CAS-004 exam

Which of the following technologies allows CSPs to add encryption across multiple data storages?A . Symmetric encryptionB . Homomorphic encryptionC . Data dispersionD . Bit splittingView AnswerAnswer: A Explanation: Reference: https://www.hhs.gov/sites/default/files/nist800111.pdf

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session: Which of the following BEST explains why secure LDAP is not working? (Select TWO.)A ....

A vulnerability scanner detected an obsolete version of an open-source file-sharing application on one of a company’s Linux servers. While the software version is no longer supported by the OSS community, the company’s Linux vendor backported fixes, applied them for all current vulnerabilities, and agrees to support the software in...

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic. When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the network?A . Packets that are the wrong size or lengthB ....

A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server. To further investigate, the analyst pulls the event logs directly from /var/log/auth.log: graphic.ssh_auth_log. Which of the following actions would BEST address the potential risks by the activity in the logs?A ....

An organization wants to perform a scan of all its systems against best practice security configurations. Which of the following SCAP standards, when combined, will enable the organization to view each of the configuration checks in a machine-readable checklist format for fill automation? (Choose two.)A . ARFB . XCCDFC ....

Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights . Which of the following documents will MOST likely contain these elements?A . Company A-B SLA v2.docxB . Company A...

A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence. Which of the following offers an authoritative decision about whether the evidence was obtained legally?A . LawyersB . CourtC . Upper management teamD . PoliceView AnswerAnswer: A

A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following. * Transactions being required by...

A company’s SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign. Which of the following should the company use to make this determination?A . Threat huntingB . A system penetration testC ....