Feb-2022 CompTIA CAS-004 Certification Real 2022 Mock Exam [Q61-Q78] | DumpsMaterials

Feb-2022 CompTIA CAS-004 Certification Real 2022 Mock Exam [Q61-Q78]

Share

Feb-2022 CompTIA CAS-004 Certification Real 2022 Mock Exam

CAS-004 Exam Questions and Valid PMP Dumps PDF


CompTIA CAS-004 Exam Syllabus Topics:

TopicDetails

Security Architecture 29%

Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network.- Services
  • Load balancer
  • Intrusion detection system (IDS)/network intrusion detection system (NIDS)/wireless intrusion detection system (WIDS)
  • Intrusion prevention system (IPS)/network intrusion prevention system (NIPS)/wireless intrusion prevention system (WIPS)
  • Web application firewall (WAF)
  • Network access control (NAC)
  • Virtual private network (VPN)
  • Domain Name System Security Extensions (DNSSEC)
  • Firewall/unified threat management (UTM)/next-generation firewall (NGFW)
  • Network address translation (NAT) gateway
  • Internet gateway
  • Forward/transparent proxy
  • Reverse proxy
  • Distributed denial-of-service (DDoS) protection
  • Routers
  • Mail security
  • Application programming interface (API) gateway/Extensible Markup Language (XML) gateway
  • Traffic mirroring
    -Switched port analyzer (SPAN) ports
    -Port mirroring
    - Virtual private cloud (VPC)
    -Network tap
  • Sensors
    -Security information and event management (SIEM)
    -File integrity monitoring (FIM)
    -Simple Network Management Protocol (SNMP) traps
    -NetFlow
    -Data loss prevention (DLP)
    -Antivirus
- Segmentation
  • Microsegmentation
  • Local area network (LAN)/virtual local area network (VLAN)
  • Jump box
  • Screened subnet
  • Data zones
  • Staging environments
  • Guest environments
  • VPC/virtual network (VNET)
  • Availability zone
  • NAC lists
  • Policies/security groups
  • Regions
  • Access control lists (ACLs)
  • Peer-to-peer
  • Air gap
- Deperimeterization/zero trust
  • Cloud
  • Remote work
  • Mobile
  • Outsourcing and contracting
  • Wireless/radio frequency (RF) networks
- Merging of networks from various organizations
  • Peering
  • Cloud to on premises
  • Data sensitivity levels
  • Mergers and acquisitions
  • Cross-domain
  • Federation
  • Directory services
- Software-defined networking (SDN)
  • Open SDN
  • Hybrid SDN
  • SDN overlay



Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design.- Scalability
  • Vertically
  • Horizontally

- Resiliency

  • High availability
  • Diversity/heterogeneity
  • Course of action orchestration
  • Distributed allocation
  • Redundancy
  • Replication
  • Clustering

- Automation

  • Autoscaling
  • Security Orchestration, Automation, and Response (SOAR)
  • Bootstrapping
- Performance
- Containerization
- Virtualization
- Content delivery network
- Caching
Given a scenario, integrate software applications securely into an enterprise architecture.- Baseline and templates
  • Secure design patterns/ types of web technologies
    -Storage design patterns
  • Container APIs
  • Secure coding standards
  • Application vetting processes
  • API management
  • Middleware
- Software assurance
  • Sandboxing/development environment
  • Validating third-party libraries
  • Defined DevOps pipeline
  • Code signing
  • Interactive application security testing (IAST) vs. dynamic application security testing (DAST) vs. static application security testing (SAST)
- Considerations of integrating enterprise applications
  • Customer relationship management (CRM)
  • Enterprise resource planning (ERP)
  • Configuration management database (CMDB)
  • Content management system (CMS)
  • Integration enablers
    -Directory services
    -Domain name system (DNS)
    -Service-oriented architecture (SOA)
    -Enterprise service bus (ESB)
- Integrating security into development life cycle
  • Formal methods
  • Requirements
  • Fielding
  • Insertions and upgrades
  • Disposal and reuse
  • Testing
    -Regression
    -Unit testing
    -Integration testing
  • Development approaches
    -SecDevOps
    -Agile
    -Waterfall
    -Spiral
    -Versioning
    -Continuous integration/continuous delivery (CI/CD) pipelines
  • Best practices
    -Open Web Application Security Project (OWASP)
    -Proper Hypertext Transfer Protocol (HTTP) headers




