This page was exported from Actual Test Materials [ http://blog.actualtests4sure.com ] Export date:Fri Nov 15 18:51:20 2024 / +0000 GMT ___________________________________________________ Title: Real CAS-004 Exam PDF Test Engine Practice Test Questions [Q106-Q124] --------------------------------------------------- Real CAS-004 Exam PDF Test Engine Practice Test Questions CompTIA CAS-004 Real 2023 Braindumps Mock Exam Dumps Q106. The Chief information Officer (CIO) wants to establish a non-banding agreement with a third party that outlines the objectives of the mutual arrangement dealing with data transfers between both organizations before establishing a format partnership. Which of the follow would MOST likely be used?  MOU  OLA  NDA  SLA Q107. A SOC analyst is reviewing malicious activity on an external, exposed web server. During the investigation, the analyst determines specific traffic is not being logged, and there is no visibility from the WAF for the web application.Which of the following is the MOST likely cause?  The user agent client is not compatible with the WAF.  A certificate on the WAF is expired.  HTTP traffic is not forwarding to HTTPS to decrypt.  Old, vulnerable cipher suites are still being used. Q108. An organization is planning for disaster recovery and continuity of operations.INSTRUCTIONSReview the following scenarios and instructions. Match each relevant finding to the affected host.After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.Each finding may be used more than once.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Q109. An analyst execute a vulnerability scan against an internet-facing DNS server and receives the following report:Which of the following tools should the analyst use FIRST to validate the most critical vulnerability?  Password cracker  Port scanner  Account enumerator  Exploitation framework Q110. A company in the financial sector receives a substantial number of customer transaction requests via email. While doing a root-cause analysis conceding a security breach, the CIRT correlates an unusual spike in port 80 traffic from the IP address of a desktop used by a customer relations employee who has access to several of the compromised accounts. Subsequent antivirus scans of the device do not return an findings, but the CIRT finds undocumented services running on the device. Which of the following controls would reduce the discovery time for similar in the future.  Implementing application blacklisting  Configuring the mall to quarantine incoming attachment automatically  Deploying host-based firewalls and shipping the logs to the SIEM  Increasing the cadence for antivirus DAT updates to twice daily Q111. A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization.Which of the following actions would BEST resolve the issue? (Choose two.)  Conduct input sanitization.  Deploy a SIEM.  Use containers.  Patch the OS  Deploy a WAF.  Deploy a reverse proxy  Deploy an IDS. ExplanationA WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application, and prevents any unauthorized data from leaving the app. It does this by adhering to a set of policies that help determine what traffic is malicious and what traffic is safe.Q112. A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?  NAC to control authorized endpoints  FIM on the servers storing the data  A jump box in the screened subnet  A general VPN solution to the primary network Network Access Control (NAC) is used to bolster the network security by restricting the availability of network resources to managed endpoints that don’t satisfy the compliance requirements of the Organization.Q113. In preparation for the holiday season, a company redesigned the system that manages retail sales and moved it to a cloud service provider. The new infrastructure did not meet the company’s availability requirements.During a postmortem analysis, the following issues were highlighted:1. International users reported latency when images on the web page were initially loading.2. During times of report processing, users reported issues with inventory when attempting to place orders.3. Despite the fact that ten new API servers were added, the load across servers was heavy at peak times.Which of the following infrastructure design changes would be BEST for the organization to implement to avoid these issues in the future?  Serve static content via distributed CDNs, create a read replica of the central database and pull reports from there, and auto-scale API servers based on performance.  Increase the bandwidth for the server that delivers images, use a CDN, change the database to a non-relational database, and split the ten API servers across two load balancers.  Serve images from an object storage bucket with infrequent read times, replicate the database across different regions, and dynamically create API servers based on load.  Serve static-content object storage across different regions, increase the instance size on the managed relational database, and distribute the ten API servers across multiple regions. Q114. An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to change the server configuration to avoid this kind of performance issue.Which of the following is the MOST cost-effective solution?  Move the server to a cloud provider.  Change the operating system.  Buy a new server and create an active-active cluster.  Upgrade the server with a new one. Q115. An organization’s finance system was recently attacked. A forensic analyst is reviewing the contents Of the compromised files for credit card dat a.Which of the following commands should the analyst run to BEST determine whether financial data was lost?  