[Sep-2022] CAS-004 Exam Questions and Valid CAS-004 Dumps PDF [Q93-Q112]

[Sep-2022] CAS-004 Exam Questions and Valid CAS-004 Dumps PDF

CAS-004 Brain Dump: A Study Guide with Tips & Tricks for passing Exam

NEW QUESTION 93
A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks.
Which of the following sources could the architect consult to address this security concern?

• A. IEEE
• B. OWASP
• C. SDLC
• D. OVAL

Answer: D

 

NEW QUESTION 94
A company just released a new video card. Due to limited supply and nigh demand, attackers are employing automated systems to purchase the device through the company's web store so they can resell it on the secondary market. The company's Intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems. Which of the following now describes the level of risk?

• A. Mitigated
• B. Inherent
  Low
• C. Residual
• D. Transferred

Answer: B

 

NEW QUESTION 95
A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session:

Which of the following BEST explains why secure LDAP is not working? (Select TWO.)

• A. The company is using the wrong port. It should be using port 389 for secure LDAP.
• B. The secure LDAP service is not started, so no connections can be made.
• C. The clients may not trust idapt by default.
• D. Secure LDAP does not support wildcard certificates.
• E. The clients may not trust Chicago by default.
• F. Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.
• G. Secure LDAP should be running on UDP rather than TCP.

Answer: A,B

 

NEW QUESTION 96
A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line.
Which of the following commands would be the BEST to run to view only active Internet connections?

• A. sudo netstat -pnut | grep -P ^tcp
• B. sudo netstat -antu | grep "LISTEN" | awk '{print$5}'
• C. sudo netstat -plntu | grep -v "Foreign Address"
• D. sudo netstat -nlt -p | grep "ESTABLISHED"
• E. sudo netstat -pnut -w | column -t -s $'\w'

Answer: A

 

NEW QUESTION 97
While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?

• A. Isolate the servers to prevent the spread.
• B. Request that the affected servers be restored immediately.
• C. Pay the ransom within 48 hours.
• D. Notify law enforcement.

Answer: D

 

NEW QUESTION 98
A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process memory location.
Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?

• A. Total memory encryption
• B. No-execute
• C. Virtual memory encryption
• D. Execute never

Answer: D

 

NEW QUESTION 99
A security engineer needs to implement a solution to increase the security posture of user endpoints by providing more visibility and control over local administrator accounts. The endpoint security team is overwhelmed with alerts and wants a solution that has minimal operational burdens. Additionally, the solution must maintain a positive user experience after implementation.
Which of the following is the BEST solution to meet these objectives?

• A. Implement EDR, keep users in the local administrators group, and enable user behavior analytics.
• B. Implement PAM, remove users from the local administrators group, and prompt users for explicit approval when elevated privileges are required.
• C. Implement EDR, remove users from the local administrators group, and enable privilege escalation monitoring.
• D. Implement Privileged Access Management (PAM), keep users in the local administrators group, and enable local administrator account monitoring.

Answer: D

 

NEW QUESTION 100
An organization is planning for disaster recovery and continuity of operations.
INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected host.
After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.
Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:

 

NEW QUESTION 101
A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process memory location.
Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?

• A. Execute never
• B. No-execute
• C. Total memory encryption
• D. Virtual memory encryption

Answer: B

 

NEW QUESTION 102
A vulnerability assessment endpoint generated a report of the latest findings. A security analyst needs to review the report and create a priority list of items that must be addressed. Which of the following should the analyst use to create the list quickly?

• A. Business impact rating
• B. CVSS scores
• C. OVAL
• D. CVE dates

Answer: A

 

NEW QUESTION 103
A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization. The legal department provided the security team with a list of search terms to investigate.
This is an example of:

• A. due intelligence
• B. due care.
• C. legal hold.
• D. e-discovery.

Answer: A

 

NEW QUESTION 104
Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?

• A. Key escrow
• B. Key sharing
• C. Key distribution
• D. Key recovery

Answer: C

 

NEW QUESTION 105
A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence.
Which of the following techniques would BEST support this?

• A. Moving laterally to a more authoritative server/service
• B. Configuring systemd services to run automatically at startup
• C. Exploiting an arbitrary code execution exploit
• D. Creating a backdoor

Answer: D

 

NEW QUESTION 106
A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.
Which of the following scan types will provide the systems administrator with the MOST accurate information?

• A. A passive, credentialed scan
• B. An active, non-credentialed scan
• C. An active, credentialed scan
• D. A passive, non-credentialed scan

Answer: C

 

NEW QUESTION 107
A company is preparing to deploy a global service.
Which of the following must the company do to ensure GDPR compliance? (Choose two.)

• A. Inform users regarding what data is stored.
• B. Provide optional data encryption.
• C. Provide data deletion capabilities.
• D. Provide alternative authentication techniques.
• E. Grant data access to third parties.
• F. Provide opt-in/out for marketing messages.

Answer: A,C

 

NEW QUESTION 108
A cybersecurity analyst created the following tables to help determine the maximum budget amount the business can justify spending on an improved email filtering system:


Which of the following meets the budget needs of the business?

• A. Filter TUV
• B. Filter ABC
• C. Filter XYZ
• D. Filter GHI

Answer: D

 

NEW QUESTION 109
A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:
Unauthorized insertions into application development environments
Authorized insiders making unauthorized changes to environment configurations Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)

• A. Model user behavior and monitor for deviations from normal.
• B. Install an IDS on the development subnet and passively monitor for vulnerable services.
• C. Monitor dependency management tools and report on susceptible third-party libraries.
• D. Continuously monitor code commits to repositories and generate summary logs.
• E. Perform static code analysis of committed code and generate summary reports.
• F. Implement an XML gateway and monitor for policy violations.

Answer: D,E

 

NEW QUESTION 110
A small business requires a low-cost approach to theft detection for the audio recordings it produces and sells.
Which of the following techniques will MOST likely meet the business's needs?

• A. Purchasing and installing a DRM suite
• B. Implementing steganography
• C. Adding identifying filesystem metadata to the digital audio files
• D. Performing deep-packet inspection of all digital audio files

Answer: A

 

NEW QUESTION 111
A shipping company that is trying to eliminate entire classes of threats is developing an SELinux policy to ensure its custom Android devices are used exclusively for package tracking.
After compiling and implementing the policy, in which of the following modes must the company ensure the devices are configured to run?

• A. Protecting
• B. Mandatory
• C. Permissive
• D. Enforcing

Answer: D

 

NEW QUESTION 112
......

What is the benefits of the CompTIA CAS-004 Exam

A lot of companies use computers for their business purposes. In order to increase efficiency, they need to hire the best professionals. This is where the CompTIA CAS-004 exam comes into the picture. CAS-004 is a certification exam conducted by CompTIA that helps people who are interested in the field of computer security. This certification is one of the most popular certifications in the IT industry. The CompTIA CAS-004 exam dumps covers a wide range of topics that help candidates understand different concepts related to network security and data protection. Candidates preparing for the CompTIA CAS-004 certification exam will be familiar with the terms such as antivirus, firewall, network design, and more. They will also learn about the different threats and risks that exist on the internet cryptographic This exam is a must for anyone who wants to work in this field log appliances.

 

CAS-004 Exam Questions: Free PDF Download Recently Updated Questions: https://www.easy4engine.com/CAS-004-test-engine.html

CAS-004 Certification Exam Dumps with 235 Practice Test Questions: https://drive.google.com/open?id=1tZZBlDbiHftNrNVJQ8kV4ZDxPql5_g1q