[May 03, 2023] Ultimate CAS-004 Guide to Prepare Free Latest CompTIA Practice Tests Dumps [Q32-Q46] : Free valid test braindumps : http://free.validbraindumps.com

Q32. A company is preparing to deploy a global service.
Which of the following must the company do to ensure GDPR compliance? (Choose two.)

Inform users regarding what data is stored.

Provide opt-in/out for marketing messages.

Provide data deletion capabilities.

Provide optional data encryption.

Grant data access to third parties.

Provide alternative authentication techniques.

Q33. Company A is establishing a contractual with Company B.
The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights.
Which of the following documents will MOST likely contain these elements

Company A-B SLA v2.docx

Company A OLA v1b.docx

Company A MSA v3.docx

Company A MOU v1.docx

Company A-B NDA v03.docx

Q34. A company publishes several APIs for customers and is required to use keys to segregate customer data sets.
Which of the following would be BEST to use to store customer keys?

A trusted platform module

A hardware security module

A localized key store

A public key infrastructure

Q35. A security engineer notices the company website allows users following example:
hitps://mycompany.com/main.php?Country=US
Which of the following vulnerabilities would MOST likely affect this site?

SQL injection

Remote file inclusion

Directory traversal –

Unsecure references

Q36. A security engineer needs 10 implement a CASB to secure employee user web traffic. A Key requirement is mat relevant event data must be collected from existing on-premises infrastructure components and consumed by me CASB to expand traffic visibility. The solution must be nighty resilient to network outages. Which of the following architectural components would BEST meet these requirements?

Log collection

Reverse proxy

AWAF

API mode

Q37. A security analyst is reviewing the following output:

Which of the following would BEST mitigate this type of attack?

Installing a network firewall

Placing a WAF inline

Implementing an IDS

Deploying a honeypot

Q38. A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

Which of the following MOST appropriate corrective action to document for this finding?

The product owner should perform a business impact assessment regarding the ability to implement a WAF.

The application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.

The system administrator should evaluate dependencies and perform upgrade as necessary.

The security operations center should develop a custom IDS rule to prevent attacks buffer overflows against this server.

Q39. A security analyst is reviewing the following vulnerability assessment report:

Which of the following should be patched FIRST to minimize attacks against Internet-facing hosts?

Server1

Server2

Server 3

Servers

Q40. A company has decided to purchase a license for software that is used to operate a mission-critical process. The third-party developer is new to the industry but is delivering what the company needs at this time.
Which of the following BEST describes the reason why utilizing a source code escrow will reduce the operational risk to the company if the third party stops supporting the application?

The company will have access to the latest version to continue development.

The company will be able to force the third-party developer to continue support.

The company will be able to manage the third-party developer’s development process.

The company will be paid by the third-party developer to hire a new development team.

Q41. A vulnerability analyst identified a zero-day vulnerability in a company’s internally developed software. Since the current vulnerability management system does not have any checks for this vulnerability, an engineer has been asked to create one.
Which of the following would be BEST suited to meet these requirements?

ARF

ISACs

Node.js

OVAL

Q42. An organization’s finance system was recently attacked. A forensic analyst is reviewing the contents Of the compromised files for credit card dat a.
Which of the following commands should the analyst run to BEST determine whether financial data was lost?

Option A

Option B

Option C

Option D

Q43. A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks.
Which of the following sources could the architect consult to address this security concern?

SDLC

OVAL

IEEE

OWASP

Q44. A company security engineer arrives at work to face the following scenario:
1) Website defacement
2) Calls from the company president indicating the website needs to be fixed Immediately because It Is damaging the brand
3) A Job offer from the company’s competitor
4) A security analyst’s investigative report, based on logs from the past six months, describing how lateral movement across the network from various IP addresses originating from a foreign adversary country resulted in exfiltrated data Which of the following threat actors Is MOST likely involved?

Organized crime

Script kiddie

APT/nation-state

Competitor

Q45. A company wants to protect its intellectual property from theft. The company has already applied ACLs and DACs.
Which of the following should the company use to prevent data theft?

Watermarking

DRM

NDA

Access logging

Q46. A security analyst notices a number of SIEM events that show the following activity:

Which of the following response actions should the analyst take FIRST?

Disable powershell.exe on all Microsoft Windows endpoints.

Restart Microsoft Windows Defender.

Configure the forward proxy to block 40.90.23.154.

Disable local administrator privileges on the endpoints.