Option A  Option B  Option C  Option D Q116. An organization’s finance system was recently attacked. A forensic analyst is reviewing the contents of the compromised files for credit card dat a. Which of the following commands should the analyst run to BEST determine whether financial data was lost?  Option A  Option B  Option C  Option D Q117. A security is assisting the marketing department with ensuring the security of the organization’s social media platforms. The two main concerns are:The Chief marketing officer (CMO) email is being used department wide as the usernameThe password has been shared within the departmentWhich of the following controls would be BEST for the analyst to recommend?  Configure MFA for all users to decrease their reliance on other authentication.  Have periodic, scheduled reviews to determine which OAuth configuration are set for each media platform.  Create multiple social media accounts for all marketing user to separate their actions.  Ensue the password being shared is sufficiently and not written down anywhere. Q118. A customer reports being unable to connect to a website at www.test.com to consume services. The customer notices the web application has the following published cipher suite:Which of the following is the MOST likely cause of the customer’s inability to connect?  Weak ciphers are being used.  The public key should be using ECDSA.  The default should be on port 80.  The server name should be test.com. Q119. A healthcare system recently suffered from a ransomware incident As a result the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits and had open RDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would BEST solve these challenges? (Select THREE).  SD-WAN  PAM  Remote access VPN  MFA  Network segmentation  BGP  NAC Q120. A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:Unauthorized insertions into application development environmentsAuthorized insiders making unauthorized changes to environment configurations Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)  Perform static code analysis of committed code and generate summary reports.  Implement an XML gateway and monitor for policy violations.  Monitor dependency management tools and report on susceptible third-party libraries.  Install an IDS on the development subnet and passively monitor for vulnerable services.  Model user behavior and monitor for deviations from normal.  Continuously monitor code commits to repositories and generate summary logs. Q121. A security engineer has been asked to close all non-secure connections from the corporate network. The engineer is attempting to understand why the corporate UTM will not allow users to download email via IMAPS. The engineer formulates a theory and begins testing by creating the firewall ID 58, and users are able to download emails correctly by using IMAP instead. The network comprises three VLANs:The security engineer looks at the UTM firewall rules and finds the following:Which of the following should the security engineer do to ensure IMAPS functions properly on the corporate user network?  Contact the email service provider and ask if the company IP is blocked.  Confirm the email server certificate is installed on the corporate computers.  Make sure the UTM certificate is imported on the corporate computers.  Create an IMAPS firewall rule to ensure email is allowed. Q122. A pharmaceutical company recently experienced a security breach within its customer-facing web portal. The attackers performed a SQL injection attack and exported tables from the company’s managed database, exposing customer information.The company hosts the application with a CSP utilizing the IaaS model. Which of the following parties is ultimately responsible for the breach?  The pharmaceutical company  The cloud software provider  The web portal software vendor  The database software vendor Q123. A security engineer was auditing an organization’s current software development practice and discovered that multiple open-source libraries were Integrated into the organization’s software. The organization currently performs SAST and DAST on the software it develops.Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?  Perform additional SAST/DAST on the open-source libraries.  Implement the SDLC security guidelines.  Track the library versions and monitor the CVE website for related vulnerabilities.  Perform unit testing of the open-source libraries. Q124. A help desk technician just informed the security department that a user downloaded a suspicious file from internet explorer last night. The user confirmed accessing all the files and folders before going home from work. the next morning, the user was no longer able to boot the system and was presented a screen with a phone number. The technician then tries to boot the computer using wake-on-LAN, but the system would not come up. which of the following explains why the computer would not boot?  The operating system was corrupted.  SElinux was in enforced status.  A secure boot violation occurred.  The disk was encrypted.  Loading … Prepare For The CAS-004 Question Papers In Advance: https://www.actualtests4sure.com/CAS-004-test-questions.html --------------------------------------------------- Images: https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif https://blog.actualtests4sure.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-04-23 13:34:13 Post date GMT: 2023-04-23 13:34:13 Post modified date: 2023-04-23 13:34:13 Post modified date GMT: 2023-04-23 13:34:13