[Apr 14, 2022] CAS-004 PDF Questions and Testing Engine With 173 Questions [Q51-Q71]

Rate this post

[Apr 14, 2022] CAS-004 PDF Questions and Testing Engine With 173 Questions

Updated Exam Engine for CAS-004 Exam Free Demo & 365 Day Updates

NEW QUESTION 51
A security architect works for a manufacturing organization that has many different branch offices. The architect is looking for a way to reduce traffic and ensure the branch offices receive the latest copy of revoked certificates issued by the CA at the organization’s headquarters location. The solution must also have the lowest power requirement on the CA.
Which of the following is the BEST solution?

Deploy an RA on each branch office.

Use Delta CRLs at the branches.

Configure clients to use OCSP.

Send the new CRLs by using GPO.

NEW QUESTION 52
An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports.
Which of the following historian server locations will allow the business to get the required reports in an OT and IT environment?

In the OT environment, use a VPN from the IT environment into the OT environment.

In the OT environment, allow IT traffic into the OT environment.

In the IT environment, allow PLCs to send data from the OT environment to the IT environment.

Use a screened subnet between the OT and IT environments.

NEW QUESTION 53
A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away.
Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

Scan the code with a static code analyzer, change privileged user passwords, and provide security training.

Change privileged usernames, review the OS logs, and deploy hardware tokens.

Implement MFA, review the application logs, and deploy a WAF.

Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.

NEW QUESTION 54
An organization developed a social media application that is used by customers in multiple remote geographic locations around the world. The organization’s headquarters and only datacenter are located in New York City. The Chief Information Security Officer wants to ensure the following requirements are met for the social media application:
Low latency for all mobile users to improve the users’ experience
SSL offloading to improve web server performance
Protection against DoS and DDoS attacks
High availability
Which of the following should the organization implement to BEST ensure all requirements are met?

A cache server farm in its datacenter

A load-balanced group of reverse proxy servers with SSL acceleration

A CDN with the origin set to its datacenter

Dual gigabit-speed Internet connections with managed DDoS prevention

NEW QUESTION 55
A security analyst is researching containerization concepts for an organization. The analyst is concerned about potential resource exhaustion scenarios on the Docker host due to a single application that is overconsuming available resources.
Which of the following core Linux concepts BEST reflects the ability to limit resource allocation to containers?

Union filesystem overlay

Cgroups

Linux namespaces

Device mapper

NEW QUESTION 56
While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?

Pay the ransom within 48 hours.

Isolate the servers to prevent the spread.

Notify law enforcement.

Request that the affected servers be restored immediately.

NEW QUESTION 57
A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line.
Which of the following commands would be the BEST to run to view only active Internet connections?

sudo netstat -antu | grep “LISTEN” | awk ‘{print$5}’

sudo netstat -nlt -p | grep “ESTABLISHED”

sudo netstat -plntu | grep -v “Foreign Address”

sudo netstat -pnut -w | column -t -s $’w’

sudo netstat -pnut | grep -P ^tcp

NEW QUESTION 58
A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization.
Which of the following actions would BEST resolve the issue? (Choose two.)

Conduct input sanitization.

Deploy a SIEM.

Use containers.

Patch the OS

Deploy a WAF.

Deploy a reverse proxy

Deploy an IDS.

NEW QUESTION 59
The Chief information Officer (CIO) wants to establish a non-banding agreement with a third party that outlines the objectives of the mutual arrangement dealing with data transfers between both organizations before establishing a format partnership. Which of the follow would MOST likely be used?

MOU

OLA

NDA

SLA

NEW QUESTION 60
A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security.
Which of the following encryption methods should the cloud security engineer select during the implementation phase?

Instance-based

Storage-based

Proxy-based

Array controller-based

NEW QUESTION 61
A security engineer was auditing an organization’s current software development practice and discovered that multiple open-source libraries were Integrated into the organization’s software. The organization currently performs SAST and DAST on the software it develops.
Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?

Perform additional SAST/DAST on the open-source libraries.

Implement the SDLC security guidelines.

Track the library versions and monitor the CVE website for related vulnerabilities.

Perform unit testing of the open-source libraries.

NEW QUESTION 62
Which of the following controls primarily detects abuse of privilege but does not prevent it?

Off-boarding

Separation of duties

Least privilege

Job rotation

NEW QUESTION 63
A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:
Only users with corporate-owned devices can directly access servers hosted by the cloud provider.
The company can control what SaaS applications each individual user can access.
User browser activity can be monitored.
Which of the following solutions would BEST meet these requirements?

IAM gateway, MDM, and reverse proxy

VPN, CASB, and secure web gateway

SSL tunnel, DLP, and host-based firewall

API gateway, UEM, and forward proxy

NEW QUESTION 64
An organization’s existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently, the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.
Which of the following designs would be BEST for the CISO to use?

Adding a second redundant layer of alternate vendor VPN concentrators

Using Base64 encoding within the existing site-to-site VPN connections

Distributing security resources across VPN sites

Implementing IDS services with each VPN concentrator

Transitioning to a container-based architecture for site-based services

NEW QUESTION 65
A disaster recovery team learned of several mistakes that were made during the last disaster recovery parallel test. Computational resources ran out at 70% of restoration of critical services.
Which of the following should be modified to prevent the issue from reoccurring?

Recovery point objective

Recovery time objective

Mission-essential functions

Recovery service level

NEW QUESTION 66
As part of the customer registration process to access a new bank account, customers are required to upload a number of documents, including their passports and driver’s licenses. The process also requires customers to take a current photo of themselves to be compared against provided documentation.
Which of the following BEST describes this process?

Deepfake

Know your customer

Identity proofing

Passwordless

NEW QUESTION 67
A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence.
Which of the following offers an authoritative decision about whether the evidence was obtained legally?

Lawyers

Court

Upper management team

Police

NEW QUESTION 68
A company hired a third party to develop software as part of its strategy to be quicker to market. The company’s policy outlines the following requirements:
The credentials used to publish production software to the container registry should be stored in a secure location.
Access should be restricted to the pipeline service account, without the ability for the third-party developer to read the credentials directly.
Which of the following would be the BEST recommendation for storing and monitoring access to these shared credentials?

TPM

Local secure password file

MFA

Key vault

NEW QUESTION 69
A company’s product site recently had failed API calls, resulting in customers being unable to check out and purchase products. This type of failure could lead to the loss of customers and damage to the company’s reputation in the market.
Which of the following should the company implement to address the risk of system unavailability?

User and entity behavior analytics

Redundant reporting systems

A self-healing system

Application controls

NEW QUESTION 70
A security auditor needs to review the manner in which an entertainment device operates. The auditor is analyzing the output of a port scanning tool to determine the next steps in the security review. Given the following log output.
The best option for the auditor to use NEXT is:

A SCAP assessment.

Reverse engineering

Fuzzing

Network interception.

NEW QUESTION 71
A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information. Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

Hybrid IaaS solution in a single-tenancy cloud

Pass solution in a multinency cloud

SaaS solution in a community cloud

Private SaaS solution in a single tenancy cloud.