• Home
  • Articles
  • [Q91-Q110] Get instant access to CAS-004 Practice Tests 2022 Free Updated Today!

[Q91-Q110] Get instant access to CAS-004 Practice Tests 2022 Free Updated Today!

Share

Get instant access to CAS-004 Practice Tests 2022 Free Updated Today!

Welcome to download the newest PassLeader CAS-004 PDF dumps ( 235 Q&As)

NEW QUESTION 91
A security engineer at a company is designing a system to mitigate recent setbacks caused competitors that are beating the company to market with the new products. Several of the products incorporate propriety enhancements developed by the engineer's company. The network already includes a SEIM and a NIPS and requires 2FA for all user access. Which of the following system should the engineer consider NEXT to mitigate the associated risks?

  • A. DLP
  • B. Mail gateway
  • C. UTM
  • D. Data flow enforcement

Answer: A

 

NEW QUESTION 92
A company recently acquired a SaaS provider and needs to integrate its platform into the company's existing infrastructure without impact to the customer's experience. The SaaS provider does not have a mature security program A recent vulnerability scan of the SaaS provider's systems shows multiple critical vulnerabilities attributed to very old and outdated Oss. Which of the following solutions would prevent these vulnerabilities from being introduced into the company's existing infrastructure?

  • A. Patch the systems to the latest versions of the existing OSs
  • B. Segment the systems to reduce the attack surface if an attack occurs
  • C. Migrate the services to new systems with a supported and patched OS.
  • D. Install anti-malware. HIPS, and host-based firewalls on each of the systems

Answer: C

 

NEW QUESTION 93
A business stores personal client data of individuals residing in the EU in order to process requests for mortgage loan approvals.
Which of the following does the business's IT manager need to consider?

  • A. The right to personal data erasure
  • B. The company's annual revenue
  • C. The language of the web application
  • D. The availability of personal data

Answer: A

 

NEW QUESTION 94
An organization recently experienced a ransomware attack. The security team leader is concerned about the attack reoccurring. However, no further security measures have been implemented.
Which of the following processes can be used to identify potential prevention recommendations?

  • A. Preparation
  • B. Recovery
  • C. Remediation
  • D. Detection

Answer: D

 

NEW QUESTION 95
An engineering team is developing and deploying a fleet of mobile devices to be used for specialized inventory management purposes. These devices should:
* Be based on open-source Android for user familiarity and ease.
* Provide a single application for inventory management of physical assets.
* Permit use of the camera be only the inventory application for the purposes of scanning
* Disallow any and all configuration baseline modifications.
* Restrict all access to any device resource other than those requirement ?

  • A. Build and install an Android middleware policy with requirements added, copy the file into/ user/init, and then built the inventory application.
  • B. Write a MAC sepolicy that defines domains with rules, label the inventory application, build the policy, and set to enforcing mode.
  • C. Set an application wrapping policy, wrap the application, distributes the inventory APK via the MAM tool, and test the application restrictions.
  • D. Swap out Android Linux kernel version for >2,4,0, but the internet build Android, remove unnecessary functions via MDL, configure to block network access, and perform integration testing

Answer: C

 

NEW QUESTION 96
An organization is planning for disaster recovery and continuity of operations.
INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected host.
After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.
Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Answer:

Explanation:

 

NEW QUESTION 97
A Chief information Security Officer (CISO) has launched to create a rebuts BCP/DR plan for the entire company. As part of the initiative , the security team must gather data supporting s operational importance for the applications used by the business and determine the order in which the application must be back online. Which of the following be the FIRST step taken by the team?

  • A. Create an SLA for each application that states when the application will come back online and distribute this information to the business units.
  • B. Implement replication of all servers and application data to back up detacenters that are geographically from the central datacenter and release an upload BPA to all clients.
  • C. Perform a review of all policies an procedures related to BGP a and DR and created an educated educational module that can be assigned to at employees to provide training on BCP/DR events.
  • D. Have each business unit conduct a BIA and categories the application according to the cumulative data gathered.

Answer: D

 

NEW QUESTION 98
A company is looking to fortify its cybersecurity defenses and is focusing on its network infrastructure. The solution cannot affect the availability of the company's services to ensure false positives do not drop legitimate traffic.
Which of the following would satisfy the requirement?

  • A. NIPS
  • B. NIDS
  • C. Reverse proxy
  • D. WAF

Answer: B

 

NEW QUESTION 99
A vulnerability scanner detected an obsolete version of an open-source file-sharing application on one of a company's Linux servers. While the software version is no longer supported by the OSS community, the company's Linux vendor backported fixes, applied them for all current vulnerabilities, and agrees to support the software in the future.
Based on this agreement, this finding is BEST categorized as a:

  • A. false negative.
  • B. true negative.
  • C. false positive.
  • D. true positive.

