ExamGecko
Search Search Login
Home Home / CompTIA / CAS-004

CompTIA CAS-004 Practice Test - Questions Answers, Page 51

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
An loT device implements an encryption module built within its SoC where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware Which of the following should the loT manufacture do if the private key is compromised?
A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours. Based on RPO requirements, which of the following recommendations should the management team make?
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive. Based on the output above, from which of the following process IDs can the analyst begin an investigation?
in a situation where the cost of anti-malware exceeds the potential loss from a malware threat, which of the following is the most cost-effective risk response?
A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed Data on this network must be protected at the same level of each clearance holder The need to know must be vended by the data owner Which of the following should the security officer do to meet these requirements?
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services. Each user will have a unique allow list defined for access. The system will construct one-to-one subject/object access paths dynamically. Which of the following architectural designs should the organization use to meet these requirements?
A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios: Unauthorized insertions into application development environments Authorized insiders making unauthorized changes to environment configurations Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)

Question 501

Report
Export
Collapse

A software developer has been tasked with creating a unique threat detection mechanism that is based on machine learning. The information system for which the tool is being developed is on a rapid CI/CD pipeline, and the tool developer is considered a supplier to the process. Which of the following presents the most risk to the development life cycle and lo the ability to deliver the security tool on time?

A.
Deep learning language barriers
A.
Deep learning language barriers
Answers
B.
Big Data processing required for maturity
B.
Big Data processing required for maturity
Answers
C.
Secure, multiparty computation requirements
C.
Secure, multiparty computation requirements
Answers
D.
Computing capabilities available to the developer
D.
Computing capabilities available to the developer
Answers
Suggested answer: B

Explanation:

The most significant risk to the development of a machine-learning-based threat detection tool is the Big Data processing required for maturity. Machine learning models often require large datasets to train effectively, and processing and analyzing this data can be time-consuming and resource-intensive. This can delay the development timeline, especially in a rapid CI/CD pipeline environment where timely delivery is crucial. CASP+ highlights the challenges associated with machine learning and Big Data in security tool development, particularly the resource demands and the need for extensive data to ensure accuracy and maturity.

CASP+ CAS-004 Exam Objectives: Domain 2.0 -- Enterprise Security Operations (Big Data and Machine Learning Challenges)

CompTIA CASP+ Study Guide: Implementing and Managing Machine Learning in Security Environments

Question 502

Report
Export
Collapse

A security administrator has been provided with three separate certificates and is trying to organize them into a single chain of trust to deploy on a website. Given the following certificate properties:

Which of the following are true about the PKI hierarchy? (Select two).

A.
www.budgetcert.com.is the top-level CA.
A.
www.budgetcert.com.is the top-level CA.
Answers
B.
www.budgetcert.com. is an intermediate CA.
B.
www.budgetcert.com. is an intermediate CA.
Answers
C.
SuperTrust RSA 2018 is the top-level CA.
C.
SuperTrust RSA 2018 is the top-level CA.
Answers
D.
SuperTrust RSA 2018 is an intermediate CA.
D.
SuperTrust RSA 2018 is an intermediate CA.
Answers
E.
BudgetCert is the top-level CA
E.
BudgetCert is the top-level CA
Answers
F.
BudgetCert is an intermediate CA.
F.
BudgetCert is an intermediate CA.
Answers
Suggested answer: C, E

Explanation:

Based on the given certificate properties:

SuperTrust RSA 2018 is an intermediate certificate authority (CA) because it is issued by BudgetCert Global Root CA, which is the top-level certificate authority.

BudgetCert is the top-level CA (root CA) in this public key infrastructure (PKI) hierarchy, as it issues certificates to SuperTrust RSA 2018 and has no issuer of its own.

Therefore, SuperTrust RSA 2018 is the intermediate CA, and BudgetCert is the top-level (root) CA in this PKI chain of trust. The www.budgetcert.com certificate is the leaf or end-entity certificate, which is used for the website itself.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (PKI and Certificate Chains of Trust)

CompTIA CASP+ Study Guide: PKI Hierarchy and Certificate Trust Models


Question 503

Report
Export
Collapse

A company reviews the regulatory requirements associated with a new product, and then company management elects to cancel production. Which of the following risk strategies is the company using in this scenario?

A.
Avoidance
A.
Avoidance
Answers
B.
Mitigation
B.
Mitigation
Answers
C.
Rejection
C.
Rejection
Answers
D.
Acceptance
D.
Acceptance
Answers
Suggested answer: A

Explanation:

In this scenario, the company has elected to cancel the production of a product after reviewing regulatory requirements. This decision reflects a risk avoidance strategy, which involves taking action to eliminate exposure to a risk by not engaging in the activity that could lead to it. By canceling production, the company avoids the regulatory and compliance risks altogether. CASP+ defines risk avoidance as a risk management strategy that involves stopping or avoiding actions that expose the organization to unacceptable levels of risk.

CASP+ CAS-004 Exam Objectives: Domain 1.0 -- Risk Management (Risk Avoidance)

CompTIA CASP+ Study Guide: Risk Management Strategies and Risk Avoidance

Question 504

Report
Export
Collapse

A security administrator is trying to securely provide public access to specific data from a web application. Clients who want to access the application will be required to:

* Only allow the POST and GET options.

* Transmit all data secured with TLS 1.2 or greater.

* Use specific URLs to access each type of data that is requested.

* Authenticate with a bearer token.

Which of the following should the security administrator recommend to meet these requirements?

A.
API gateway
A.
API gateway
Answers
B.
Application load balancer
B.
Application load balancer
Answers
C.
Web application firewall
C.
Web application firewall
Answers
D.
Reverse proxy
D.
Reverse proxy
Answers
Suggested answer: A

Explanation:

An API gateway is the best solution to meet the specified requirements for securely providing public access to specific data. An API gateway allows the administrator to control HTTP methods like POST and GET, ensure secure transmission via TLS 1.2 or greater, and enforce authentication using bearer tokens. It also allows access control by specifying URLs for different types of data. API gateways centralize security and traffic management for APIs, making them ideal for this type of secure access scenario. CASP+ emphasizes the importance of API gateways in managing and securing web application interfaces.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (API Security and API Gateways)

CompTIA CASP+ Study Guide: Securing Web Application Interfaces with API Gateways

Question 505

Report
Export
Collapse

An organization has deployed a cloud-based application that provides virtual event services globally to clients. During a typical event, thousands of users access various entry pages within a short period of time. The entry pages include sponsor-related content that is relatively static and is pulled from a database. When the first major event occurs, users report poor response time on the entry pages. Which of the following features is the most appropriate for the company to implement?

A.
Horizontal scalability
A.
Horizontal scalability
Answers
B.
Vertical scalability
B.
Vertical scalability
Answers
C.
Containerization
C.
Containerization
Answers
D.
Static code analysis
D.
Static code analysis
Answers
E.
Caching
E.
Caching
Answers
Suggested answer: E

Explanation:

Caching is the most appropriate solution to improve response time for static content, such as sponsor-related data on the entry pages. Caching stores frequently accessed data closer to users, reducing the need to retrieve it from the database repeatedly. This results in faster load times, especially during high-traffic events. While scalability (horizontal or vertical) might address overall system performance, caching specifically targets improving the speed of accessing static content. CASP+ emphasizes caching as a performance optimization technique for handling high-demand, static web content.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (Performance Optimization and Caching)

CompTIA CASP+ Study Guide: Optimizing Web Application Performance with Caching

Question 506

Report
Export
Collapse

An organization needs to classify its systems and data in accordance with external requirements. Which of the following roles is best qualified to perform this task?

A.
Systems administrator
A.
Systems administrator
Answers
B.
Data owner
B.
Data owner
Answers
C.
Data processor
C.
Data processor
Answers
D.
Data custodian
D.
Data custodian
Answers
E.
Data steward
E.
Data steward
Answers
Suggested answer: B

Explanation:

The data owner is best qualified to classify systems and data in accordance with external requirements. The data owner is responsible for determining how data should be classified based on its sensitivity, value, and regulatory requirements. They have the authority to decide on classification levels such as public, confidential, or secret, and ensure compliance with external standards. Other roles, like data custodians or processors, support the implementation of data management, but the data owner has the final responsibility for classification. CASP+ highlights the role of data owners in determining data classification and ensuring compliance with external requirements.

CASP+ CAS-004 Exam Objectives: Domain 1.0 -- Risk Management (Data Classification and Data Owner Responsibilities)

CompTIA CASP+ Study Guide: Data Classification and Governance Responsibilities of the Data Owner

Question 507

Report
Export
Collapse

A security engineer is implementing DLP. Which of the following should the security engineer include in the overall DLP strategy?

A.
Tokenization
A.
Tokenization
Answers
B.
Network traffic analysis
B.
Network traffic analysis
Answers
C.
Data classification
C.
Data classification
Answers
D.
Multifactor authentication
D.
Multifactor authentication
Answers
Suggested answer: C

Explanation:

For a successful Data Loss Prevention (DLP) strategy, the first step is data classification. Data classification involves identifying and categorizing data based on its sensitivity and importance, which allows the DLP system to apply appropriate security controls to protect critical or sensitive information. Without proper data classification, it is difficult to implement effective DLP policies. While tokenization, network traffic analysis, and multifactor authentication can contribute to data security, classification is fundamental to building a targeted and effective DLP strategy. CASP+ highlights the importance of identifying and categorizing data as a key part of securing sensitive information and preventing data breaches.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (Data Loss Prevention and Data Classification)

CompTIA CASP+ Study Guide: DLP Strategies and Data Classification

Question 508

Report
Export
Collapse

An analyst determined that the current process for manually handling phishing attacks within the company is ineffective. The analyst is developing a new process to ensure phishing attempts are handled internally in an appropriate and timely manner. One of the analyst's requirements is that a blocklist be updated automatically when phishing attempts are identified. Which of the following would help satisfy this requirement?

A.
SOAR
A.
SOAR
Answers
B.
MSSP
B.
MSSP
Answers
C.
Containerization
C.
Containerization
Answers
D.
Virtualization
D.
Virtualization
Answers
E.
MDR deployment
E.
MDR deployment
Answers
Suggested answer: A

Explanation:

To automate the process of handling phishing attempts and updating blocklists, the best solution is to implement SOAR (Security Orchestration, Automation, and Response). SOAR platforms allow organizations to define automated workflows for responding to security incidents, such as phishing attacks. In this case, SOAR can automate the identification of phishing attempts and update blocklists in real-time, improving response time and consistency. MSSP (Managed Security Service Provider) and MDR (Managed Detection and Response) are outsourced services that do not directly address the need for automation, and containerization and virtualization are unrelated to incident handling. CASP+ emphasizes the value of automation in streamlining security operations and improving response times to threats.

CASP+ CAS-004 Exam Objectives: Domain 2.0 -- Enterprise Security Operations (Automation, SOAR)

CompTIA CASP+ Study Guide: Security Automation and Incident Response with SOAR

Question 509

Report
Export
Collapse

A software development company needs to mitigate third-party risks to its software supply chain. Which of the following techniques should the company use in the development environment to best meet this objective?

A.
Performing software composition analysis
A.
Performing software composition analysis
Answers
B.
Requiring multifactor authentication
B.
Requiring multifactor authentication
Answers
C.
Establishing coding standards and monitoring for compliance
C.
Establishing coding standards and monitoring for compliance
Answers
D.
Implementing a robust unit and regression-testing scheme
D.
Implementing a robust unit and regression-testing scheme
Answers
Suggested answer: A

Explanation:

Software composition analysis (SCA) is the most effective method to mitigate third-party risks in a software supply chain. SCA tools analyze the open-source and third-party components used in software development to identify known vulnerabilities, outdated dependencies, or licensing issues. By integrating SCA into the development environment, the company can proactively address risks related to external libraries or codebases that may introduce vulnerabilities into the software supply chain. CASP+ emphasizes the importance of securing the supply chain, particularly by identifying and addressing risks introduced by third-party software components.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (Third-Party Risk Management)

CompTIA CASP+ Study Guide: Securing Software Supply Chains with SCA

Question 510

Report
Export
Collapse

A software developer needs to add an authentication method to a web application. The following requirements must be met:

* The web application needs to use well-supported standards.

* The initial login to the web application should rely on an outside, trusted third party.

* The login needs to be maintained for up to six months.

Which of the following would best support these requirements? (Select two).

A.
SAML
A.
SAML
Answers
B.
Kerberos
B.
Kerberos
Answers
C.
JWT
C.
JWT
Answers
D.
RADIUS
D.
RADIUS
Answers
E.
EAP
E.
EAP
Answers
F.
Remote attestation
F.
Remote attestation
Answers
Suggested answer: A, C

Explanation:

To meet the requirements for authentication using trusted third parties and session maintenance, SAML (Security Assertion Markup Language) and JWT (JSON Web Token) are the best options. SAML is widely used for single sign-on (SSO) and federated authentication, allowing users to authenticate with an external identity provider (trusted third party). JWT is commonly used for maintaining authenticated sessions across web applications and is well-suited for long-term session management, like the six-month duration mentioned. Together, these solutions meet the requirements for standards-based authentication and long-lasting sessions. CASP+ discusses the role of SAML in federated identity management and JWT in token-based authentication.

CASP+ CAS-004 Exam Objectives: Domain 2.0 -- Enterprise Security Operations (Federated Identity Management, JWT, SAML)

CompTIA CASP+ Study Guide: Web Application Authentication with SAML and JWT

Total 510 questions
Go to page: of 51
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms