November 16, 2024

[May 25, 2022] PrepAwayPDF CAS-004 dumps & CompTIA CASP sure practice dumps [Q102-Q124]

4/5 - (2 votes)

[May 25, 2022] PrepAwayPDF CAS-004 dumps & CompTIA CASP sure practice dumps

CompTIA CAS-004 Actual Questions and Braindumps

CompTIA CASP+ Exam Certification Details:

Sample Questions CompTIA CASP+ Sample Questions
Books / Training CASP+ CAS-004
Exam Price $466 (USD)
Schedule Exam CompTIA Marketplace
Pearson VUE
Passing Score Pass / Fail

CompTIA CAS-004 Exam Syllabus Topics:

Topic Details

Security Architecture 29%

Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network. – Services

  • Load balancer
  • Intrusion detection system (IDS)/network intrusion detection system (NIDS)/wireless intrusion detection system (WIDS)
  • Intrusion prevention system (IPS)/network intrusion prevention system (NIPS)/wireless intrusion prevention system (WIPS)
  • Web application firewall (WAF)
  • Network access control (NAC)
  • Virtual private network (VPN)
  • Domain Name System Security Extensions (DNSSEC)
  • Firewall/unified threat management (UTM)/next-generation firewall (NGFW)
  • Network address translation (NAT) gateway
  • Internet gateway
  • Forward/transparent proxy
  • Reverse proxy
  • Distributed denial-of-service (DDoS) protection
  • Routers
  • Mail security
  • Application programming interface (API) gateway/Extensible Markup Language (XML) gateway
  • Traffic mirroring
    -Switched port analyzer (SPAN) ports
    -Port mirroring
    – Virtual private cloud (VPC)
    -Network tap
  • Sensors
    -Security information and event management (SIEM)
    -File integrity monitoring (FIM)
    -Simple Network Management Protocol (SNMP) traps
    -NetFlow
    -Data loss prevention (DLP)
    -Antivirus

– Segmentation

  • Microsegmentation
  • Local area network (LAN)/virtual local area network (VLAN)
  • Jump box
  • Screened subnet
  • Data zones
  • Staging environments
  • Guest environments
  • VPC/virtual network (VNET)
  • Availability zone
  • NAC lists
  • Policies/security groups
  • Regions
  • Access control lists (ACLs)
  • Peer-to-peer
  • Air gap

– Deperimeterization/zero trust

  • Cloud
  • Remote work
  • Mobile
  • Outsourcing and contracting
  • Wireless/radio frequency (RF) networks

– Merging of networks from various organizations

  • Peering
  • Cloud to on premises
  • Data sensitivity levels
  • Mergers and acquisitions
  • Cross-domain
  • Federation
  • Directory services

– Software-defined networking (SDN)

  • Open SDN
  • Hybrid SDN
  • SDN overlay

Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design. – Scalability

  • Vertically
  • Horizontally

– Resiliency

  • High availability
  • Diversity/heterogeneity
  • Course of action orchestration
  • Distributed allocation
  • Redundancy
  • Replication
  • Clustering

– Automation

  • Autoscaling
  • Security Orchestration, Automation, and Response (SOAR)
  • Bootstrapping

– Performance
– Containerization
– Virtualization
– Content delivery network
– Caching

Given a scenario, integrate software applications securely into an enterprise architecture. – Baseline and templates

  • Secure design patterns/ types of web technologies
    -Storage design patterns
  • Container APIs
  • Secure coding standards
  • Application vetting processes
  • API management
  • Middleware

– Software assurance

  • Sandboxing/development environment
  • Validating third-party libraries
  • Defined DevOps pipeline
  • Code signing
  • Interactive application security testing (IAST) vs. dynamic application security testing (DAST) vs. static application security testing (SAST)

– Considerations of integrating enterprise applications

  • Customer relationship management (CRM)
  • Enterprise resource planning (ERP)
  • Configuration management database (CMDB)
  • Content management system (CMS)
  • Integration enablers
    -Directory services
    -Domain name system (DNS)
    -Service-oriented architecture (SOA)
    -Enterprise service bus (ESB)

– Integrating security into development life cycle

  • Formal methods
  • Requirements
  • Fielding
  • Insertions and upgrades
  • Disposal and reuse
  • Testing
    -Regression
    -Unit testing
    -Integration testing
  • Development approaches
    -SecDevOps
    -Agile
    -Waterfall
    -Spiral
    -Versioning
    -Continuous integration/continuous delivery (CI/CD) pipelines
  • Best practices
    -Open Web Application Security Project (OWASP)
    -Proper Hypertext Transfer Protocol (HTTP) headers
Given a scenario, implement data security techniques for securing enterprise architecture. – Data loss prevention

  • Blocking use of external media
  • Print blocking
  • Remote Desktop Protocol (RDP) blocking
  • Clipboard privacy controls
  • Restricted virtual desktop infrastructure (VDI) implementation
  • Data classification blocking

– Data loss detection

  • Watermarking
  • Digital rights management (DRM)
  • Network traffic decryption/deep packet inspection
  • Network traffic analysis

– Data classification, labeling, and tagging

  • Metadata/attributes

– Obfuscation

  • Tokenization
  • Scrubbing
  • Masking

– Anonymization
– Encrypted vs. unencrypted
– Data life cycle

  • Create
  • Use
  • Share
  • Store
  • Archive
  • Destroy

– Data inventory and mapping
– Data integrity management
– Data storage, backup, and recovery

  • Redundant array of inexpensive disks (RAID)

Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls. – Credential management

  • Password repository application
    -End-user password storage
    -On premises vs. cloud repository
  • Hardware key manager
  • Privileged access management

– Password policies

  • Complexity
  • Length
  • Character classes
  • History
  • Maximum/minimum age
  • Auditing
  • Reversable encryption

– Federation

  • Transitive trust
  • OpenID
  • Security Assertion Markup Language (SAML)
  • Shibboleth

– Access control

  • Mandatory access control (MAC)
  • Discretionary access control (DAC)
  • Role-based access control
  • Rule-based access control
  • Attribute-based access control

– Protocols

  • Remote Authentication Dial-in User Server (RADIUS)
  • Terminal Access Controller Access Control System (TACACS)
  • Diameter
  • Lightweight Directory Access Protocol (LDAP)
  • Kerberos
  • OAuth
  • 802.1X
  • Extensible Authentication Protocol (EAP)

– Multifactor authentication (MFA)

  • Two-factor authentication (2FA)
  • 2-Step Verification
  • In-band
  • Out-of-band

– One-time password (OTP)

  • HMAC-based one-time password (HOTP)
  • Time-based one-time password (TOTP)

– Hardware root of trust- Single sign-on (SSO)- JavaScript Object Notation (JSON) web token (JWT)- Attestation and identity proofing

Given a set of requirements, implement secure cloud and virtualization solutions. – Virtualization strategies

  • Type 1 vs. Type 2 hypervisors
  • Containers
  • Emulation
  • Application virtualization
  • VDI

– Provisioning and deprovisioning
– Middleware
– Metadata and tags
– Deployment models and considerations

  • Business directives
    -Cost
    -Scalability
    -Resources
    -Location
    -Data protection
  • Cloud deployment models
    -Private
    -Public
    -Hybrid
    -Community

– Hosting models

  • Multitenant
  • Single-tenant

– Service models

  • Software as a service (SaaS)
  • Platform as a service (PaaS)
  • Infrastructure as a service (IaaS)

– Cloud provider limitations

  • Internet Protocol (IP) address scheme
  • VPC peering

– Extending appropriate on-premises controls
– Storage models

  • Object storage/file-based storage
  • Database storage
  • Block storage
  • Blob storage
  • Key-value pairs
Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements. – Privacy and confidentiality requirements
– Integrity requirements
– Non-repudiation
– Compliance and policy requirements
– Common cryptography use cases

  • Data at rest
  • Data in transit
  • Data in process/data in use
  • Protection of web services
  • Embedded systems
  • Key escrow/management
  • Mobile security
  • Secure authentication
  • Smart card

– Common PKI use cases

  • Web services
  • Email
  • Code signing
  • Federation
  • Trust models
  • VPN
  • Enterprise and security automation/orchestration
Explain the impact of emerging technologies on enterprise security and privacy. – Artificial intelligence
– Machine learning
– Quantum computing
– Blockchain
– Homomorphic encryption

  • Private information retrieval
  • Secure function evaluation
  • Private function evaluation

– Secure multiparty computation
– Distributed consensus
– Big Data
– Virtual/augmented reality
– 3-D printing
– Passwordless authentication
– Nano technology
– Deep learning

  • Natural language processing
  • Deep fakes

-Biometric impersonation

Security Operations 30%

Given a scenario, perform threat management activities. – Intelligence types

  • Tactical
    -Commodity malware
  • Strategic
    -Targeted attacks
  • Operational
    -Threat hunting
    -Threat emulation

– Actor types

  • Advanced persistent threat (APT)/nation-state
  • Insider threat
  • Competitor
  • Hacktivist
  • Script kiddie
  • Organized crime

– Threat actor properties

  • Resource
    -Time
    -Money
  • Supply chain access
  • Create vulnerabilities
  • Capabilities/sophistication
  • Identifying techniques

– Intelligence collection methods

  • Intelligence feeds
  • Deep web
  • Proprietary
  • Open-source intelligence (OSINT)
  • Human intelligence (HUMINT)

– Frameworks

  • MITRE Adversarial Tactics, Techniques, & Common knowledge (ATT&CK)
    -ATT&CK for industrial control system (ICS)
  • Diamond Model of Intrusion Analysis
  • Cyber Kill Chain
Given a scenario, analyze indicators of compromise and formulate an appropriate response. – Indicators of compromise

  • Packet capture (PCAP)
  • Logs
    -Network logs
    -Vulnerability logs
    -Operating system logs
    -Access logs
    -NetFlow logs
  • Notifications
    -FIM alerts
    -SIEM alerts
    -DLP alerts
    -IDS/IPS alerts
    -Antivirus alerts
  • Notification severity/priorities
  • Unusual process activity

– Response

  • Firewall rules
  • IPS/IDS rules
  • ACL rules
  • Signature rules
  • Behavior rules
  • DLP rules
  • Scripts/regular expressions
Given a scenario, perform vulnerability management activities. – Vulnerability scans

  • Credentialed vs. non-credentialed
  • Agent-based/server-based
  • Criticality ranking
  • Active vs. passive

– Security Content Automation Protocol (SCAP)

  • Extensible Configuration Checklist Description Format (XCCDF)
  • Open Vulnerability and Assessment Language (OVAL)
  • Common Platform Enumeration (CPE)
  • Common Vulnerabilities and Exposures (CVE)
  • Common Vulnerability Scoring System (CVSS)
  • Common Configuration Enumeration (CCE)
  • Asset Reporting Format (ARF)

– Self-assessment vs. third-party vendor assessment
– Patch management
– Information sources

  • Advisories
  • Bulletins
  • Vendor websites
  • Information Sharing and Analysis Centers (ISACs)
  • News reports
Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools. – Methods

  • Static analysis
  • Dynamic analysis
  • Side-channel analysis
  • Reverse engineering
    -Software
    -Hardware
  • Wireless vulnerability scan
  • Software composition analysis
  • Fuzz testing
  • ivoting
  • Post-exploitation
  • Persistence

– Tools

  • SCAP scanner
  • Network traffic analyzer
  • Vulnerability scanner
  • Protocol analyzer
  • Port scanner
  • HTTP interceptor
  • Exploit framework
  • Password cracker

– Dependency management
– Requirements

  • Scope of work
  • Rules of engagement
  • Invasive vs. non-invasive
  • Asset inventory
  • Permissions and access
  • Corporate policy considerations
  • Facility considerations
  • Physical security considerations
  • Rescan for corrections/changes
Given a scenario, analyze vulnerabilities and recommend risk mitigations. – Vulnerabilities

  • Race conditions
  • Overflows
    -Buffer
    -Integer
  • Broken authentication
  • Unsecure references
  • Poor exception handling
  • Security misconfiguration
  • Improper headers
  • Information disclosure
  • Certificate errors
  • Weak cryptography implementations
  • Weak ciphers
  • Weak cipher suite implementations
  • Software composition analysis
  • Use of vulnerable frameworks and software modules
  • Use of unsafe functions
  • Third-party libraries
    -Dependencies
    -Code injections/malicious changes
    -End of support/end of life
    -Regression issues

– Inherently vulnerable system/application

  • Client-side processing vs. server-side processing
  • JSON/representational state transfer (REST)
  • Browser extensions
    -Flash
    -ActiveX
  • Hypertext Markup Language 5 (HTML5)
  • Asynchronous JavaScript and XML (AJAX)
  • Simple Object Access Protocol (SOAP)
  • Machine code vs. bytecode or interpreted vs. emulated

– Attacks

  • Directory traversal
  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • Injection
    -XML
    -LDAP
    -Structured Query Language (SQL)
    -Command
    -Process
  • Sandbox escape
  • Virtual machine (VM) hopping
  • VM escape
  • Border Gateway Protocol (BGP)/route hijacking
  • Interception attacks
  • Denial-of-service (DoS)/DDoS
  • Authentication bypass
  • Social engineering
  • VLAN hopping

Given a scenario, use processes to reduce risk. – Proactive and detection

  • Hunts
  • Developing countermeasures
  • Deceptive technologies
    -Honeynet
    -Honeypot
    -Decoy files
    -Simulators
    -Dynamic network configurations

– Security data analytics

  • Processing pipelines
    -Data
    -Stream
  • Indexing and search
  • Log collection and curation
  • Database activity monitoring

– Preventive

  • Antivirus
  • Immutable systems
  • Hardening
  • Sandbox detonation

– Application control

  • License technologies
  • Allow list vs. block list
  • Time of check vs. time of use
  • Atomic execution

– Security automation

  • Cron/scheduled tasks
  • Bash
  • PowerShell
  • Python

– Physical security

  • Review of lighting
  • Review of visitor logs
  • Camera reviews
  • Open spaces vs. confined spaces
Given an incident, implement the appropriate response. – Event classifications

  • False positive
  • False negative
  • True positive
  • True negative

– Triage event
– Preescalation tasks
– Incident response process

  • Preparation
  • Detection
  • Analysis
  • Containment
  • Recovery
  • Lessons learned

– Specific response playbooks/processes

  • Scenarios
    -Ransomware
    -Data exfiltration
    -Social engineering
  • Non-automated response methods
  • Automated response methods
    -Runbooks
    -SOAR

– Communication plan
– Stakeholder management

Explain the importance of forensic concepts. – Legal vs. internal corporate purposes
– Forensic process

  • Identification
  • Evidence collection
    -Chain of custody
    -Order of volatility
    1. Memory snapshots
    2. Images
    -Cloning
  • Evidence preservation
    -Secure storage
    -Backups
  • Analysis
    -Forensics tools
  • Verification
  • Presentation

– Integrity preservation

  • Hashing

– Cryptanalysis

– Steganalysis

Given a scenario, use forensic analysis tools. – File carving tools

  • Foremost
  • Strings

– Binary analysis tools

  • Hex dump
  • Binwalk
  • Ghidra
  • GNU Project debugger (GDB)
  • OllyDbg
  • readelf
  • objdump
  • strace
  • ldd
  • file

– Analysis tools

  • ExifTool
  • Nmap
  • Aircrack-ng
  • Volatility
  • The Sleuth Kit
  • Dynamically vs. statically linked

– Imaging tools

  • Forensic Toolkit (FTK) Imager
  • dd

– Hashing utilities

  • sha256sum
  • ssdeep

– Live collection vs. post-mortem tools

  • netstat
  • ps
  • vmstat
  • ldd
  • lsof
  • netcat
  • tcpdump
  • conntrack
  • Wireshark

Security Engineering and Cryptography 26%

Given a scenario, apply secure configurations to enterprise mobility – Managed configurations

  • Application control
  • Password
  • MFA requirements
  • Token-based access
  • Patch repository
  • Firmware Over-the-Air
  • Remote wipe
  • WiFi
    -WiFi Protected Access (WPA2/3)
    -Device certificates
  • Profiles
  • Bluetooth
  • Near-field communication (NFC)
  • Peripherals
  • Geofencing
  • VPN settings
  • Geotagging
  • Certificate management
  • Full device encryption
  • Tethering
  • Airplane mode
  • Location services
  • DNS over HTTPS (DoH)
  • Custom DNS

– Deployment scenarios

  • Bring your own device (BYOD)
  • Corporate-owned
  • Corporate owned, personally enabled (COPE)
  • Choose your own device (CYOD)

– Security considerations

  • Unauthorized remote activation/deactivation of devices or features
  • Encrypted and unencrypted communication concerns
  • Physical reconnaissance
  • Personal data theft
  • Health privacy
  • Implications of wearable devices
  • Digital forensics of collected data
  • Unauthorized application stores
  • Jailbreaking/rooting
  • Side loading
  • Containerization
  • Original equipment manufacturer (OEM) and carrier differences
  • Supply chain issues
  • eFuse

Given a scenario, configure and implement endpoint security controls. – Hardening techniques

  • Removing unneeded services
  • Disabling unused accounts
  • Images/templates
  • Remove end-of-life devices
  • Remove end-of-support devices
  • Local drive encryption
  • Enable no execute (NX)/execute never (XN) bit
  • Disabling central processing unit (CPU) virtualization support
  • Secure encrypted enclaves/memory encryption
  • Shell restrictions
  • Address space layout randomization (ASLR)

– Processes

  • Patching
  • Firmware
  • Application
  • Logging
  • Monitoring

– Mandatory access control

  • Security-Enhanced Linux (SELinux)/Security-Enhanced Android (SEAndroid)
  • Kernel vs. middleware

– Trustworthy computing

  • Trusted Platform Module (TPM)
  • Secure Boot
  • Unified Extensible Firmware Interface (UEFI)/basic input/output system (BIOS) protection
  • Attestation services
  • Hardware security module (HSM)
  • Measured boot
  • Self-encrypting drives (SEDs)

– Compensating controls

  • Antivirus
  • Application controls
  • Host-based intrusion detection system (HIDS)/Host-based intrusion prevention system (HIPS)
  • Host-based firewall
  • Endpoint detection and response (EDR)
  • Redundant hardware
  • Self-healing hardware
  • User and entity behavior analytics (UEBA)

Explain security considerations impacting specific sectors and operational technologies. – Embedded

  • Internet of Things (IoT)
  • System on a chip (SoC)
  • Application-specific integrated circuit (ASIC)
  • Field-programmable gate array (FPGA)

– ICS/supervisory control and data acquisition (SCADA)

  • Programmable logic controller (PLC)
  • Historian
  • Ladder logic
  • Safety instrumented system
  • Heating, ventilation, and air conditioning (HVAC)

– Protocols

  • Controller Area Network (CAN) bus
  • Modbus
  • Distributed Network Protocol 3 (DNP3)
  • Zigbee
  • Common Industrial Protocol (CIP)
  • Data distribution service

– Sectors

  • Energy
  • Manufacturing
  • Healthcare
  • Public utilities
  • Public services
  • Facility services

Explain how cloud technology adoption impacts organizational security. – Automation and orchestration- Encryption configuration
– Logs

  • Availability
  • Collection
  • Monitoring
  • Configuration
  • Alerting

– Monitoring configurations
– Key ownership and location
– Key life-cycle management
– Backup and recovery methods

  • Cloud as business continuity and disaster recovery (BCDR)
  • Primary provider BCDR
  • Alternative provider BCDR

– Infrastructure vs. serverless computing
– Application virtualization
– Software-defined networking
– Misconfigurations
– Collaboration tools
– Storage configurations

  • Bit splitting
  • Data dispersion

– Cloud access security broker (CASB)

Given a business requirement, implement the appropriate PKI solution. – PKI hierarchy

  • Certificate authority (CA)
  • Subordinate/intermediate CA
  • Registration authority (RA)

– Certificate types

  • Wildcard certificate
  • Extended validation
  • Multidomain
  • General purpose

– Certificate usages/profiles/templates

  • Client authentication
  • Server authentication
  • Digital signatures
  • Code signing

– Extensions

  • Common name (CN)
  • Subject alternate name (SAN)

– Trusted providers
– Trust model
– Cross-certification
– Configure profiles
– Life-cycle management
– Public and private keys
– Digital signature
– Certificate pinning
– Certificate stapling
– Certificate signing requests (CSRs)
– Online Certificate Status Protocol (OCSP) vs. certificate revocation list (CRL)
– HTTP Strict Transport Security (HSTS)

Given a business requirement, implement the appropriate cryptographic protocols and algorithms. – Hashing

  • Secure Hashing Algorithm (SHA)
  • Hash-based message authentication code (HMAC)
  • Message digest (MD)
  • RACE integrity primitives evaluation message digest (RIPEMD)
  • Poly1305

– Symmetric algorithms

  • Modes of operation
    -Galois/Counter Mode (GCM)
    -Electronic codebook (ECB)
    -Cipher block chaining (CBC)
    -Counter (CTR)
    -Output feedback (OFB)
  • Stream and block
    -Advanced Encryption Standard (AES)
    -Triple digital encryption standard (3DES)
    -ChaCha
    -Salsa20

– Asymmetric algorithms

  • Key agreement
    -Diffie-Hellman
    -Elliptic-curve Diffie-Hellman (ECDH)
  • Signing
    -Digital signature algorithm (DSA)
    -Rivest, Shamir, and Adleman (RSA)
    -Elliptic-curve digital signature algorithm (ECDSA)

– Protocols

  • Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
  • Secure/Multipurpose Internet Mail Extensions (S/MIME)
  • Internet Protocol Security (IPSec)
  • Secure Shell (SSH)
  • EAP

– Elliptic curve cryptography

  • P256
  • P384

– Forward secrecy

– Authenticated encryption with associated data- Key stretching

  • Password-based key derivation function 2 (PBKDF2)
  • Bcrypt
Given a scenario, troubleshoot issues with cryptographic implementations. – Implementation and configuration issues

  • Validity dates
  • Wrong certificate type
  • Revoked certificates
  • Incorrect name
  • Chain issues
    -Invalid root or intermediate CAs
    -Self-signed
  • Weak signing algorithm
  • Weak cipher suite
  • Incorrect permissions
  • Cipher mismatches
  • Downgrade

– Keys

  • Mismatched
  • Improper key handling
  • Embedded keys
  • Rekeying
  • Exposed private keys
  • Crypto shredding
  • Cryptographic obfuscation
  • Key rotation
  • Compromised keys

Governance, Risk, and Compliance 15%

 

NEW QUESTION 102
A security architect works for a manufacturing organization that has many different branch offices. The architect is looking for a way to reduce traffic and ensure the branch offices receive the latest copy of revoked certificates issued by the CA at the organization’s headquarters location. The solution must also have the lowest power requirement on the CA.
Which of the following is the BEST solution?

 
 
 
 

NEW QUESTION 103
A company processes data subject to NDAs with partners that define the processing and storage constraints for the covered dat a. The agreements currently do not permit moving the covered data to the cloud, and the company would like to renegotiate the terms of the agreements.
Which of the following would MOST likely help the company gain consensus to move the data to the cloud?

 
 
 
 

NEW QUESTION 104
A company’s SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign.
Which of the following should the company use to make this determination?

 
 
 
 

NEW QUESTION 105
Due to locality and budget constraints, an organization’s satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.
Which of the following would be the BEST option to implement?

 
 
 
 

NEW QUESTION 106
An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to change the server configuration to avoid this kind of performance issue.
Which of the following is the MOST cost-effective solution?

 
 
 
 

NEW QUESTION 107
SIMULATION
You are a security analyst tasked with interpreting an Nmap scan output from company’s privileged network.
The company’s hardening guidelines indicate the following:
There should be one primary server or service per device.
Only default ports should be used.
Non-secure protocols should be disabled.
INSTRUCTIONS
Using the Nmap output, identify the devices on the network and their roles, and any open ports that should be closed.
For each device found by Nmap, add a device entry to the Devices Discovered list, with the following information:
The IP address of the device
The primary server or service of the device (Note that each IP should by associated with one service/port only) The protocol(s) that should be disabled based on the hardening guidelines (Note that multiple ports may need to be closed to comply with the hardening guidelines) If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

NEW QUESTION 108
A security analyst notices a number of SIEM events that show the following activity:

Which of the following response actions should the analyst take FIRST?

 
 
 
 

NEW QUESTION 109
A cybersecurity analyst discovered a private key that could have been exposed.
Which of the following is the BEST way for the analyst to determine if the key has been compromised?

 
 
 
 

NEW QUESTION 110
A security engineer needs to recommend a solution that will meet the following requirements:
Identify sensitive data in the provider’s network
Maintain compliance with company and regulatory guidelines
Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements?

 
 
 
 

NEW QUESTION 111
An organization’s existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently, the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.
Which of the following designs would be BEST for the CISO to use?

 
 
 
 
 

NEW QUESTION 112
Which of the following technologies allows CSPs to add encryption across multiple data storages?

 
 
 
 

NEW QUESTION 113
A company is looking for a solution to hide data stored in databases. The solution must meet the following requirements:
Be efficient at protecting the production environment
Not require any change to the application
Act at the presentation layer
Which of the following techniques should be used?

 
 
 
 

NEW QUESTION 114
A company is looking to fortify its cybersecurity defenses and is focusing on its network infrastructure. The solution cannot affect the availability of the company’s services to ensure false positives do not drop legitimate traffic.
Which of the following would satisfy the requirement?

 
 
 
 

NEW QUESTION 115
A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the company is concerned about HTTPS interception attacks.
Which of the following would be the BEST solution against this type of attack?

 
 
 
 

NEW QUESTION 116
An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items.
Which of the following phases establishes the identification and prioritization of critical systems and functions?

 
 
 
 

NEW QUESTION 117
A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.
Which of the following scan types will provide the systems administrator with the MOST accurate information?

 
 
 
 

NEW QUESTION 118
An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Which of the following is MOST likely the root cause?

 
 
 
 

NEW QUESTION 119
A security analyst is validating the MAC policy on a set of Android devices. The policy was written to ensure non-critical applications are unable to access certain resources. When reviewing dmesg, the analyst notes many entries such as:
Despite the deny message, this action was still permit following is the MOST likely fix for this issue?

 
 
 
 

NEW QUESTION 120
A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization. The legal department provided the security team with a list of search terms to investigate.
This is an example of:

 
 
 
 

NEW QUESTION 121
An organization recently experienced a ransomware attack. The security team leader is concerned about the attack reoccurring. However, no further security measures have been implemented.
Which of the following processes can be used to identify potential prevention recommendations?

 
 
 
 

NEW QUESTION 122
The Chief information Officer (CIO) wants to establish a non-banding agreement with a third party that outlines the objectives of the mutual arrangement dealing with data transfers between both organizations before establishing a format partnership. Which of the follow would MOST likely be used?

 
 
 
 

NEW QUESTION 123
A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software. Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run in serial to restore nominal performance. The ISP wants this process to be automated.
Which of the following techniques would be BEST suited for this requirement?

 
 
 
 

NEW QUESTION 124
A small company recently developed prototype technology for a military program. The company’s security engineer is concerned about potential theft of the newly developed, proprietary information.
Which of the following should the security engineer do to BEST manage the threats proactively?

 
 
 
 

Latest CAS-004 Pass Guaranteed Exam Dumps with Accurate & Updated Questions: https://www.prepawaypdf.com/CompTIA/CAS-004-practice-exam-dumps.html

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter the text from the image below