The Secret Of CompTIA CAS-004 Practice Test

Want to know Exambible CAS-004 Exam practice test features? Want to lear more about CompTIA CompTIA Advanced Security Practitioner (CASP+) Exam certification experience? Study Validated CompTIA CAS-004 answers to Improved CAS-004 questions at Exambible. Gat a success with an absolute guarantee to pass CompTIA CAS-004 (CompTIA Advanced Security Practitioner (CASP+) Exam) test on your first attempt.

Also have CAS-004 free dumps questions for you:

NEW QUESTION 1
During a system penetration test, a security engineer successfully gained access to a shell on a Linux host as a standard user and wants to elevate the privilege levels.
Which of the following is a valid Linux post-exploitation method to use to accomplish this goal?

  • A. Spawn a shell using sudo and an escape string such as sudo vim -c ‘!sh’.
  • B. Perform ASIC password cracking on the host.
  • C. Read the /etc/passwd file to extract the usernames.
  • D. Initiate unquoted service path exploits.
  • E. Use the UNION operator to extract the database schema.

Answer: C

Explanation:
Reference: https://docs.rapid7.com/insightvm/elevating-permissions/

NEW QUESTION 2
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user’s workstation: graphic.linux_randomization.prg Which of the following technologies would mitigate the manipulation of memory segments?

  • A. NX bit
  • B. ASLR
  • C. DEP
  • D. HSM

Answer: B

Explanation:
Reference: http://webpages.eng.wayne.edu/~fy8421/19sp-csc5290/labs/lab2-instruction.pdf (3)

NEW QUESTION 3
A company that all mobile devices be encrypted, commensurate with the full disk encryption scheme of
assets, such as workstation, servers, and laptops.
Which of the following will MOST likely be a limiting factor when selecting mobile device managers for the
company?

  • A. Increased network latency
  • B. Unavailable of key escrow
  • C. Inability to selected AES-256 encryption
  • D. Removal of user authentication requirements

Answer: A

NEW QUESTION 4
A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software. Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run in serial to restore nominal performance. The ISP wants this process to be automated.
Which of the following techniques would be BEST suited for this requirement?

  • A. Deploy SOAR utilities and runbooks.
  • B. Replace the associated hardware.
  • C. Provide the contractors with direct access to satellite telemetry data.
  • D. Reduce link latency on the affected ground and satellite segments.

Answer: A

NEW QUESTION 5
An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to change the server configuration to avoid this kind of performance issue.
Which of the following is the MOST cost-effective solution?

  • A. Move the server to a cloud provider.
  • B. Change the operating system.
  • C. Buy a new server and create an active-active cluster.
  • D. Upgrade the server with a new one.

Answer: A

NEW QUESTION 6
A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information .
Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

  • A. Hybrid IaaS solution in a single-tenancy cloud
  • B. Pass solution in a multinency cloud
  • C. SaaS solution in a community cloud
  • D. Private SaaS solution in a single tenancy cloud.

Answer: D

NEW QUESTION 7
A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote location. The main requirements are the following:
* 1. The network supports core applications that have 99.99% uptime.
* 2. Configuration updates to the SD-WAN routers can only be initiated from the management service.
* 3. Documents downloaded from websites must be scanned for malware.
Which of the following solutions should the network architect implement to meet the requirements?

  • A. Reverse proxy, stateful firewalls, and VPNs at the local sites
  • B. IDSs, WAFs, and forward proxy IDS
  • C. DoS protection at the hub site, mutual certificate authentication, and cloud proxy
  • D. IPSs at the hub, Layer 4 firewalls, and DLP

Answer: B

NEW QUESTION 8
A company’s claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee’s laptop when was opened.

  • A. Impalement application whitelisting and add only the email client to the whitelist for laptop in the claims processing department.
  • B. Required all laptops to connect to the VPN before accessing email.
  • C. Implement cloud-based content filtering with sandboxing capabilities.
  • D. Install a mail gateway to scan incoming messages and strip attachments before they reach the mailbox.

Answer: C

NEW QUESTION 9
A company hired a third party to develop software as part of its strategy to be quicker to market. The company’s policy outlines the following requirements: The credentials used to publish production software to the container registry should be stored in a secure location.
Access should be restricted to the pipeline service account, without the ability for the third-party developer to read the credentials directly. Which of the following would be the BEST recommendation for storing and monitoring access to these shared credentials?

  • A. TPM
  • B. Local secure password file
  • C. MFA
  • D. Key vault

Answer: A

Explanation:
Reference: https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/tpm-fundamentals

NEW QUESTION 10
A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization. Which of the following should be the analyst’s FIRST action?

  • A. Create a full inventory of information and data assets.
  • B. Ascertain the impact of an attack on the availability of crucial resources.
  • C. Determine which security compliance standards should be followed.
  • D. Perform a full system penetration test to determine the vulnerabilities.

Answer: C

NEW QUESTION 11
An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key.
Which of the following would BEST secure the REST API connection to the database while preventing the use of a hardcoded string in the request string?

  • A. Implement a VPN for all APIs.
  • B. Sign the key with DSA.
  • C. Deploy MFA for the service accounts.
  • D. Utilize HMAC for the keys.

Answer: D

Explanation:
Reference: https://eclipsesource.com/blogs/2016/07/06/keyed-hash-message-authentication-code-in-rest-apis/
CAS-004 dumps exhibit

NEW QUESTION 12
An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Which of the following is MOST likely the root cause?

  • A. The client application is testing PFS.
  • B. The client application is configured to use ECDHE.
  • C. The client application is configured to use RC4.
  • D. The client application is configured to use AES-256 in GCM.

Answer: C

Explanation:
Reference: https://kinsta.com/knowledgebase/err_ssl_version_or_cipher_mismatch/
CAS-004 dumps exhibit

NEW QUESTION 13
A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process memory location.
Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?

  • A. Execute never
  • B. No-execute
  • C. Total memory encryption
  • D. Virtual memory encryption

Answer: A

Explanation:
Reference: https://developer.arm.com/documentation/102433/0100/Stack-smashing-and-execution-permissions

NEW QUESTION 14
A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer’s laptop was impacted while working from home. The goal is to prevent further endpoint disruption.
The edge network is protected by a web proxy.
Which of the following solutions should the security architect recommend?

  • A. Replace the current antivirus with an EDR solution.
  • B. Remove the web proxy and install a UTM appliance.
  • C. Implement a deny list feature on the endpoints.
  • D. Add a firewall module on the current antivirus solution.

Answer: C

NEW QUESTION 15
An organization is implementing a new identity and access management architecture with the following objectives: Supporting MFA against on-premises infrastructure
Improving the user experience by integrating with SaaS applications
Applying risk-based policies based on location Performing just-in-time provisioning Which of the following authentication protocols should the organization implement to support these requirements?

  • A. Kerberos and TACACS
  • B. SAML and RADIUS
  • C. OAuth and OpenID
  • D. OTP and 802.1X

Answer: A

Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/migrate-application-authentication-toazure-active-directory
CAS-004 dumps exhibit

NEW QUESTION 16
Which of the following allows computation and analysis of data within a ciphertext without knowledge of the plaintext?

  • A. Lattice-based cryptography
  • B. Quantum computing
  • C. Asymmetric cryptography
  • D. Homomorphic encryption

Answer: C

Explanation:
Reference: https://searchsecurity.techtarget.com/definition/cryptanalysis

NEW QUESTION 17
A security analyst is researching containerization concepts for an organization. The analyst is concerned about potential resource exhaustion scenarios on the Docker host due to a single application that is overconsuming available resources.
Which of the following core Linux concepts BEST reflects the ability to limit resource allocation to containers?

  • A. Union filesystem overlay
  • B. Cgroups
  • C. Linux namespaces
  • D. Device mapper

Answer: B

Explanation:
Reference: https://www.ibm.com/support/pages/deep-dive-yarn-cgroups-hadoop-dev
CAS-004 dumps exhibit

NEW QUESTION 18
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours.
Based on RPO requirements, which of the following recommendations should the management team make?

  • A. Leave the current backup schedule intact and pay the ransom to decrypt the data.
  • B. Leave the current backup schedule intact and make the human resources fileshare read-only.
  • C. Increase the frequency of backups and create SIEM alerts for IOCs.
  • D. Decrease the frequency of backups and pay the ransom to decrypt the data.

Answer: C

NEW QUESTION 19
While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?

  • A. Pay the ransom within 48 hours.
  • B. Isolate the servers to prevent the spread.
  • C. Notify law enforcement.
  • D. Request that the affected servers be restored immediately.

Answer: C

NEW QUESTION 20
......

P.S. Easily pass CAS-004 Exam with 128 Q&As Dumps-files.com Dumps & pdf Version, Welcome to Download the Newest Dumps-files.com CAS-004 Dumps: https://www.dumps-files.com/files/CAS-004/ (128 New Questions)