CAS-004 exam

A security engineer needs to implement a solution to increase the security posture of user endpoints by providing more visibility and control over local administrator accounts. The endpoint security team is overwhelmed with alerts and wants a solution that has minimal operational burdens. Additionally, the solution must maintain a positive...

Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?A . Importing the availability of messagesB . Ensuring non-repudiation of messagesC . Enforcing protocol conformance for messagesD . Assuring the integrity of messagesView AnswerAnswer:...

Ann, a CIRT member, is conducting incident response activities on a network that consists of several hundred virtual servers and thousands of endpoints and users. The network generates more than 10,000 log messages per second. The enterprise belong to a large, web-based cryptocurrency startup, Ann has distilled the relevant information...

Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?A . Importing the availability of messagesB . Ensuring non-repudiation of messagesC . Enforcing protocol conformance for messagesD . Assuring the integrity of messagesView AnswerAnswer:...

A security analyst discovered that the company’s WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests: Which of the following would BEST mitigate this vulnerability?A . CAPTCHAB . Input validationC . Data encodingD . Network intrusion...

A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage. Which of the following is a security concern that will MOST likely need to be addressed during migration?A . LatencyB . Data exposureC . Data lossD . Data dispersionView AnswerAnswer:...

An application developer is including third-party background security fixes in an application. The fixes seem to resolve a currently identified security issue. However, when the application is released to the public, report come In that a previously vulnerability has returned . Which of the following should the developer integrate into...

A small business requires a low-cost approach to theft detection for the audio recordings it produces and sells. Which of the following techniques will MOST likely meet the business’s needs?A . Performing deep-packet inspection of all digital audio filesB . Adding identifying filesystem metadata to the digital audio filesC ....

A company’s claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee’s laptop when was opened.A . Impalement application whitelisting and...

An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following: Unstructured data being exfiltrated after an employee leaves the...