Answer: C

 

NEW QUESTION 100
A networking team asked a security administrator to enable Flash on its web browser. The networking team explained that an important legacy embedded system gathers SNMP information from various devices. The system can only be managed through a web browser running Flash. The embedded system will be replaced within the year but is still critical at the moment.
Which of the following should the security administrator do to mitigate the risk?

  • A. Suggest that the networking team contact the original embedded system's vendor to get an update to the system that does not require Flash.
  • B. Isolate the management interface to a private VLAN where a legacy browser in a VM can be used as needed to manage the system.
  • C. Air gap the legacy system from the network and dedicate a laptop with an end-of-life OS on it to connect to the system via crossover cable for management.
  • D. Explain to the networking team the reason Flash is no longer available and insist the team move up the timetable for replacement.

Answer: B

 

NEW QUESTION 101
A company hired a third party to develop software as part of its strategy to be quicker to market. The company's policy outlines the following requirements:
The credentials used to publish production software to the container registry should be stored in a secure location.
Access should be restricted to the pipeline service account, without the ability for the third-party developer to read the credentials directly.
Which of the following would be the BEST recommendation for storing and monitoring access to these shared credentials?

  • A. MFA
  • B. Local secure password file
  • C. TPM
  • D. Key vault

Answer: D

 

NEW QUESTION 102
Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.
Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

  • A. Implement input validation on the API.
  • B. Implement geoblocking on the WAF.
  • C. Implement OAuth 2.0 on the API.
  • D. Implement rate limiting on the API.

Answer: C

 

NEW QUESTION 103
A user from the sales department opened a suspicious file attachment. The sales department then contacted the SOC to investigate a number of unresponsive systems, and the team successfully identified the file and the origin of the attack.
Which of the following is the NEXT step of the incident response plan?

  • A. Containment
  • B. Recovery
  • C. Remediation
  • D. Response

Answer: A

 

NEW QUESTION 104
A company's employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email traveling . Which of the following is the MOST likely explanation?
(Select TWO.)

  • A. Privilege escalation attack
  • B. Chief use of UDP protocols
  • C. Unrestricted email administrator accounts
  • D. Outdated escalation attack
  • E. VPN on the mobile device
  • F. Disabled GPS on mobile devices

Answer: E,F

 

NEW QUESTION 105
Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.
Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

  • A. Implement OAuth 2.0 on the API.
  • B. Implement input validation on the API.
  • C. Implement rate limiting on the API.
  • D. Implement geoblocking on the WAF.

Answer: C

 

NEW QUESTION 106
A security analyst is investigating a series of suspicious emails by employees to the security team. The email appear to come from a current business partner and do not contain images or URLs. No images or URLs were stripped from the message by the security tools the company uses instead, the emails only include the following in plain text.

Which of the following should the security analyst perform?

  • A. Block the IP address for the business partner at the perimeter firewall.
  • B. Contact the security department at the business partner and alert them to the email event.
  • C. Configure the email gateway to automatically quarantine all messages originating from the business partner.
  • D. Pull the devices of the affected employees from the network in case they are infected with a zero-day virus.

Answer: B

 

NEW QUESTION 107
An e-commerce company is running a web server on premises, and the resource utilization is usually less than
30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to change the server configuration to avoid this kind of performance issue.
Which of the following is the MOST cost-effective solution?

  • A. Upgrade the server with a new one.
  • B. Move the server to a cloud provider.
  • C. Buy a new server and create an active-active cluster.
  • D. Change the operating system.

Answer: B

 

NEW QUESTION 108
A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization.
Which of the following actions would BEST resolve the issue? (Choose two.)

  • A. Patch the OS
  • B. Use containers.
  • C. Deploy a SIEM.
  • D. Conduct input sanitization.
  • E. Deploy a WAF.
  • F. Deploy a reverse proxy
  • G. Deploy an IDS.

Answer: D,E

Explanation:
Explanation
A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application, and prevents any unauthorized data from leaving the app. It does this by adhering to a set of policies that help determine what traffic is malicious and what traffic is safe.

 

NEW QUESTION 109
A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.
Which of the following scan types will provide the systems administrator with the MOST accurate information?

  • A. A passive, non-credentialed scan
  • B. A passive, credentialed scan
  • C. An active, non-credentialed scan
  • D. An active, credentialed scan

Answer: B

 

NEW QUESTION 110
......

Oct-2022 Latest PracticeTorrent CAS-004 Exam Dumps with PDF and Exam Engine: https://actual4test.practicetorrent.com/CAS-004-practice-exam-torrent.html

Related Articles

more
CompTIA CAS-004 Certification Practice Exam

We offer you the latest exam questions in three versions which you can choose as you like. The pdf version supports the printing and is easy to be read. You can try the free demo questions to check the validity. Our practice material is the key to success.

Tags

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 PracticeTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy