New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. CompTIA
  3. CompTIA CASP
  4. CAS-004 - CompTIA Advanced Security Practitioner (CASP+) Exam

CAS-004 Exam Dumps - CompTIA Advanced Security Practitioner (CASP+) Exam

Go to page:
Question # 25

Leveraging cryptographic solutions to protect data that is in use ensures the data is encrypted:

A.

when it is passed across a local network.

B.

in memory during processing

C.

when it is written to a system’s solid-state drive.

D.

by an enterprise hardware security module.

Full Access
Question # 26

Which of the following controls primarily detects abuse of privilege but does not prevent it?

A.

Off-boarding

B.

Separation of duties

C.

Least privilege

D.

Job rotation

Full Access
Question # 27

A company launched a new service and created a landing page within its website network for users to access the service. Per company policy, all websites must utilize encryption for any authentication pages. A junior network administrator proceeded to use an outdated procedure to order new certificates. Afterward, customers are reporting the following error when accessing a new web page: NET:ERR_CERT_COMMON_NAME_INVALID. Which of the following BEST describes what the administrator should do NEXT?

A.

Request a new certificate with the correct subject alternative name that includes the new websites.

B.

Request a new certificate with the correct organizational unit for the company's website.

C.

Request a new certificate with a stronger encryption strength and the latest cipher suite.

D.

Request a new certificate with the same information but including the old certificate on the CRL.

Full Access
Question # 28

A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following.

* Transactions being required by unauthorized individual

* Complete discretion regarding client names, account numbers, and investment information.

* Malicious attacker using email to distribute malware and ransom ware.

* Exfiltration of sensitivity company information.

The cloud-based email solution will provide an6-malware, reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the board’s concerns for this email migration?

A.

Data loss prevention

B.

Endpoint detection response

C.

SSL VPN

D.

Application whitelisting

Full Access
Question # 29

A host on a company’s network has been infected by a worm that appears to be spreading via SMB. A security analyst has been tasked with containing the incident while also maintaining evidence for a subsequent investigation and malware analysis.

Which of the following steps would be best to perform FIRST?

A.

Turn off the infected host immediately.

B.

Run a full anti-malware scan on the infected host.

C.

Modify the smb.conf file of the host to prevent outgoing SMB connections.

D.

Isolate the infected host from the network by removing all network connections.

Full Access
Question # 30

A recent data breach stemmed from unauthorized access to an employee’s company account with a cloud-based productivity suite. The attacker exploited excessive permissions granted to a third-party OAuth application to collect sensitive information.

Which of the following BEST mitigates inappropriate access and permissions issues?

A.

SIEM

B.

CASB

C.

WAF

D.

SOAR

Full Access
Question # 31

A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage.

Which of the following is a security concern that will MOST likely need to be addressed during migration?

A.

Latency

B.

Data exposure

C.

Data loss

D.

Data dispersion

Full Access
Question # 32

A recent data breach revealed that a company has a number of files containing customer data across its storage environment. These files are individualized for each employee and are used in tracking various customer orders, inquiries, and issues. The files are not encrypted and can be accessed by anyone. The senior management team would like to address these issues without interrupting existing processes.

Which of the following should a security architect recommend?

A.

A DLP program to identify which files have customer data and delete them

B.

An ERP program to identify which processes need to be tracked

C.

A CMDB to report on systems that are not configured to security baselines

D.

A CRM application to consolidate the data and provision access based on the process and need

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps