CAS-004 Exam Dumps - CompTIA Advanced Security Practitioner (CASP+) Exam

A company wants to improve Its active protection capabilities against unknown and zero-day malware. Which of the following Is the MOST secure solution?

During a phishing exercise, a few privileged users ranked high on the failure list. The enterprise would like to ensure that privileged users have an extra security-monitoring control in place. Which of the following Is the MOST

likely solution?

A security engineer is reviewing a record of events after a recent data breach incident that Involved the following:

• A hacker conducted reconnaissance and developed a footprint of the company s Internet-facing web application assets.

• A vulnerability in a third-party horary was exploited by the hacker, resulting in the compromise of a local account.

• The hacker took advantage of the account's excessive privileges to access a data store and exfiltrate the data without detection.

Which of the following is the BEST solution to help prevent this type of attack from being successful in the future?

An auditor needs to scan documents at rest for sensitive text. These documents contain both text and Images. Which of the following software functionalities must be enabled in the DLP solution for the auditor to be able to fully read these documents? (Select TWO).

The Chief information Officer (CIO) asks the system administrator to improve email security at the company based on the following requirements:

* Transaction being requested by unauthorized individuals.

* Complete discretion regarding client names, account numbers, and investment information.

* Malicious attackers using email to malware and ransomeware.

* Exfiltration of sensitive company information.

The cloud-based email solution will provide anti-malware reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the boar’s concerns for this email migration?

As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents.

Which of the following BEST describes this kind of risk response?

Over the last 90 days, many storage services has been exposed in the cloud services environments, and the security team does not have the ability to see is creating these instance. Shadow IT is creating data services and instances faster than the small security team can keep up with them. The Chief information security Officer (CIASO) has asked the security officer (CISO) has asked the security lead architect to architect to recommend solutions to this problem.

Which of the following BEST addresses the problem best address the problem with the least amount of administrative effort?

A security analyst discovered that a database administrator's workstation was compromised by malware. After examining the Jogs. the compromised workstation was observed connecting to multiple databases through ODBC. The following query behavior was captured:

Assuming this query was used to acquire and exfiltrate data, which of the following types of data was compromised, and what steps should the incident response plan contain?

A) Personal health information: Inform the human resources department of the breach and review the DLP logs.

Ð’) Account history; Inform the relationship managers of the breach and create new accounts for the affected users.

C) Customer IDs: Inform the customer service department of the breach and work to change the account numbers.

D) PAN: Inform the legal department of the breach and look for this data in dark web monitoring.