New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CAS-004 Exam Dumps - CompTIA Advanced Security Practitioner (CASP+) Exam

Go to page:
Question # 113
A.

Data masking

B.

Encryption

C.

Tokenization

D.

Scrubbing

Full Access
Question # 114

A security architect is implementing a SOAR solution in an organization's cloud production environment to support detection capabilities. Which of the following will be the most likely benefit?

A.

Improved security operations center performance

B.

Automated firewall log collection tasks

C.

Optimized cloud resource utilization

D.

Increased risk visibility

Full Access
Question # 115

A security architect is working with a new customer to find a vulnerability assessment solution that meets the following requirements:

• Fast scanning

• The least false positives possible

• Signature-based

• A low impact on servers when performing a scan

In addition, the customer has several screened subnets, VLANs, and branch offices. Which of the following will best meet the customer's needs?

A.

Authenticated scanning

B.

Passive scanning

C.

Unauthenticated scanning

D.

Agent-based scanning

Full Access
Question # 116

A PKI engineer is defining certificate templates for an organization's CA and would like to ensure at least two of the possible SAN certificate extension fields populate for documentation purposes. Which of the following are explicit options within this extension? (Select two).

A.

Type

B.

Email

C.

OCSP responder

D.

Registration authority

E.

Common Name

F.

DNS name

Full Access
Question # 117

An organization established an agreement with a partner company for specialized help desk services. A senior security officer within the organization Is tasked with providing documentation required to set up a dedicated VPN between the two entities. Which of the following should be required?

A.

SLA

B.

ISA

C.

NDA

D.

MOU

Full Access
Question # 118

A CSP, which wants to compete in the market, has been approaching companies in an attempt to gain business. The CSP is able to provide the same uptime as other CSPs at a markedly reduced cost. Which of the following would be the MOST significant business risk to a company that signs a contract with this CSP?

A.

Resource exhaustion

B.

Geographic location

C.

Control plane breach

D.

Vendor lock-in

Full Access
Question # 119

A consultant needs access to a customer's cloud environment. The customer wants to enforce the following engagement requirements:

• All customer data must remain under the control of the customer at all times.

• Third-party access to the customer environment must be controlled by the customer.

• Authentication credentials and access control must be under the customer's control.

Which of the following should the consultant do to ensure all customer requirements are satisfied when accessing the cloud environment?

A.

use the customer's SSO with read-only credentials and share data using the customer's provisioned secure network storage

B.

use the customer-provided VDI solution to perform work on the customer's environment.

C.

Provide code snippets to the customer and have the customer run code and securely deliver its output

D.

Request API credentials from the customer and only use API calls to access the customer's environment.

Full Access
Question # 120

A security consultant is designing an infrastructure security solution for a client company that has provided the following requirements:

• Access to critical web services at the edge must be redundant and highly available.

• Secure access services must be resilient to a proprietary zero-day vulnerability in a single component.

• Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff.

Which of the following solutions BEST meets these requirements?

A.

Implementation of multiple IPSec VPN solutions with diverse endpoint configurations enabling user optionality in the selection of a remote access provider

B.

Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks.

C.

Two separate secure access solutions orchestrated by SOAR with components provided by the same vendor for compatibility.

D.

Reverse TLS proxy configuration using OpenVPN/OpenSSL with scripted failover functionality that connects critical web services out to endpoint computers.

Full Access
Go to page: