokenization provides the strongest protection by ensuring that card data is not stored at all.

CASP+ CAS-004 Exam Objectives: Domain 1.0 -- Risk Management (Tokenization and PCI DSS Compliance)

CompTIA CASP+ Study Guide: Data Protection Techniques (Tokenization)

Question 479

Report
Export
Collapse

Which of the following describes how a risk assessment is performed when an organization has a critical vendor that provides multiple products?

A.
At the individual product level
A.
At the individual product level
Answers
B.
Through the selection of a random product
B.
Through the selection of a random product
Answers
C.
Using a third-party audit report
C.
Using a third-party audit report
Answers
D.
By choosing a major product
D.
By choosing a major product
Answers
Suggested answer: A

Explanation:

When conducting a risk assessment for a vendor that provides multiple products, it is important to perform the assessment at the individual product level. Each product might have different risk factors, security requirements, and vulnerabilities, so assessing each one ensures a comprehensive understanding of the risks involved. Assessing randomly or only major products could leave gaps in understanding the risks for smaller but still critical products. CASP+ emphasizes that risk assessments should be detailed and product-specific for a thorough evaluation.

CASP+ CAS-004 Exam Objectives: Domain 1.0 -- Risk Management (Vendor and Product Risk Assessments)

CompTIA CASP+ Study Guide: Vendor Risk Management

Question 480

Report
Export
Collapse

A pharmaceutical company uses a cloud provider to host thousands of independent resources in object storage. The company needs a practical and effective means of discovering data, monitoring changes, and identifying suspicious activity. Which of the following would best meet these requirements?

A.
A machine-learning-based data security service
A.
A machine-learning-based data security service
Answers
B.
A file integrity monitoring service
B.
A file integrity monitoring service
Answers
C.
A cloud configuration assessment and compliance service
C.
A cloud configuration assessment and compliance service
Answers
D.
An automated data classification system
D.
An automated data classification system
Answers
Suggested answer: A

Explanation:

A machine-learning-based data security service would best meet the pharmaceutical company's requirements to discover data, monitor changes, and identify suspicious activity across thousands of independent resources in cloud object storage. Machine learning can analyze vast amounts of data, detect patterns, and alert administrators to anomalies or suspicious activities without manual intervention. Traditional file integrity monitoring or data classification might not scale well or adapt dynamically to the complexity and size of the company's environment. CASP+ highlights the use of advanced technologies like machine learning for cloud security and monitoring.

CASP+ CAS-004 Exam Objectives: Domain 2.0 -- Enterprise Security Operations (Machine Learning for Security)

CompTIA CASP+ Study Guide: Cloud Security Monitoring with Machine Learning

Total 510 questions
Go to page: of 51
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms