• Home
  • Articles
  • [Q150-Q169] CAS-004 Actual Questions - Instant Download Tests Free Updated Today!

[Q150-Q169] CAS-004 Actual Questions - Instant Download Tests Free Updated Today!

Share

CAS-004 Actual Questions - Instant Download Tests Free Updated Today!

Get instant access of 100% real CompTIA CAS-004 exam questions with verified answers


The CASP+ certification is recognized globally as a validation of an individual's advanced skills and knowledge in the field of cybersecurity. It is a vendor-neutral certification, which means that it is not tied to any specific technology or platform. This makes it an ideal certification for IT professionals who work in diverse environments and want to demonstrate their expertise in the field of cybersecurity. CompTIA Advanced Security Practitioner (CASP+) Exam certification exam is designed to test the individual's ability to develop and implement effective cybersecurity solutions that meet the needs of modern businesses and organizations.


Achieving the CompTIA CASP+ certification can lead to a variety of career opportunities, including positions such as security engineer, security architect, security consultant, and cybersecurity manager. CompTIA Advanced Security Practitioner (CASP+) Exam certification also demonstrates to employers and clients that the candidate has the necessary skills and knowledge to implement effective security solutions and manage complex security environments. Overall, the CompTIA CASP+ certification is a valuable asset for security professionals looking to advance their careers and improve their knowledge and skills in the field of cybersecurity.


What is the Best Solution for the preparation of CompTIA CAS-004 certification Exam

As I have noted, the content of CompTIA CAS-004 Exam is difficult to prepare for. Therefore, CompTIA CAS-004 exam dumps will help you pass the exam easily. It has been written by our experienced experts who have years of experience in the field. You will get all the important information on the CAS-004 certification exam. You will be able to pass this exam in the first attempt itself if you follow the practice questions in the CompTIA CAS-004 Study Guide. I have seen a lot of students taking this certification exam and scoring high marks. The best way to prepare for the CompTIA CAS-004 certification exam is by using our practice exams.

 

NEW QUESTION # 150
A business stores personal client data of individuals residing in the EU in order to process requests for mortgage loan approvals.
Which of the following does the business's IT manager need to consider?

  • A. The right to personal data erasure
  • B. The availability of personal data
  • C. The language of the web application
  • D. The company's annual revenue

Answer: A


NEW QUESTION # 151
A security analyst is reading the results of a successful exploit that was recently conducted by third-party penetration testers. The testers reverse engineered a privileged executable. In the report, the planning and execution of the exploit is detailed using logs and outputs from the test However, the attack vector of the exploit is missing, making it harder to recommend remediation's. Given the following output:

The penetration testers MOST likely took advantage of:

  • A. A plain-text password disclosure
  • B. A buffer overflow vulnerability
  • C. A TOC/TOU vulnerability
  • D. An integer overflow vulnerability

Answer: C


NEW QUESTION # 152
A bank is working with a security architect to find the BEST solution to detect database management system compromises. The solution should meet the following requirements:
- Work at the application layer
- Send alerts on attacks from both privileged and malicious users
- Have a very low false positive
Which of the following should the architect recommend?

  • A. UTM
  • B. NIPS
  • C. WAF
  • D. DAM
  • E. FIM

Answer: D

Explanation:
A DAM solution is a security tool that monitors and analyzes database activity for signs of compromise or malicious activity. It is designed to work at the application layer and can send alerts on attacks from both privileged and malicious users. A DAM solution can also have a very low false positive rate, making it an effective tool for detecting database management system compromises.


NEW QUESTION # 153
A security architect is reviewing the following proposed corporate firewall architecture and configuration:

Both firewalls are stateful and provide Layer 7 filtering and routing. The company has the following requirements:
Web servers must receive all updates via HTTP/S from the corporate network.
Web servers should not initiate communication with the Internet.
Web servers should only connect to preapproved corporate database servers.
Employees' computing devices should only connect to web services over ports 80 and 443.
Which of the following should the architect recommend to ensure all requirements are met in the MOST secure manner? (Choose two.)

  • A. Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP/UDP 0-65535
  • B. Add the following to Firewall_A: 15 PERMIT FROM 192.168.1.0/24 TO 0.0.0.0 TCP 80,443
  • C. Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP 80,443
  • D. Add the following to Firewall_B: 15 PERMIT FROM 192.168.1.0/24 TO 10.0.2.10/32 TCP 80,443
  • E. Add the following to Firewall_B: 15 PERMIT FROM 0.0.0.0/0 TO 10.0.0.0/16 TCP/UDP 0-65535
  • F. Add the following to Firewall_B: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0 TCP/UDP 0-65535

Answer: C,E


NEW QUESTION # 154
A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field and leaves the institution vulnerable.
Which of the following should the security team recommend FIRST?

  • A. Investigating a potential threat identified in logs related to the identity management system
  • B. Beginning research on two-factor authentication to later introduce into the identity management system
  • C. Updating the identity management system to use discretionary access control
  • D. Working with procurement and creating a requirements document to select a new IAM system/vendor

Answer: A


NEW QUESTION # 155
A company just released a new video card. Due to limited supply and nigh demand, attackers are employing automated systems to purchase the device through the company's web store so they can resell it on the secondary market. The company's Intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems. Which of the following now describes the level of risk?

  • A. Residual
  • B. Inherent
    Low
  • C. Transferred
  • D. Mitigated

Answer: B


NEW QUESTION # 156
A video-game developer has received reports of players who are cheating.
All game players each have five capabilities that are ranked on a scale of 1 to 10 points, with 10 total points available for balance.
Players can move these points between capabilities at any time.
The programming logic is as follows:
- A player asks to move points from one capability to another
- The source capability must have enough points to allow the move
- The destination capability must not exceed 10 after the move
- The move from source capability to destination capability is then
completed
The time stamps of the game logs show each step of the transfer process takes about 900ms.
However, the time stamps of the cheating players show capability transfers at the exact same time.
The cheating players have 10 points in multiple capabilities.
Which of the following is MOST likely being exploited to allow these capability transfers?

  • A. SQL injection
  • B. XSS
  • C. Memory leak
  • D. Integer overflow
  • E. CSRF
  • F. TOC/TOU

Answer: F

Explanation:
The software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state.


NEW QUESTION # 157
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user's workstation:
graphic.linux_randomization.prg
Which of the following technologies would mitigate the manipulation of memory segments?

  • A. ASLR
  • B. HSM
  • C. DEP
  • D. NX bit

Answer: A

Explanation:
https://eklitzke.org/memory-protection-and-aslr


NEW QUESTION # 158
An auditor Is reviewing the logs from a web application to determine the source of an Incident. The web application architecture Includes an Internet-accessible application load balancer, a number of web servers In a private subnet, application servers, and one database server In a tiered configuration. The application load balancer cannot store the logs. The following are sample log snippets:

Which of the following should the auditor recommend to ensure future incidents can be traced back to the sources?

  • A. Enable the x-Forwarded-For header al the load balancer.
  • B. Store the value of the $_server ( ' REMOTE_ADDR ' ] received by the web servers.
  • C. Install a software-based HIDS on the application servers.
  • D. Use stored procedures on the database server.
  • E. Install a certificate signed by a trusted CA.

Answer: E


NEW QUESTION # 159
A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence.
Which of the following offers an authoritative decision about whether the evidence was obtained legally?

  • A. Court
  • B. Lawyers
  • C. Upper management team
  • D. Police

Answer: A

Explanation:
Two conditions must be met: first, the electronic evidence must be legally obtained based on written permission from the competent investigation authorities; second, it must be verified as valid by computer science and information technology experts. If those two conditions are not met, the evidence is invalid


NEW QUESTION # 160
An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access.
Which of the following describes the administrator's discovery?

  • A. A breach
  • B. A threat
  • C. A risk
  • D. A vulnerability

Answer: D


NEW QUESTION # 161
A security engineer has been informed by the firewall team that a specific Windows workstation is part of a command-and-control network. The only information the security engineer is receiving is that the traffic is occurring on a non-standard port (TCP 40322). Which of the following commands should the security engineer use FIRST to find the malicious process?

  • A. tcpdump
  • B. tasklist
  • C. ipconfig
  • D. traceroute
  • E. netstat

Answer: E


NEW QUESTION # 162
A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote location. The main requirements are the following:
1. The network supports core applications that have 99.99% uptime.
2. Configuration updates to the SD-WAN routers can only be initiated from the management service.
3. Documents downloaded from websites must be scanned for malware.
Which of the following solutions should the network architect implement to meet the requirements?

