This page was exported from Free valid test braindumps [ http://free.validbraindumps.com ] Export date:Sat Apr 5 8:25:27 2025 / +0000 GMT ___________________________________________________ Title: Best CAS-004 Exam Dumps for the Preparation of Latest Exam Questions [Q139-Q154] --------------------------------------------------- Best CAS-004 Exam Dumps for the Preparation of Latest Exam Questions CAS-004 Actual Questions 100% Same Braindumps with Actual Exam! The CASP+ certification is recognized by major corporations and government agencies around the world. It is highly valued by employers who are looking for professionals with advanced cybersecurity skills. CompTIA Advanced Security Practitioner (CASP+) Exam certification is also recognized by the U.S. Department of Defense (DoD) and meets the requirements of the DoD 8570.01-M for Information Assurance Manager Level III and Information Assurance Technical Level III. The CASP+ certification exam covers a wide range of security topics, including enterprise security architecture, security operations and incident response, research and analysis, and integration of computing, communications, and business disciplines. CAS-004 exam also covers the latest technologies and trends in the security industry, such as cloud security, mobile security, and virtualization security. CAS-004 exam consists of 90 multiple-choice and performance-based questions, and the time limit is 165 minutes.   Q139. An auditor Is reviewing the logs from a web application to determine the source of an Incident. The web application architecture Includes an Internet-accessible application load balancer, a number of web servers In a private subnet, application servers, and one database server In a tiered configuration. The application load balancer cannot store the logs. The following are sample log snippets:Which of the following should the auditor recommend to ensure future incidents can be traced back to the sources?  Enable the x-Forwarded-For header al the load balancer.  Install a software-based HIDS on the application servers.  Install a certificate signed by a trusted CA.  Use stored procedures on the database server.  Store the value of the $_server ( ‘ REMOTE_ADDR ‘ ] received by the web servers. Q140. All staff at a company have started working remotely due to a global pandemic. To transition to remote work, the company has migrated to SaaS collaboration tools. The human resources department wants to use these tools to process sensitive information but is concerned the data could be:Leaked to the media via printing of the documentsSent to a personal email addressAccessed and viewed by systems administratorsUploaded to a file storage siteWhich of the following would mitigate the department’s concerns?  Data loss detection, reverse proxy, EDR, and PGP  VDI, proxy, CASB, and DRM  Watermarking, forward proxy, DLP, and MFA  Proxy, secure VPN, endpoint encryption, and AV Q141. A company’s employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email traveling . Which of the following is the MOST likely ? (Select TWO.)  Outdated escalation attack  Privilege escalation attack  VPN on the mobile device  Unrestricted email administrator accounts  Chief use of UDP protocols  Disabled GPS on mobile devices Q142. A vulnerability scanner detected an obsolete version of an open-source file-sharing application on one of a company’s Linux servers. While the software version is no longer supported by the OSS community, the company’s Linux vendor backported fixes, applied them for all current vulnerabilities, and agrees to support the software in the future.Based on this agreement, this finding is BEST categorized as a:  true positive.  true negative.  false positive.  false negative. Q143. A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?  NAC to control authorized endpoints  FIM on the servers storing the data  A jump box in the screened subnet  A general VPN solution to the primary network Q144. A company provides guest WiFi access to the internet and physically separates the guest network from the company’s internal WIFI. Due to a recent incident in which an attacker gained access to the compay’s intend WIFI, the company plans to configure WPA2 Enterprise in an EAP- TLS configuration. Which of the following must be installed on authorized hosts for this new configuration to work properly?  Active Directory OPOs  PKI certificates  Host-based firewall  NAC persistent agent Q145. An organization’s existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently,the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.Which of the following designs would be BEST for the CISO to use?  Adding a second redundant layer of alternate vendor VPN concentrators  Using Base64 encoding within the existing site-to-site VPN connections  Distributing security resources across VPN sites  Implementing IDS services with each VPN concentrator  Transitioning to a container-based architecture for site-based services If on VPN concentrator goes down due to a zero day threat, having a redundant VPN concentrator of a different vendor should keep you going.Q146. An auditor Is reviewing the logs from a web application to determine the source of an Incident. The web application architecture Includes an Internet-accessible application load balancer, a number of web servers In a private subnet, application servers, and one database server In a tiered configuration. The application load balancer cannot store the logs. The following are sample log snippets:Which of the following should the auditor recommend to ensure future incidents can be traced back to the sources?  Enable the x-Forwarded-For header al the load balancer.  Install a software-based HIDS on the application servers.  Install a certificate signed by a trusted CA.  Use stored procedures on the database server.  Store the value of the $_server ( ‘ REMOTE_ADDR ‘ ] received by the web servers. Q147. An organization is planning for disaster recovery and continuity of operations.INSTRUCTIONSReview the following scenarios and instructions. Match each relevant finding to the affected host.After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.Each finding may be used more than once.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Q148. A security engineer is reviewing a record of events after a recent data breach incident that Involved the following:* A hacker conducted reconnaissance and developed a footprint of the company s Internet-facing web application assets.* A vulnerability in a third-party horary was exploited by the hacker, resulting in the compromise of a local account.* The hacker took advantage of the account’s excessive privileges to access a data store and exfiltrate the data without detection.Which of the following is the BEST solution to help prevent this type of attack from being successful in the future?  Dynamic analysis  Secure web gateway  Software composition analysis  User behavior analysis  Web application firewall A web application firewall (WAF) is a security device that inspects web application traffic and can detect and prevent malicious activity such as SQL injection, cross-site scripting, and malicious file uploads. This type of attack could have been prevented if a WAF was in place to monitor and block malicious traffic. Resources:CompTIA Advanced Security Practitioner (CASP+) Study Guide, Chapter 4: “Web Application Firewalls,” Wiley, 2018. https://www.wiley.com/en-us/CompTIA+Advanced+Security+Practitioner+CASP%2B+Study+Guide%2C+2nd+Edition-p-9781119396582Q149. An organization’s finance system was recently attacked. A forensic analyst is reviewing the contents of the compromised files for credit card data. Which of the following commands should the analyst run to BEST determine whether financial data was lost?  Option A  Option B  Option C  Option D Q150. Which of the following are risks associated with vendor lock-in? (Choose two.)  The client can seamlessly move data.  The vendor can change product offerings.  The client receives a sufficient level of service.  The client experiences decreased quality of service.  The client can leverage a multicloud approach.  The client experiences increased interoperability. Q151. A new web server must comply with new secure-by-design principles and PCI DSS. This includes mitigating the risk of an on-path attack. A security analyst is reviewing the following web server configuration:Which of the following ciphers should the security analyst remove to support the business requirements?  TLS_AES_128_CCM_8_SHA256  TLS_DHE_DSS_WITH_RC4_128_SHA  TLS_CHACHA20_POLY1305_SHA256  TLS_AES_128_GCM_SHA256 Q152. A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:Which of the following MOST appropriate corrective action to document for this finding?  The product owner should perform a business impact assessment regarding the ability to implement a WAF.  The application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.  The system administrator should evaluate dependencies and perform upgrade as necessary.  The security operations center should develop a custom IDS rule to prevent attacks buffer overflows against this server. Q153. SIMULATIONYou are a security analyst tasked with interpreting an Nmap scan output from company’s privileged network.The company’s hardening guidelines indicate the following:There should be one primary server or service per device.Only default ports should be used.Non-secure protocols should be disabled.INSTRUCTIONSUsing the Nmap output, identify the devices on the network and their roles, and any open ports that should be closed.For each device found by Nmap, add a device entry to the Devices Discovered list, with the following information:The IP address of the deviceThe primary server or service of the device (Note that each IP should by associated with one service/port only) The protocol(s) that should be disabled based on the hardening guidelines (Note that multiple ports may need to be closed to comply with the hardening guidelines) If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. 10.1.45.65 SFTP Server Disable 808010.1.45.66 Email Server Disable 415 and 44310.1.45.67 Web Server Disable 21, 8010.1.45.68 UTM Appliance Disable 21Q154. During a remodel, a company’s computer equipment was moved to a secure storage room with cameras positioned on both sides of the door. The door is locked using a card reader issued by the security team, and only the security team and department managers have access to the room. The company wants to be able to identify any unauthorized individuals who enter the storage room by following an authorized employee.Which of the following processes would BEST satisfy this requirement?  Monitor camera footage corresponding to a valid access request.  Require both security and management to open the door.  Require department managers to review denied-access requests.  Issue new entry badges on a weekly basis.  Loading … CAS-004 Study Material, Preparation Guide and PDF Download: https://www.validbraindumps.com/CAS-004-exam-prep.html --------------------------------------------------- Images: https://free.validbraindumps.com/wp-content/plugins/watu/loading.gif https://free.validbraindumps.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-06-24 09:54:13 Post date GMT: 2023-06-24 09:54:13 Post modified date: 2023-06-24 09:54:13 Post modified date GMT: 2023-06-24 09:54:13