CAS-004 exam

A company wants to protect its intellectual property from theft. The company has already applied ACLs and DACs. Which of the following should the company use to prevent data theft?A . Watermarking B. DRM C. NDA D. Access loggingView AnswerAnswer: A

A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software. Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run...

Due to internal resource constraints, the management team has asked the principal security architect to recommend a solution that shifts partial responsibility for application-level controls to the cloud provider. In the shared responsibility model, which of the following levels of service meets this requirement?A . laaS B. SaaS C. FaaS...

A security analyst is researching containerization concepts for an organization. The analyst is concerned about potential resource exhaustion scenarios on the Docker host due to a single application that is overconsuming available resources. Which of the following core Linux concepts BEST reflects the ability to limit resource allocation to containers?A...

A Chief information Security Officer (CISO) has launched to create a rebuts BCP/DR plan for the entire company. As part of the initiative, the security team must gather data supporting s operational importance for the applications used by the business and determine the order in which the application must be...

An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to...

A company is preparing to deploy a global service. Which of the following must the company do to ensure GDPR compliance? (Choose two.)A . Inform users regarding what data is stored. B. Provide opt-in/out for marketing messages. C. Provide data deletion capabilities. D. Provide optional data encryption. E. Grant data...

A security analyst is reading the results of a successful exploit that was recently conducted by third-party penetration testers. The testers reverse engineered a privileged executable. In the report, the planning and execution of the exploit is detailed using logs and outputs from the test However, the attack vector of...

A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios: Unauthorized insertions into application development environments Authorized insiders making unauthorized changes to environment configurations Which...

DRAG DROP An organization is planning for disaster recovery and continuity of operations. INSTRUCTIONS Review the following scenarios and Match each relevant finding to the affected host. After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding. Each finding may...