CAS-004 exam

A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following: The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:...

A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away. Which of...

A company is looking for a solution to hide data stored in databases. The solution must meet the following requirements: Be efficient at protecting the production environment Not require any change to the application Act at the presentation layer Which of the following techniques should be used?A . MaskingB ....

A company’s claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee’s laptop when was opened.A . Impalement application whitelisting and...

Which of the following are risks associated with vendor lock-in? (Choose two.)A . The client can seamlessly move data.B . The vendor can change product offerings.C . The client receives a sufficient level of service.D . The client experiences decreased quality of service.E . The client can leverage a multicloud...

A cybersecurity engineer analyst a system for vulnerabilities. The tool created an OVAL. Results document as output . Which of the following would enable the engineer to interpret the results in a human readable form? (Select TWO.)A . Text editorB . OOXML editorC . Event ViewerD . XML style sheetE...

A Chief information Security Officer (CISO) has launched to create a rebuts BCP/DR plan for the entire company. As part of the initiative, the security team must gather data supporting s operational importance for the applications used by the business and determine the order in which the application must be...

A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage. Which of the following is a security concern that will MOST likely need to be addressed during migration?A . LatencyB . Data exposureC . Data lossD . Data dispersionView AnswerAnswer:...

A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident. Which of the following would be BEST to proceed with the transformation?A . An on-premises solution as a backupB . A load balancer with...

A company in the financial sector receives a substantial number of customer transaction requests via email. While doing a root-cause analysis conceding a security breach, the CIRT correlates an unusual spike in port 80 traffic from the IP address of a desktop used by a customer relations employee who has...