CAS-004 exam

A security analyst is reviewing the following output: Which of the following would BEST mitigate this type of attack?A . Installing a network firewallB . Placing a WAF inlineC . Implementing an IDSD . Deploying a honeypotView AnswerAnswer: A

An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the organization was able to successfully apply mitigations to reduce the likelihood of impact. Which of the following should the organization perform NEXT?A...

A company’s employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email traveling . Which of the following is the MOST likely explanation? (Select TWO.)A...

A security engineer has been asked to close all non-secure connections from the corporate network. The engineer is attempting to understand why the corporate UTM will not allow users to download email via IMAPS. The engineer formulates a theory and begins testing by creating the firewall ID 58, and users...

A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment. Which of the...

Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?A . Importing the availability of messagesB . Ensuring non-repudiation of messagesC . Enforcing protocol conformance for messagesD . Assuring the integrity of messagesView AnswerAnswer:...

A company that all mobile devices be encrypted, commensurate with the full disk encryption scheme of assets, such as workstation, servers, and laptops . Which of the following will MOST likely be a limiting factor when selecting mobile device managers for the company?A . Increased network latencyB . Unavailable of...

Due to locality and budget constraints, an organization’s satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not...

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?A . The client application...

A security analyst is reading the results of a successful exploit that was recently conducted by third-party penetration testers. The testers reverse engineered a privileged executable. In the report, the planning and execution of the exploit is detailed using logs and outputs from the test However, the attack vector of...