Download CompTIA CAS-004 Mock Test Study Material [Q266-Q280]

Rate this post

Download CompTIA CAS-004 Mock Test Study Material

CAS-004 Questions Prepare with Learning Information

Q266. An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access.
Which of the following describes the administrator’s discovery?

A vulnerability

A threat

A breach

A risk

Q267. A company’s product site recently had failed API calls, resulting in customers being unable to check out and purchase products. This type of failure could lead to the loss of customers and damage to the company’s reputation in the market.
Which of the following should the company implement to address the risk of system unavailability?

User and entity behavior analytics

Redundant reporting systems

A self-healing system

Application controls

Q268. An organization is concerned that its hosted web servers are not running the most updated version of software. Which of the following would work BEST to help identify potential vulnerabilities?

hping3 -S comptia.org -p 80

nc -1 -v comptia.org -p 80

nmap comptia.org -p 80 -sV

nslookup -port=80 comptia.org

Q269. A company is preparing to deploy a global service.
Which of the following must the company do to ensure GDPR compliance? (Choose two.)

Inform users regarding what data is stored.

Provide opt-in/out for marketing messages.

Provide data deletion capabilities.

Provide optional data encryption.

Grant data access to third parties.

Provide alternative authentication techniques.

Q270. An organization’s hunt team thinks a persistent threats exists and already has a foothold in the enterprise network.
Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?

Deploy a SOAR tool.

Modify user password history and length requirements.

Apply new isolation and segmentation schemes.

Implement decoy files on adjacent hosts.

Q271. An organization’s assessment of a third-party, non-critical vendor reveals that the vendor does not have cybersecurity insurance and IT staff turnover is high. The organization uses the vendor to move customer office equipment from one service location to another. The vendor acquires customer data and access to the business via an API.
Given this information, which of the following is a noted risk?

Feature delay due to extended software development cycles

Financial liability from a vendor data breach

Technical impact to the API configuration

The possibility of the vendor’s business ceasing operations

Q272. A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following:

The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:

Which of the following is an appropriate security control the company should implement?

Restrict directory permission to read-only access.

Use server-side processing to avoid XSS vulnerabilities in path input.

Separate the items in the system call to prevent command injection.

Parameterize a query in the path variable to prevent SQL injection.

Q273. A security auditor needs to review the manner in which an entertainment device operates. The auditor is analyzing the output of a port scanning tool to determine the next steps in the security review. Given the following log output.
The best option for the auditor to use NEXT is:

A SCAP assessment.

Reverse engineering

Fuzzing

Network interception.

Q274. A security is assisting the marketing department with ensuring the security of the organization’s social media platforms. The two main concerns are:
The Chief marketing officer (CMO) email is being used department wide as the username The password has been shared within the department Which of the following controls would be BEST for the analyst to recommend?

Configure MFA for all users to decrease their reliance on other authentication.

Have periodic, scheduled reviews to determine which OAuth configuration are set for each media platform.

Create multiple social media accounts for all marketing user to separate their actions.

Ensue the password being shared is sufficiently and not written down anywhere.

Q275. A security analyst at a global financial firm was reviewing the design of a cloud-based system to identify opportunities to improve the security of the architecture. The system was recently involved in a data breach after a vulnerability was exploited within a virtual machine’s operating system. The analyst observed the VPC in which the system was located was not peered with the security VPC that contained the centralized vulnerability scanner due to the cloud provider’s limitations. Which of the following is the BEST course of action to help prevent this situation m the near future?

Establish cross-account trusts to connect all VPCs via API for secure configuration scanning.

Migrate the system to another larger, top-tier cloud provider and leverage the additional VPC peering flexibility.

Implement a centralized network gateway to bridge network traffic between all VPCs.

Enable VPC traffic mirroring for all VPCs and aggregate the data for threat detection.

Q276. An attacker infiltrated an electricity-generation site and disabled the safety instrumented system. Ransomware was also deployed on the engineering workstation. The environment has back-to-back firewalls separating the corporate and OT systems. Which of the following is the MOST likely security consequence of this attack?

A turbine would overheat and cause physical harm.

The engineers would need to go to the historian.

The SCADA equipment could not be maintained.

Data would be exfiltrated through the data diodes.

Q277. An organization is deploying a new, online digital bank and needs to ensure availability and performance. The cloud-based architecture is deployed using PaaS and SaaS solutions, and it was designed with the following considerations:
– Protection from DoS attacks against its infrastructure and web applications is in place.
– Highly available and distributed DNS is implemented.
– Static content is cached in the CDN.
– A WAF is deployed inline and is in block mode.
– Multiple public clouds are utilized in an active-passive architecture.
With the above controls in place, the bank is experiencing a slowdown on the unauthenticated payments page.
Which of the following is the MOST likely cause?

The public cloud provider is applying QoS to the inbound customer traffic.

The API gateway endpoints are being directly targeted.

The site is experiencing a brute-force credential attack.

A DDoS attack is targeted at the CDN.

Q278. An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Which of the following is MOST likely the root cause?

The client application is testing PFS.

The client application is configured to use ECDHE.

The client application is configured to use RC4.

The client application is configured to use AES-256 in GCM.

Q279. An organization requires a contractual document that includes
* An overview of what is covered
* Goals and objectives
* Performance metrics for each party
* A review of how the agreement is managed by all parties
Which of the following BEST describes this type of contractual document?

SLA

BAA

NDA

ISA

Q280. An administrator at a software development company would like to protect the integrity Of the company’s applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however,
is working properly on the website, is valid, and is issued by a trusted CA. Which of the following is MOST likely the cause of the signature failing?

The NTP server is set incorrectly for the developers.

The CA has included the certificate in its CRL_

The certificate is set for the wrong key usage.

Each application is missing a SAN or wildcard entry on the certificate.