CAS-004 exam

Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights. Which of the following documents will MOST likely contain these elementsA . Company A-B SLA v2.docxB . Company A OLA...

A security engineer estimates the company’s popular web application experiences 100 attempted breaches per day. In the past four years, the company’s data has been breached two times. Which of the following should the engineer report as the ARO for successful breaches?A . 0.5B . 8C . 50D . 36,500View...

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic. When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the network?A . Packets that are the wrong size or length B....

A company was recently infected by malware. During the root cause analysis. the company determined that several users were installing their own applications. TO prevent further compromises, the company has decided it will only allow authorized applications to run on its systems. Which Of the following should the company implement?A...

Which of the following protocols is a low power, low data rate that allows for the creation of PAN networks?A . Zigbee B. CAN C. DNP3 D. ModbusView AnswerAnswer: A Explanation: Reference: https://urgentcomm.com/2007/11/01/connecting-on-a-personal-level/

A security engineer estimates the company’s popular web application experiences 100 attempted breaches per day. In the past four years, the company’s data has been breached two times. Which of the following should the engineer report as the ARO for successful breaches?A . 0.5 B. 8 C. 50 D. 36,500View...

A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown...

A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization. Which of the following actions would BEST resolve the issue? (Choose two.)A . Conduct input sanitization. B. Deploy...

A host on a company’s network has been infected by a worm that appears to be spreading via SMB. A security analyst has been tasked with containing the incident while also maintaining evidence for a subsequent investigation and malware analysis. Which of the following steps would be best to perform...

A security engineer is reviewing a record of events after a recent data breach incident that Involved the following: • A hacker conducted reconnaissance and developed a footprint of the company s Internet-facing web application assets. • A vulnerability in a third-party horary was exploited by the hacker, resulting in...