  • A. IPSs at the hub, Layer 4 firewalls, and DLP
  • B. DoS protection at the hub site, mutual certificate authentication, and cloud proxy
  • C. Reverse proxy, stateful firewalls, and VPNs at the local sites
  • D. IDSs, WAFs, and forward proxy IDS

Answer: D


NEW QUESTION # 163
An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to change the server configuration to avoid this kind of performance issue. Which of the following is the MOST cost-effective solution?

  • A. Upgrade the server with a new one.
  • B. Buy a new server and create an active-active cluster.
  • C. Change the operating system.
  • D. Move the server to a cloud provider.

Answer: D


NEW QUESTION # 164
Which of the following may indicate a configuration item has reached end-of-life?

  • A. The device will no longer turn on and indicated an error.
  • B. The object has been removed from the Active Directory.
  • C. Logs show a performance degradation of the component.
  • D. The vendor has not published security patches recently.

Answer: D


NEW QUESTION # 165
A company is outsourcing to an MSSP that performs managed detection and response services. The MSSP requires a server to be placed inside the network as a log aggregate and allows remote access to MSSP analyst. Critical devices send logs to the log aggregator, where data is stored for 12 months locally before being archived to a multitenant cloud. The data is then sent from the log aggregate to a public IP address in the MSSP datacenter for analysis.
A security engineer is concerned about the security of the solution and notes the following.
* The critical devise send cleartext logs to the aggregator.
* The log aggregator utilize full disk encryption.
* The log aggregator sends to the analysis server via port 80.
* MSSP analysis utilize an SSL VPN with MFA to access the log aggregator remotely.
* The data is compressed and encrypted prior to being achieved in the cloud.
Which of the following should be the engineer's GREATEST concern?

  • A. Encryption of data in transit
  • B. Network bridging from a remote access VPN
  • C. Hardware vulnerabilities introduced by the log aggregate server
  • D. Multinancy and data remnants in the cloud

Answer: A


NEW QUESTION # 166
A cybersecurity engineer analyst a system for vulnerabilities. The tool created an OVAL. Results document as output. Which of the following would enable the engineer to interpret the results in a human readable form? (Select TWO.)

  • A. Event Viewer
  • B. Debugging utility
  • C. Text editor
  • D. XML style sheet
  • E. SCAP tool
  • F. OOXML editor

Answer: C,E


NEW QUESTION # 167
In preparation for the holiday season, a company redesigned the system that manages retail sales and moved it to a cloud service provider. The new infrastructure did not meet the company's availability requirements. During a postmortem analysis, the following issues were highlighted:
1. International users reported latency when images on the web page
were initially loading.
2. During times of report processing, users reported issues with
inventory when attempting to place orders.
3. Despite the fact that ten new API servers were added, the load
across servers was heavy at peak times.
Which of the following infrastructure design changes would be BEST for the organization to implement to avoid these issues in the future?

  • A. Serve static content via distributed CDNs, create a read replica of the central database and pull reports from there, and auto-scale API servers based on performance.
  • B. Increase the bandwidth for the server that delivers images, use a CDN, change the database to a non-relational database, and split the ten API servers across two load balancers.
  • C. Serve images from an object storage bucket with infrequent read times, replicate the database across different regions, and dynamically create API servers based on load.
  • D. Serve static-content object storage across different regions, increase the instance size on the managed relational database, and distribute the ten API servers across multiple regions.

Answer: A


NEW QUESTION # 168
During a phishing exercise, a few privileged users ranked high on the failure list. The enterprise would like to ensure that privileged users have an extra security- monitoring control in place.
Which of the following is the MOST likely solution?

  • A. A WAF to protect web traffic
  • B. Requirements to change the local password
  • C. User and entity behavior analytics
  • D. A gap analysis

Answer: C

Explanation:
UEBA will work better because it's doing behavior analytics on the admins unlike a WAF that protects only web traffic in this case.


NEW QUESTION # 169
......

Download Latest & Valid Questions For CompTIA CAS-004 exam: https://www.exams4sures.com/CompTIA/CAS-004-practice-exam-dumps.html

Exam Dumps for the Preparation of Latest CAS-004 Exam Questions: https://drive.google.com/open?id=1K2nGnYKKL7zMlCgm_yihSzkWYR1IKoX_

Related Articles

more
CompTIA CAS-004 Certification Practice Exam