CAS-004 exam

While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were...

Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights . Which of the following documents will MOST likely contain these elements?A . Company A-B SLA v2.docxB . Company A...

A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information . Which of the following should the company implement to ensure...

During a system penetration test, a security engineer successfully gained access to a shell on a Linux host as a standard user and wants to elevate the privilege levels. Which of the following is a valid Linux post-exploitation method to use to accomplish this goal?A . Spawn a shell using...

An organization is preparing to migrate its production environment systems from an on-premises environment to a cloud service. The lead security architect is concerned that the organization's current methods for addressing risk may not be possible in the cloud environment. Which of the following BEST describes the reason why traditional...

Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?A . Importing the availability of messagesB . Ensuring non-repudiation of messagesC . Enforcing protocol conformance for messagesD . Assuring the integrity of messagesView AnswerAnswer:...

An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to...

A company is repeatedly being breached by hackers who valid credentials. The company’s Chief information Security Officer (CISO) has installed multiple controls for authenticating users, including biometric and token-based factors. Each successive control has increased overhead and complexity but has failed to stop further breaches. An external consultant is evaluating...

A customer reports being unable to connect to a website at www.test.com to consume services. The customer notices the web application has the following published cipher suite: Which of the following is the MOST likely cause of the customer’s inability to connect? A. Weak ciphers are being used. B. The...

A company is implementing SSL inspection. During the next six months, multiple web applications that will be separated out with subdomains will be deployed. Which of the following will allow the inspection of the data without multiple certificate deployments? A. Include all available cipher suites. B. Create a wildcard certificate....