Given a scenario, implement data security techniques for securing enterprise architecture.- Data loss prevention
  • Blocking use of external media
  • Print blocking
  • Remote Desktop Protocol (RDP) blocking
  • Clipboard privacy controls
  • Restricted virtual desktop infrastructure (VDI) implementation
  • Data classification blocking
- Data loss detection
  • Watermarking
  • Digital rights management (DRM)
  • Network traffic decryption/deep packet inspection
  • Network traffic analysis
- Data classification, labeling, and tagging
  • Metadata/attributes
- Obfuscation
  • Tokenization
  • Scrubbing
  • Masking
- Anonymization
- Encrypted vs. unencrypted
- Data life cycle
  • Create
  • Use
  • Share
  • Store
  • Archive
  • Destroy
- Data inventory and mapping
- Data integrity management
- Data storage, backup, and recovery
  • Redundant array of inexpensive disks (RAID)

Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls.- Credential management
  • Password repository application
    -End-user password storage
    -On premises vs. cloud repository
  • Hardware key manager
  • Privileged access management

- Password policies

  • Complexity
  • Length
  • Character classes
  • History
  • Maximum/minimum age
  • Auditing
  • Reversable encryption

- Federation

  • Transitive trust
  • OpenID
  • Security Assertion Markup Language (SAML)
  • Shibboleth
- Access control
  • Mandatory access control (MAC)
  • Discretionary access control (DAC)
  • Role-based access control
  • Rule-based access control
  • Attribute-based access control
- Protocols
  • Remote Authentication Dial-in User Server (RADIUS)
  • Terminal Access Controller Access Control System (TACACS)
  • Diameter
  • Lightweight Directory Access Protocol (LDAP)
  • Kerberos
  • OAuth
  • 802.1X
  • Extensible Authentication Protocol (EAP)
- Multifactor authentication (MFA)
  • Two-factor authentication (2FA)
  • 2-Step Verification
  • In-band
  • Out-of-band

- One-time password (OTP)

  • HMAC-based one-time password (HOTP)
  • Time-based one-time password (TOTP)
- Hardware root of trust- Single sign-on (SSO)- JavaScript Object Notation (JSON) web token (JWT)- Attestation and identity proofing





Given a set of requirements, implement secure cloud and virtualization solutions.- Virtualization strategies
  • Type 1 vs. Type 2 hypervisors
  • Containers
  • Emulation
  • Application virtualization
  • VDI
- Provisioning and deprovisioning
- Middleware
- Metadata and tags
- Deployment models and considerations
  • Business directives
    -Cost
    -Scalability
    -Resources
    -Location
    -Data protection
  • Cloud deployment models
    -Private
    -Public
    -Hybrid
    -Community
- Hosting models
  • Multitenant
  • Single-tenant

- Service models

  • Software as a service (SaaS)
  • Platform as a service (PaaS)
  • Infrastructure as a service (IaaS)

- Cloud provider limitations

  • Internet Protocol (IP) address scheme
  • VPC peering
- Extending appropriate on-premises controls
- Storage models
  • Object storage/file-based storage
  • Database storage
  • Block storage
  • Blob storage
  • Key-value pairs


Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements.- Privacy and confidentiality requirements
- Integrity requirements
- Non-repudiation
- Compliance and policy requirements
- Common cryptography use cases
  • Data at rest
  • Data in transit
  • Data in process/data in use
  • Protection of web services
  • Embedded systems
  • Key escrow/management
  • Mobile security
  • Secure authentication
  • Smart card

- Common PKI use cases

  • Web services
  • Email
  • Code signing
  • Federation
  • Trust models
  • VPN
  • Enterprise and security automation/orchestration
Explain the impact of emerging technologies on enterprise security and privacy.- Artificial intelligence
- Machine learning
- Quantum computing
- Blockchain
- Homomorphic encryption
  • Private information retrieval
  • Secure function evaluation
  • Private function evaluation

- Secure multiparty computation
- Distributed consensus
- Big Data
- Virtual/augmented reality
- 3-D printing
- Passwordless authentication
- Nano technology
- Deep learning

  • Natural language processing
  • Deep fakes

-Biometric impersonation

Security Operations 30%

Given a scenario, perform threat management activities.- Intelligence types
  • Tactical
    -Commodity malware
  • Strategic
    -Targeted attacks
  • Operational
    -Threat hunting
    -Threat emulation

- Actor types

  • Advanced persistent threat (APT)/nation-state
  • Insider threat
  • Competitor
  • Hacktivist
  • Script kiddie
  • Organized crime

- Threat actor properties

  • Resource
    -Time
    -Money
  • Supply chain access
  • Create vulnerabilities
  • Capabilities/sophistication
  • Identifying techniques

- Intelligence collection methods

  • Intelligence feeds
  • Deep web
  • Proprietary
  • Open-source intelligence (OSINT)
  • Human intelligence (HUMINT)
- Frameworks
  • MITRE Adversarial Tactics, Techniques, & Common knowledge (ATT&CK)
    -ATT&CK for industrial control system (ICS)
  • Diamond Model of Intrusion Analysis
  • Cyber Kill Chain


Given a scenario, analyze indicators of compromise and formulate an appropriate response.- Indicators of compromise
  • Packet capture (PCAP)
  • Logs
    -Network logs
    -Vulnerability logs
    -Operating system logs
    -Access logs
    -NetFlow logs
  • Notifications
    -FIM alerts
    -SIEM alerts
    -DLP alerts
    -IDS/IPS alerts
    -Antivirus alerts
  • Notification severity/priorities
  • Unusual process activity

- Response

  • Firewall rules
  • IPS/IDS rules
  • ACL rules
  • Signature rules
  • Behavior rules
  • DLP rules
  • Scripts/regular expressions
Given a scenario, perform vulnerability management activities.- Vulnerability scans
  • Credentialed vs. non-credentialed
  • Agent-based/server-based
  • Criticality ranking
  • Active vs. passive
- Security Content Automation Protocol (SCAP)
  • Extensible Configuration Checklist Description Format (XCCDF)
  • Open Vulnerability and Assessment Language (OVAL)
  • Common Platform Enumeration (CPE)
  • Common Vulnerabilities and Exposures (CVE)
  • Common Vulnerability Scoring System (CVSS)
  • Common Configuration Enumeration (CCE)
  • Asset Reporting Format (ARF)
- Self-assessment vs. third-party vendor assessment
- Patch management
- Information sources
  • Advisories
  • Bulletins
  • Vendor websites
  • Information Sharing and Analysis Centers (ISACs)
  • News reports




Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools.- Methods
  • Static analysis
  • Dynamic analysis
  • Side-channel analysis
  • Reverse engineering
    -Software
    -Hardware
  • Wireless vulnerability scan
  • Software composition analysis
  • Fuzz testing
  • ivoting
  • Post-exploitation
  • Persistence

- Tools

  • SCAP scanner
  • Network traffic analyzer
  • Vulnerability scanner
  • Protocol analyzer
  • Port scanner
  • HTTP interceptor
  • Exploit framework
  • Password cracker

