getcertified4sure.com

CAS-004 Exam

100% Guarantee CompTIA CAS-004 Free Exam Online




Practical of CAS-004 exam cram materials and pdf exam for CompTIA certification for customers, Real Success Guaranteed with Updated CAS-004 pdf dumps vce Materials. 100% PASS CompTIA Advanced Security Practitioner (CASP+) Exam exam Today!

CompTIA CAS-004 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
After a security incident, a network security engineer discovers that a portion of the company’s sensitive external traffic has been redirected through a secondary ISP that is not normally used.
Which of the following would BEST secure the routes while allowing the network to function in the event of a single provider failure?

  • A. Disable BGP and implement a single static route for each internal network.
  • B. Implement a BGP route reflector.
  • C. Implement an inbound BGP prefix list.
  • D. Disable BGP and implement OSPF.

Answer: B

NEW QUESTION 2
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/ output (I/O) on the disk drive.
CAS-004 dumps exhibit
Based on the output above, from which of the following process IDs can the analyst begin an investigation?

  • A. 65
  • B. 77
  • C. 83
  • D. 87

Answer: D

NEW QUESTION 3
A disaster recovery team learned of several mistakes that were made during the last disaster recovery parallel test. Computational resources ran out at 70% of restoration of critical services.
Which of the following should be modified to prevent the issue from reoccurring?

  • A. Recovery point objective
  • B. Recovery time objective
  • C. Mission-essential functions
  • D. Recovery service level

Answer: B

Explanation:
Reference: https://www.nakivo.com/blog/disaster-recovery-in-cloud-computing/
CAS-004 dumps exhibit

NEW QUESTION 4
Which of the following allows computation and analysis of data within a ciphertext without knowledge of the plaintext?

  • A. Lattice-based cryptography
  • B. Quantum computing
  • C. Asymmetric cryptography
  • D. Homomorphic encryption

Answer: C

Explanation:
Reference: https://searchsecurity.techtarget.com/definition/cryptanalysis

NEW QUESTION 5
An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following:
Unstructured data being exfiltrated after an employee leaves the organization
Data being exfiltrated as a result of compromised credentials
Sensitive information in emails being exfiltrated
Which of the following solutions should the security team implement to mitigate the risk of data loss?

  • A. Mobile device management, remote wipe, and data loss detection
  • B. Conditional access, DoH, and full disk encryption
  • C. Mobile application management, MFA, and DRM
  • D. Certificates, DLP, and geofencing

Answer: A

NEW QUESTION 6
An organization wants to perform a scan of all its systems against best practice security configurations.
Which of the following SCAP standards, when combined, will enable the organization to view each of the configuration checks in a machine-readable checklist format for fill automation? (Choose two.)

  • A. ARF
  • B. XCCDF
  • C. CPE
  • D. CVE
  • E. CVSS
  • F. OVAL

Answer: BF

Explanation:
Reference: https://www.govinfo.gov/content/pkg/GOVPUB-C13-9ecd8eae582935c93d7f410e955dabb6/pdf/GOVPUB-C13-9ecd8eae582935c93d7f410e955dabb6.pdf (p.12)

NEW QUESTION 7
A security analyst is reviewing the following output:
CAS-004 dumps exhibit
Which of the following would BEST mitigate this type of attack?

  • A. Installing a network firewall
  • B. Placing a WAF inline
  • C. Implementing an IDS
  • D. Deploying a honeypot

Answer: A

NEW QUESTION 8
During a remodel, a company’s computer equipment was moved to a secure storage room with cameras positioned on both sides of the door. The door is locked using a card reader issued by the security team, and only the security team and department managers have access to the room. The company wants to be able to identify any unauthorized individuals who enter the storage room by following an authorized employee.
Which of the following processes would BEST satisfy this requirement?

  • A. Monitor camera footage corresponding to a valid access request.
  • B. Require both security and management to open the door.
  • C. Require department managers to review denied-access requests.
  • D. Issue new entry badges on a weekly basis.

Answer: A

Explanation:
Reference: https://www.getkisi.com/access-control

NEW QUESTION 9
A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were transferred via TLSprotected HTTP sessions from systems that do not send traffic to those sites.
The technician will define this threat as:

  • A. a decrypting RSA using obsolete and weakened encryption attack.
  • B. a zero-day attack.
  • C. an advanced persistent threat.
  • D. an on-path attack.

Answer: A

Explanation:
Reference: https://www.internetsociety.org/deploy360/tls/basics/

NEW QUESTION 10
An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports.
Which of the following historian server locations will allow the business to get the required reports in an ?? and IT environment?

  • A. In the ?? environment, use a VPN from the IT environment into the ?? environment.
  • B. In the ?? environment, allow IT traffic into the ?? environment.
  • C. In the IT environment, allow PLCs to send data from the ?? environment to the IT environment.
  • D. Use a screened subnet between the ?? and IT environments.

Answer: A

NEW QUESTION 11
A company is implementing SSL inspection. During the next six months, multiple web applications that will be separated out with subdomains will be deployed. Which of the following will allow the inspection of the data without multiple certificate deployments?

  • A. Include all available cipher suites.
  • B. Create a wildcard certificate.
  • C. Use a third-party CA.
  • D. Implement certificate pinning.

Answer: D

NEW QUESTION 12
A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information .
Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

  • A. Hybrid IaaS solution in a single-tenancy cloud
  • B. Pass solution in a multinency cloud
  • C. SaaS solution in a community cloud
  • D. Private SaaS solution in a single tenancy cloud.

Answer: D

NEW QUESTION 13
A security architect works for a manufacturing organization that has many different branch offices. The architect is looking for a way to reduce traffic and ensure the branch offices receive the latest copy of revoked certificates issued by the CA at the organization’s headquarters location. The solution must also have the lowest power requirement on the CA.
Which of the following is the BEST solution?

  • A. Deploy an RA on each branch office.
  • B. Use Delta CRLs at the branches.
  • C. Configure clients to use OCSP.
  • D. Send the new CRLs by using GPO.

Answer: C

Explanation:
Reference: https://www.sciencedirect.com/topics/computer-science/revoke-certificate

NEW QUESTION 14
Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?

  • A. Importing the availability of messages
  • B. Ensuring non-repudiation of messages
  • C. Enforcing protocol conformance for messages
  • D. Assuring the integrity of messages

Answer: D

NEW QUESTION 15
A security analyst is investigating a series of suspicious emails by employees to the security team. The email appear to come from a current business partner and do not contain images or URLs. No images or URLs were stripped from the message by the security tools the company uses instead, the emails only include the following in plain text.
CAS-004 dumps exhibit
Which of the following should the security analyst perform?

  • A. Contact the security department at the business partner and alert them to the email event.
  • B. Block the IP address for the business partner at the perimeter firewall.
  • C. Pull the devices of the affected employees from the network in case they are infected with a zero-day virus.
  • D. Configure the email gateway to automatically quarantine all messages originating from the business partner.

Answer: A

NEW QUESTION 16
A company is migrating from company-owned phones to a BYOD strategy for mobile devices. The pilot program will start with the executive management team and be rolled out to the rest of the staff in phases. The company’s Chief Financial Officer loses a phone multiple times a year.
Which of the following will MOST likely secure the data on the lost device?

  • A. Require a VPN to be active to access company data.
  • B. Set up different profiles based on the person’s risk.
  • C. Remotely wipe the device.
  • D. Require MFA to access company applications.

Answer: D

NEW QUESTION 17
A security analyst notices a number of SIEM events that show the following activity:
CAS-004 dumps exhibit
Which of the following response actions should the analyst take FIRST?

  • A. Disable powershell.exe on all Microsoft Windows endpoints.
  • B. Restart Microsoft Windows Defender.
  • C. Configure the forward proxy to block 40.90.23.154.
  • D. Disable local administrator privileges on the endpoints.

Answer: A

NEW QUESTION 18
A new web server must comply with new secure-by-design principles and PCI DSS. This includes mitigating the risk of an on-path attack. A security analyst is reviewing the following web server configuration:
CAS-004 dumps exhibit
Which of the following ciphers should the security analyst remove to support the business requirements?

  • A. TLS_AES_128_CCM_8_SHA256
  • B. TLS_DHE_DSS_WITH_RC4_128_SHA
  • C. TLS_CHACHA20_POLY1305_SHA256
  • D. TLS_AES_128_GCM_SHA256

Answer: C

NEW QUESTION 19
A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote location. The main requirements are the following:
* 1. The network supports core applications that have 99.99% uptime.
* 2. Configuration updates to the SD-WAN routers can only be initiated from the management service.
* 3. Documents downloaded from websites must be scanned for malware.
Which of the following solutions should the network architect implement to meet the requirements?

  • A. Reverse proxy, stateful firewalls, and VPNs at the local sites
  • B. IDSs, WAFs, and forward proxy IDS
  • C. DoS protection at the hub site, mutual certificate authentication, and cloud proxy
  • D. IPSs at the hub, Layer 4 firewalls, and DLP

Answer: B

NEW QUESTION 20
A SOC analyst is reviewing malicious activity on an external, exposed web server. During the investigation, the analyst determines specific traffic is not being logged, and there is no visibility from the WAF for the web application.
Which of the following is the MOST likely cause?

  • A. The user agent client is not compatible with the WAF.
  • B. A certificate on the WAF is expired.
  • C. HTTP traffic is not forwarding to HTTPS to decrypt.
  • D. Old, vulnerable cipher suites are still being used.

Answer: B

Explanation:
Reference: https://aws.amazon.com/premiumsupport/knowledge-center/waf-block-http-requests-no-user-agent/
CAS-004 dumps exhibit

NEW QUESTION 21
......

Thanks for reading the newest CAS-004 exam dumps! We recommend you to try the PREMIUM 2passeasy CAS-004 dumps in VCE and PDF here: https://www.2passeasy.com/dumps/CAS-004/ (128 Q&As Dumps)