CAS-004 exam

A security engineer has been asked to close all non-secure connections from the corporate network. The engineer is attempting to understand why the corporate UTM will not allow users to download email via IMAPS. The engineer formulates a theory and begins testing by creating the firewall ID 58, and users...

A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment. Which of the...

Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?A . Importing the availability of messagesB . Ensuring non-repudiation of messagesC . Enforcing protocol conformance for messagesD . Assuring the integrity of messagesView AnswerAnswer:...

A company that all mobile devices be encrypted, commensurate with the full disk encryption scheme of assets, such as workstation, servers, and laptops . Which of the following will MOST likely be a limiting factor when selecting mobile device managers for the company?A . Increased network latencyB . Unavailable of...

Due to locality and budget constraints, an organization’s satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not...

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?A . The client application...

A security analyst is reading the results of a successful exploit that was recently conducted by third-party penetration testers. The testers reverse engineered a privileged executable. In the report, the planning and execution of the exploit is detailed using logs and outputs from the test However, the attack vector of...

A business stores personal client data of individuals residing in the EU in order to process requests for mortgage loan approvals. Which of the following does the business’s IT manager need to consider?A . The availability of personal dataB . The right to personal data erasureC . The company’s annual...

A security is assisting the marketing department with ensuring the security of the organization’s social media platforms. The two main concerns are: The Chief marketing officer (CMO) email is being used department wide as the username The password has been shared within the department Which of the following controls would...

A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line. Which of the following commands would be the BEST to run to view only active Internet connections?A . sudo netstat -antu | grep “LISTEN” | awk ‘{print$5}’B . sudo...