- Dependency management
- Requirements

  • Scope of work
  • Rules of engagement
  • Invasive vs. non-invasive
  • Asset inventory
  • Permissions and access
  • Corporate policy considerations
  • Facility considerations
  • Physical security considerations
  • Rescan for corrections/changes
Given a scenario, analyze vulnerabilities and recommend risk mitigations.- Vulnerabilities
  • Race conditions
  • Overflows
    -Buffer
    -Integer
  • Broken authentication
  • Unsecure references
  • Poor exception handling
  • Security misconfiguration
  • Improper headers
  • Information disclosure
  • Certificate errors
  • Weak cryptography implementations
  • Weak ciphers
  • Weak cipher suite implementations
  • Software composition analysis
  • Use of vulnerable frameworks and software modules
  • Use of unsafe functions
  • Third-party libraries
    -Dependencies
    -Code injections/malicious changes
    -End of support/end of life
    -Regression issues

- Inherently vulnerable system/application

  • Client-side processing vs. server-side processing
  • JSON/representational state transfer (REST)
  • Browser extensions
    -Flash
    -ActiveX
  • Hypertext Markup Language 5 (HTML5)
  • Asynchronous JavaScript and XML (AJAX)
  • Simple Object Access Protocol (SOAP)
  • Machine code vs. bytecode or interpreted vs. emulated
- Attacks
  • Directory traversal
  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • Injection
    -XML
    -LDAP
    -Structured Query Language (SQL)
    -Command
    -Process
  • Sandbox escape
  • Virtual machine (VM) hopping
  • VM escape
  • Border Gateway Protocol (BGP)/route hijacking
  • Interception attacks
  • Denial-of-service (DoS)/DDoS
  • Authentication bypass
  • Social engineering
  • VLAN hopping

Given a scenario, use processes to reduce risk.- Proactive and detection
  • Hunts
  • Developing countermeasures
  • Deceptive technologies
    -Honeynet
    -Honeypot
    -Decoy files
    -Simulators
    -Dynamic network configurations

- Security data analytics

  • Processing pipelines
    -Data
    -Stream
  • Indexing and search
  • Log collection and curation
  • Database activity monitoring

- Preventive

  • Antivirus
  • Immutable systems
  • Hardening
  • Sandbox detonation
- Application control
  • License technologies
  • Allow list vs. block list
  • Time of check vs. time of use
  • Atomic execution
- Security automation
  • Cron/scheduled tasks
  • Bash
  • PowerShell
  • Python
- Physical security
  • Review of lighting
  • Review of visitor logs
  • Camera reviews
  • Open spaces vs. confined spaces
Given an incident, implement the appropriate response.- Event classifications
  • False positive
  • False negative
  • True positive
  • True negative
- Triage event
- Preescalation tasks
- Incident response process
  • Preparation
  • Detection
  • Analysis
  • Containment
  • Recovery
  • Lessons learned
- Specific response playbooks/processes
  • Scenarios
    -Ransomware
    -Data exfiltration
    -Social engineering
  • Non-automated response methods
  • Automated response methods
    -Runbooks
    -SOAR
- Communication plan
- Stakeholder management
Explain the importance of forensic concepts.- Legal vs. internal corporate purposes
- Forensic process
  • Identification
  • Evidence collection
    -Chain of custody
    -Order of volatility
    1. Memory snapshots
    2. Images
    -Cloning
  • Evidence preservation
    -Secure storage
    -Backups
  • Analysis
    -Forensics tools
  • Verification
  • Presentation
- Integrity preservation
  • Hashing

- Cryptanalysis

- Steganalysis
Given a scenario, use forensic analysis tools.- File carving tools
  • Foremost
  • Strings

- Binary analysis tools

  • Hex dump
  • Binwalk
  • Ghidra
  • GNU Project debugger (GDB)
  • OllyDbg
  • readelf
  • objdump
  • strace
  • ldd
  • file

- Analysis tools

  • ExifTool
  • Nmap
  • Aircrack-ng
  • Volatility
  • The Sleuth Kit
  • Dynamically vs. statically linked
- Imaging tools
  • Forensic Toolkit (FTK) Imager
  • dd
- Hashing utilities
  • sha256sum
  • ssdeep
- Live collection vs. post-mortem tools
  • netstat
  • ps
  • vmstat
  • ldd
  • lsof
  • netcat
  • tcpdump
  • conntrack
  • Wireshark

Security Engineering and Cryptography 26%

Given a scenario, apply secure configurations to enterprise mobility- Managed configurations
  • Application control
  • Password
  • MFA requirements
  • Token-based access
  • Patch repository
  • Firmware Over-the-Air
  • Remote wipe
  • WiFi
    -WiFi Protected Access (WPA2/3)
    -Device certificates
  • Profiles
  • Bluetooth
  • Near-field communication (NFC)
  • Peripherals
  • Geofencing
  • VPN settings
  • Geotagging
  • Certificate management
  • Full device encryption
  • Tethering
  • Airplane mode
  • Location services
  • DNS over HTTPS (DoH)
  • Custom DNS
- Deployment scenarios
  • Bring your own device (BYOD)
  • Corporate-owned
  • Corporate owned, personally enabled (COPE)
  • Choose your own device (CYOD)
- Security considerations
  • Unauthorized remote activation/deactivation of devices or features
  • Encrypted and unencrypted communication concerns
  • Physical reconnaissance
  • Personal data theft
  • Health privacy
  • Implications of wearable devices
  • Digital forensics of collected data
  • Unauthorized application stores
  • Jailbreaking/rooting
  • Side loading
  • Containerization
  • Original equipment manufacturer (OEM) and carrier differences
  • Supply chain issues
  • eFuse



Given a scenario, configure and implement endpoint security controls.- Hardening techniques
  • Removing unneeded services
  • Disabling unused accounts
  • Images/templates
  • Remove end-of-life devices
  • Remove end-of-support devices
  • Local drive encryption
  • Enable no execute (NX)/execute never (XN) bit
  • Disabling central processing unit (CPU) virtualization support
  • Secure encrypted enclaves/memory encryption
  • Shell restrictions
  • Address space layout randomization (ASLR)
- Processes
  • Patching
  • Firmware
  • Application
  • Logging
  • Monitoring
- Mandatory access control
  • Security-Enhanced Linux (SELinux)/Security-Enhanced Android (SEAndroid)
  • Kernel vs. middleware
- Trustworthy computing
  • Trusted Platform Module (TPM)
  • Secure Boot
  • Unified Extensible Firmware Interface (UEFI)/basic input/output system (BIOS) protection
  • Attestation services
  • Hardware security module (HSM)
  • Measured boot
  • Self-encrypting drives (SEDs)
- Compensating controls
  • Antivirus
  • Application controls
  • Host-based intrusion detection system (HIDS)/Host-based intrusion prevention system (HIPS)
  • Host-based firewall
  • Endpoint detection and response (EDR)
  • Redundant hardware
  • Self-healing hardware
  • User and entity behavior analytics (UEBA)



Explain security considerations impacting specific sectors and operational technologies.- Embedded
  • Internet of Things (IoT)
  • System on a chip (SoC)
  • Application-specific integrated circuit (ASIC)
  • Field-programmable gate array (FPGA)
- ICS/supervisory control and data acquisition (SCADA)
  • Programmable logic controller (PLC)
  • Historian
  • Ladder logic
  • Safety instrumented system
  • Heating, ventilation, and air conditioning (HVAC)
- Protocols
  • Controller Area Network (CAN) bus
  • Modbus
  • Distributed Network Protocol 3 (DNP3)
  • Zigbee
  • Common Industrial Protocol (CIP)
  • Data distribution service
- Sectors
  • Energy
  • Manufacturing
  • Healthcare
  • Public utilities
  • Public services
  • Facility services

Explain how cloud technology adoption impacts organizational security.- Automation and orchestration- Encryption configuration
- Logs
  • Availability
  • Collection
  • Monitoring
  • Configuration
  • Alerting

- Monitoring configurations
- Key ownership and location
- Key life-cycle management
- Backup and recovery methods

  • Cloud as business continuity and disaster recovery (BCDR)
  • Primary provider BCDR
  • Alternative provider BCDR
- Infrastructure vs. serverless computing
- Application virtualization
- Software-defined networking
- Misconfigurations
- Collaboration tools
- Storage configurations
  • Bit splitting
  • Data dispersion
- Cloud access security broker (CASB)

 

NEW QUESTION 61
A company's employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email traveling . Which of the following is the MOST likely explanation? (Select TWO.)

  • A. Unrestricted email administrator accounts
  • B. Chief use of UDP protocols
  • C. VPN on the mobile device
  • D. Privilege escalation attack
  • E. Outdated escalation attack
  • F. Disabled GPS on mobile devices

Answer: C,F

 

NEW QUESTION 62
A security analyst is reviewing the following output:

Which of the following would BEST mitigate this type of attack?

  • A. Installing a network firewall
  • B. Placing a WAF inline
  • C. Implementing an IDS
  • D. Deploying a honeypot

Answer: A

 

NEW QUESTION 63
A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field and leaves the institution vulnerable.
Which of the following should the security team recommend FIRST?

  • A. Investigating a potential threat identified in logs related to the identity management system
  • B. Updating the identity management system to use discretionary access control
  • C. Working with procurement and creating a requirements document to select a new IAM system/vendor
  • D. Beginning research on two-factor authentication to later introduce into the identity management system

Answer: A

 

NEW QUESTION 64
A company's SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign.
Which of the following should the company use to make this determination?

  • A. A system penetration test
  • B. Log analysis within the SIEM tool
  • C. The Cyber Kill Chain
  • D. Threat hunting

Answer: A

 

NEW QUESTION 65
A cybersecurity analyst receives a ticket that indicates a potential incident is occurring. There has been a large in log files generated by a generated by a website containing a ''Contact US'' form. The analyst must determine if the increase in website traffic is due to a recent marketing campaign of if this is a potential incident. Which of the following would BEST assist the analyst?

  • A. Running the website log files through a log reduction and analysis tool
  • B. Checking for new rules from the inbound network IPS vendor
  • C. Deploy a WAF in front of the public website
  • D. Ensuring proper input validation is configured on the ''Contact US'' form

Answer: A

 

NEW QUESTION 66
All staff at a company have started working remotely due to a global pandemic. To transition to remote work, the company has migrated to SaaS collaboration tools. The human resources department wants to use these tools to process sensitive information but is concerned the data could be:
Leaked to the media via printing of the documents
Sent to a personal email address
Accessed and viewed by systems administrators
Uploaded to a file storage site
Which of the following would mitigate the department's concerns?

  • A. Watermarking, forward proxy, DLP, and MFA
  • B. Data loss detection, reverse proxy, EDR, and PGP
  • C. Proxy, secure VPN, endpoint encryption, and AV
  • D. VDI, proxy, CASB, and DRM

Answer: D

 

NEW QUESTION 67
Which of the following BEST sets expectation between the security team and business units within an organization?

  • A. Memorandum of understanding
  • B. Risk assessment
  • C. Business impact analysis
  • D. Business partnership agreement
  • E. Services level agreement

Answer: C

 

NEW QUESTION 68
A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:
Only users with corporate-owned devices can directly access servers hosted by the cloud provider.
The company can control what SaaS applications each individual user can access.
User browser activity can be monitored.
Which of the following solutions would BEST meet these requirements?

  • A. API gateway, UEM, and forward proxy
  • B. SSL tunnel, DLP, and host-based firewall
  • C. IAM gateway, MDM, and reverse proxy
  • D. VPN, CASB, and secure web gateway

Answer: D

 

NEW QUESTION 69
A Chief information Security Officer (CISO) has launched to create a rebuts BCP/DR plan for the entire company. As part of the initiative , the security team must gather data supporting s operational importance for the applications used by the business and determine the order in which the application must be back online. Which of the following be the FIRST step taken by the team?

  • A. Perform a review of all policies an procedures related to BGP a and DR and created an educated educational module that can be assigned to at employees to provide training on BCP/DR events.
  • B. Implement replication of all servers and application data to back up detacenters that are geographically from the central datacenter and release an upload BPA to all clients.
  • C. Have each business unit conduct a BIA and categories the application according to the cumulative data gathered.
  • D. Create an SLA for each application that states when the application will come back online and distribute this information to the business units.

Answer: C

 

NEW QUESTION 70
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user's workstation:
graphic.linux_randomization.prg
Which of the following technologies would mitigate the manipulation of memory segments?

  • A. ASLR
  • B. HSM
  • C. NX bit
  • D. DEP

Answer: A

 

NEW QUESTION 71
A company is migrating from company-owned phones to a BYOD strategy for mobile devices. The pilot program will start with the executive management team and be rolled out to the rest of the staff in phases. The company's Chief Financial Officer loses a phone multiple times a year.
Which of the following will MOST likely secure the data on the lost device?

  • A. Require a VPN to be active to access company data.
  • B. Remotely wipe the device.
  • C. Require MFA to access company applications.
  • D. Set up different profiles based on the person's risk.

Answer: C

 

NEW QUESTION 72
Immediately following the report of a potential breach, a security engineer creates a forensic image of the server in question as part of the organization incident response procedure. Which of the must occur to ensure the integrity of the image?

  • A. A duplicate copy of the image must be maintained
  • B. The disk containing the image must be placed in a seated container.
  • C. The image must be password protected against changes.
  • D. A hash value of the image must be computed.

Answer: D

 

NEW QUESTION 73
The Chief information Security Officer (CISO) of a small locate bank has a compliance requirement that a third-party penetration test of the core banking application must be conducted annually. Which of the following services would fulfill the compliance requirement with the LOWEST resource usage?

  • A. Red-team hunting
  • B. Gray-box testing
  • C. Blue-learn exercises
  • D. White-box testing
  • E. Black-box testing

Answer: A

 

NEW QUESTION 74
A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were transferred via TLS-protected HTTP sessions from systems that do not send traffic to those sites.
The technician will define this threat as:

  • A. a decrypting RSA using obsolete and weakened encryption attack.
  • B. an advanced persistent threat.
  • C. an on-path attack.
  • D. a zero-day attack.

Answer: A

 

NEW QUESTION 75
A small company recently developed prototype technology for a military program. The company's security engineer is concerned about potential theft of the newly developed, proprietary information.
Which of the following should the security engineer do to BEST manage the threats proactively?

  • A. Join an information-sharing community that is relevant to the company.
  • B. Use OSINT techniques to evaluate and analyze the threats.
  • C. Leverage the MITRE ATT&CK framework to map the TTR.
  • D. Update security awareness training to address new threats, such as best practices for data security.

Answer: D

 

NEW QUESTION 76
A security engineer estimates the company's popular web application experiences 100 attempted breaches per day. In the past four years, the company's data has been breached two times.
Which of the following should the engineer report as the ARO for successful breaches?

  • A. 0
  • B. 0.5
  • C. 1
  • D. 36,500

Answer: B

 

NEW QUESTION 77
A cybersecurity analyst created the following tables to help determine the maximum budget amount the business can justify spending on an improved email filtering system:


Which of the following meets the budget needs of the business?

  • A. Filter TUV
  • B. Filter ABC
  • C. Filter GHI
  • D. Filter XYZ

Answer: C

 

NEW QUESTION 78
......


CompTIA CASP+ Exam Certification Details:

Sample QuestionsCompTIA CASP+ Sample Questions
Exam NameCompTIA Advanced Security Practitioner (CASP+)
Number of Questions90
Books / TrainingCASP+ CAS-004

 

CAS-004 Question Bank: Free PDF Download Recently Updated Questions: https://www.dumpsmaterials.com/CAS-004-real-torrent.html

CAS-004 Brain Dump: A Study Guide with Tips & Tricks for passing Exam: https://drive.google.com/open?id=10AZvPxy75dfvd42mLkuK6gtghv6vTy4P