CAS-004 exam

A company’s Chief Information Security Officer is concerned that the company’s proposed move to the cloud could lead to a lack of visibility into network traffic flow logs within the VPC. Which of the following compensating controls would be BEST to implement in this situation?A . EDRB . SIEMC ....

DRAG DROP An organization is planning for disaster recovery and continuity of operations. INSTRUCTIONS Review the following scenarios and instructions. Match each relevant finding to the affected host. After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding. Each finding...

A cybersecurity analyst receives a ticket that indicates a potential incident is occurring. There has been a large in log files generated by a generated by a website containing a ‘’Contact US’’ form. The analyst must determine if the increase in website traffic is due to a recent marketing campaign...

A company is preparing to deploy a global service. Which of the following must the company do to ensure GDPR compliance? (Choose two.)A . Inform users regarding what data is stored.B . Provide opt-in/out for marketing messages.C . Provide data deletion capabilities.D . Provide optional data encryption.E . Grant data...

A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown...

An engineering team is developing and deploying a fleet of mobile devices to be used for specialized inventory management purposes. These devices should: * Be based on open-source Android for user familiarity and ease. * Provide a single application for inventory management of physical assets. * Permit use of the...

The Chief information Officer (CIO) wants to establish a non-banding agreement with a third party that outlines the objectives of the mutual arrangement dealing with data transfers between both organizations before establishing a format partnership . Which of the follow would MOST likely be used?A . MOUB . OLAC ....

A security auditor needs to review the manner in which an entertainment device operates. The auditor is analyzing the output of a port scanning tool to determine the next steps in the security review. Given the following log output. The best option for the auditor to use NEXT is: A...

After a security incident, a network security engineer discovers that a portion of the company’s sensitive external traffic has been redirected through a secondary ISP that is not normally used. Which of the following would BEST secure the routes while allowing the network to function in the event of a...

A security engineer is hardening a company’s multihomed SFTP server. When scanning a public-facing network interface, the engineer finds the following ports are open: 22 25 110 137 138 139 445 Internal Windows clients are used to transferring files to the server to stage them for customer download as part...