CAS-004 Exam Questions

Total 196 Questions

Last Updated Exam : 16-Dec-2024

A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized  endpoints. The requirement also states that a DLP solution within the environment must be
used to control the data from leaving the environment.
Which of the following should be implemented for privileged users so they can support the
environment from their workstations while remaining compliant?


A.

NAC to control authorized endpoints


B.

FIM on the servers storing the data


C.

A jump box in the screened subnet


D.

A general VPN solution to the primary network





D.
  

A general VPN solution to the primary network



An organization recently experienced a ransomware attack. The security team leader is
concerned about the attack reoccurring. However, no further security measures have been
implemented.
Which of the following processes can be used to identify potential prevention
recommendations?


A.

Detection


B.

Remediation


C.

Preparation


D.

Recovery





A.
  

Detection



A financial services company wants to migrate its email services from on-premises servers
to a cloud-based email solution. The Chief information Security Officer (CISO) must brief
board of directors on the potential security concerns related to this migration. The board is
concerned about the following.
* Transactions being required by unauthorized individual
* Complete discretion regarding client names, account numbers, and investment
information.
* Malicious attacker using email to distribute malware and ransom ware.
* Exfiltration of sensitivity company information.
The cloud-based email solution will provide an6-malware, reputation-based scanning,
signature-based scanning, and sandboxing. Which of the following is the BEST option to
resolve the board’s concerns for this email migration?


A.

Data loss prevention


B.

Endpoint detection response


C.

SSL VPN


D.

Application whitelisting





A.
  

Data loss prevention



The Chief information Officer (CIO) wants to establish a non-banding agreement with a
third party that outlines the objectives of the mutual arrangement dealing with data
transfers between both organizations before establishing a format partnership. Which of the
follow would MOST likely be used?


A.

MOU


B.

OLA


C.

NDA


D.

SLA





A.
  

MOU



An organization developed a social media application that is used by customers in multiple
remote geographic locations around the world. The organization’s headquarters and only
datacenter are located in New York City. The Chief Information Security Officer wants to
ensure the following requirements are met for the social media application:
Low latency for all mobile users to improve the users’ experience
SSL offloading to improve web server performance
Protection against DoS and DDoS attacks
High availability


A.

A cache server farm in its datacenter


B.

A load-balanced group of reverse proxy servers with SSL acceleration


C.

A CDN with the origin set to its datacenter


D.

Dual gigabit-speed Internet connections with managed DDoS prevention





B.
  

A load-balanced group of reverse proxy servers with SSL acceleration



A home automation company just purchased and installed tools for its SOC to enable
incident identification and response on software the company develops. The company
would like to prioritize defenses against the following attack scenarios:
Unauthorized insertions into application development environments
Authorized insiders making unauthorized changes to environment configurations
Which of the following actions will enable the data feeds needed to detect these types of
attacks on development environments? (Choose two.)


A.

Perform static code analysis of committed code and generate summary reports.


B.

Implement an XML gateway and monitor for policy violations.


C.

Monitor dependency management tools and report on susceptible third-party libraries.


D.

Install an IDS on the development subnet and passively monitor for vulnerable services.


E.

Model user behavior and monitor for deviations from normal.


F.

Continuously monitor code commits to repositories and generate summary logs.





C.
  

Monitor dependency management tools and report on susceptible third-party libraries.



D.
  

Install an IDS on the development subnet and passively monitor for vulnerable services.



A company’s SOC has received threat intelligence about an active campaign utilizing a
specific vulnerability. The company would like to determine whether it is vulnerable to this
active campaign.
Which of the following should the company use to make this determination?


A.

Threat hunting


B.

 A system penetration test


C.

Log analysis within the SIEM tool


D.

The Cyber Kill Chain





B.
  

 A system penetration test




An organization is planning for disaster recovery and continuity of operations.
INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected
host.
After associating scenario 3 with the appropriate host(s), click the host to select the
appropriate corrective action for that finding.
Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simulation, please click the
Reset All button.






A Chief information Security Officer (CISO) has launched to create a rebuts BCP/DR plan
for the entire company. As part of the initiative , the security team must gather data
supporting s operational importance for the applications used by the business and
determine the order in which the application must be back online. Which of the following be
the FIRST step taken by the team?


A.

Perform a review of all policies an procedures related to BGP a and DR and created an
educated educational module that can be assigned to at employees to provide training on
BCP/DR events.


B.

Create an SLA for each application that states when the application will come back
online and distribute this information to the business units.


C.

Have each business unit conduct a BIA and categories the application according to the
cumulative data gathered.


D.

Implement replication of all servers and application data to back up detacenters that are
geographically from the central datacenter and release an upload BPA to all clients.





C.
  

Have each business unit conduct a BIA and categories the application according to the
cumulative data gathered.



A company is preparing to deploy a global service.
Which of the following must the company do to ensure GDPR compliance? (Choose two.)


A.

Inform users regarding what data is stored.


B.

Provide opt-in/out for marketing messages.


C.

Provide data deletion capabilities.


D.

Provide optional data encryption.


E.

Grant data access to third parties.


F.

Provide alternative authentication techniques.





A.
  

Inform users regarding what data is stored.



B.
  

Provide opt-in/out for marketing messages.




Page 2 out of 20 Pages
Previous