How Many Questions Of CAS-004 Preparation Exams

NEW QUESTION 1
A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks.
Which of the following sources could the architect consult to address this security concern?

• A. SDLC
• B. OVAL
• C. IEEE
• D. OWASP

Answer: B

Explanation:
Reference: https://dzone.com/articles/what-is-oval-a-community-driven-vulnerability-mana

NEW QUESTION 2
A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away. Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

• A. Scan the code with a static code analyzer, change privileged user passwords, and provide security training.
• B. Change privileged usernames, review the OS logs, and deploy hardware tokens.
• C. Implement MFA, review the application logs, and deploy a WAF.
• D. Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.

Answer: D

Explanation:
Reference: https://www.microfocus.com/en-us/what-is/sast

NEW QUESTION 3
An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following:
Unstructured data being exfiltrated after an employee leaves the organization
Data being exfiltrated as a result of compromised credentials
Sensitive information in emails being exfiltrated
Which of the following solutions should the security team implement to mitigate the risk of data loss?

• A. Mobile device management, remote wipe, and data loss detection
• B. Conditional access, DoH, and full disk encryption
• C. Mobile application management, MFA, and DRM
• D. Certificates, DLP, and geofencing

Answer: A

NEW QUESTION 4
A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote location. The main requirements are the following:
* 1. The network supports core applications that have 99.99% uptime.
* 2. Configuration updates to the SD-WAN routers can only be initiated from the management service.
* 3. Documents downloaded from websites must be scanned for malware.
Which of the following solutions should the network architect implement to meet the requirements?

• A. Reverse proxy, stateful firewalls, and VPNs at the local sites
• B. IDSs, WAFs, and forward proxy IDS
• C. DoS protection at the hub site, mutual certificate authentication, and cloud proxy
• D. IPSs at the hub, Layer 4 firewalls, and DLP

Answer: B

NEW QUESTION 5
The Chief information Officer (CIO) asks the system administrator to improve email security at the company based on the following requirements:
* Transaction being requested by unauthorized individuals.
* Complete discretion regarding client names, account numbers, and investment information.
* Malicious attackers using email to malware and ransomeware.
* Exfiltration of sensitive company information.
The cloud-based email solution will provide anti-malware reputation-based scanning, signature-based scanning, and sandboxing .
Which of the following is the BEST option to resolve the boar’s concerns for this email migration?

• A. Data loss prevention
• B. Endpoint detection response
• C. SSL VPN
• D. Application whitelisting

Answer: A

NEW QUESTION 6
In preparation for the holiday season, a company redesigned the system that manages retail sales and moved it to a cloud service provider. The new infrastructure did not meet the company’s availability requirements. During a postmortem analysis, the following issues were highlighted:
* 1. International users reported latency when images on the web page were initially loading.
* 2. During times of report processing, users reported issues with inventory when attempting to place orders.
* 3. Despite the fact that ten new API servers were added, the load across servers was heavy at peak times.
Which of the following infrastructure design changes would be BEST for the organization to implement to avoid these issues in the future?

• A. Serve static content via distributed CDNs, create a read replica of the central database and pull reports from there, and auto-scale API servers based on performance.
• B. Increase the bandwidth for the server that delivers images, use a CDN, change the database to a non-relational database, and split the ten API servers across two load balancers.
• C. Serve images from an object storage bucket with infrequent read times, replicate the database across different regions, and dynamically create API servers based on load.
• D. Serve static-content object storage across different regions, increase the instance size on the managed relational database, and distribute the ten API servers across multiple regions.

Answer: A

NEW QUESTION 7
An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access.
Which of the following describes the administrator’s discovery?

• A. A vulnerability
• B. A threat
• C. A breach
• D. A risk

Answer: A

Explanation:
Reference: https://www.beyondtrust.com/blog/entry/privilege-escalation-attack-defense-explained

NEW QUESTION 8
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/ output (I/O) on the disk drive.

Based on the output above, from which of the following process IDs can the analyst begin an investigation?

• A. 65
• B. 77
• C. 83
• D. 87

Answer: D

NEW QUESTION 9
A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer’s laptop was impacted while working from home. The goal is to prevent further endpoint disruption.
The edge network is protected by a web proxy.
Which of the following solutions should the security architect recommend?

• A. Replace the current antivirus with an EDR solution.
• B. Remove the web proxy and install a UTM appliance.
• C. Implement a deny list feature on the endpoints.
• D. Add a firewall module on the current antivirus solution.

Answer: C

NEW QUESTION 10
A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources.
The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field and leaves the institution vulnerable.
Which of the following should the security team recommend FIRST?

• A. Investigating a potential threat identified in logs related to the identity management system
• B. Updating the identity management system to use discretionary access control
• C. Beginning research on two-factor authentication to later introduce into the identity management system
• D. Working with procurement and creating a requirements document to select a new IAM system/vendor

Answer: A

NEW QUESTION 11
Due to locality and budget constraints, an organization’s satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.
Which of the following would be the BEST option to implement?

• A. Distributed connection allocation
• B. Local caching
• C. Content delivery network
• D. SD-WAN vertical heterogeneity

Answer: C

NEW QUESTION 12
A company is repeatedly being breached by hackers who valid credentials. The company’s Chief information Security Officer (CISO) has installed multiple controls for authenticating users, including biometric and token-based factors. Each successive control has increased overhead and complexity but has failed to stop further breaches. An external consultant is evaluating the process currently in place to support the authentication controls .
Which of the following recommendation would MOST likely reduce the risk of unauthorized access?

• A. Implement strict three-factor authentication.
• B. Implement least privilege policies
• C. Switch to one-time or all user authorizations.
• D. Strengthen identify-proofing procedures

Answer: A

NEW QUESTION 13
A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident.
Which of the following would be BEST to proceed with the transformation?

• A. An on-premises solution as a backup
• B. A load balancer with a round-robin configuration
• C. A multicloud provider solution
• D. An active-active solution within the same tenant

Answer: D

NEW QUESTION 14
A small company recently developed prototype technology for a military program. The company’s security engineer is concerned about potential theft of the newly developed, proprietary information.
Which of the following should the security engineer do to BEST manage the threats proactively?

• A. Join an information-sharing community that is relevant to the company.
• B. Leverage the MITRE ATT&CK framework to map the TTR.
• C. Use OSINT techniques to evaluate and analyze the threats.
• D. Update security awareness training to address new threats, such as best practices for data security.

Answer: D

NEW QUESTION 15
DRAG DROP
An organization is planning for disaster recovery and continuity of operations. INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected host.
After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding. Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Select and Place:

A.

• A.

Answer: A

NEW QUESTION 16
......