Summer Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dealsixty

CAS-004 Exam Dumps - CompTIA CASP Questions and Answers

Question # 19

The Chief Security Officer (CSO) requested the security team implement technical controls that meet the following requirements:

* Monitors traffic to and from both local NAS and cloud-based file repositories

* Prevents on-site staff who are accessing sensitive customer Pll documents on file repositories from accidentally or deliberately sharing sensitive documents on personal Saa$S solutions

* Uses document attributes to reduce false positives

* Is agentless and not installed on staff desktops or laptops

Which of the following when installed and configured would BEST meet the CSO's requirements? (Select TWO).

Options:

A.

DLP

B.

NGFW

C.

UTM

D.

UEBA

E.

CASB

F.

HIPS

Buy Now
Question # 20

A security analyst is evaluating all third-party software an organization uses. The analyst discovers that each department is violating the organization's policy by provisioning access to SaaS products without oversight from the security group and without using a centralized access control methodology. Which of the following should the organization use to enforce its SaaS product access requirements?

Options:

A.

SLDAP

B.

SAML

C.

VDI

D.

TACACS

Buy Now
Question # 21

A small business requires a low-cost approach to theft detection for the audio recordings it produces and sells.

Which of the following techniques will MOST likely meet the business’s needs?

Options:

A.

Performing deep-packet inspection of all digital audio files

B.

Adding identifying filesystem metadata to the digital audio files

C.

Implementing steganography

D.

Purchasing and installing a DRM suite

Buy Now
Question # 22

An organization is running its e-commerce site in the cloud. The capacity is sufficient to meet the organization's needs throughout most of the year, except during the holidays when the organization plans to introduce a new line of products and expects an increase in traffic. The organization is not sure how well its products will be received. To address this issue, the organization needs to ensure that:

* System capacity is optimized.

* Cost is reduced.

Which of the following should be implemented to address these requirements? (Select TWO).

Options:

A.

Containerization

B.

Load balancer

C.

Microsegmentation

D.

Autoscaling

E.

CDN

F.

WAF

Buy Now
Question # 23

Device event logs sources from MDM software as follows:

Which of the following security concerns and response actions would BEST address the risks posed by the device in the logs?

Options:

A.

Malicious installation of an application; change the MDM configuration to remove application ID 1220.

B.

Resource leak; recover the device for analysis and clean up the local storage.

C.

Impossible travel; disable the device’s account and access while investigating.

D.

Falsified status reporting; remotely wipe the device.

Buy Now
Question # 24

Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?

Options:

A.

Key sharing

B.

Key distribution

C.

Key recovery

D.

Key escrow

Buy Now
Question # 25

An organization’s hunt team thinks a persistent threats exists and already has a foothold in the enterprise network.

Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?

Options:

A.

Deploy a SOAR tool.

B.

Modify user password history and length requirements.

C.

Apply new isolation and segmentation schemes.

D.

Implement decoy files on adjacent hosts.

Buy Now
Question # 26

A network administrator for a completely air-gapped and closed system has noticed that anomalous external files have been uploaded to one of the critical servers. The administrator has reviewed logs

in the SIEM that were collected from security appliances, network infrastructure devices, and endpoints. Which of the following processes, if executed, would be MOST likely to expose an attacker?

Options:

A.

Reviewing video from IP cameras within the facility

B.

Reconfiguring the SIEM connectors to collect data from the perimeter network hosts

C.

Implementing integrity checks on endpoint computing devices

D.

Looking for privileged credential reuse on the network

Buy Now
Question # 27

A security consultant is designing an infrastructure security solution for a client company that has provided the following requirements:

• Access to critical web services at the edge must be redundant and highly available.

• Secure access services must be resilient to a proprietary zero-day vulnerability in a single component.

• Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff.

Which of the following solutions BEST meets these requirements?

Options:

A.

Implementation of multiple IPSec VPN solutions with diverse endpoint configurations enabling user optionality in the selection of a remote access provider

B.

Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks.

C.

Two separate secure access solutions orchestrated by SOAR with components provided by the same vendor for compatibility.

D.

Reverse TLS proxy configuration using OpenVPN/OpenSSL with scripted failover functionality that connects critical web services out to endpoint computers.

Buy Now
Question # 28

A local university that has a global footprint is undertaking a complete overhaul of its website and associated systems. Some of the requirements are:

• Handle an increase in customer demand of resources

• Provide quick and easy access to information

• Provide high-quality streaming media

• Create a user-friendly interface

Which of the following actions should be taken FIRST?

Options:

A.

Deploy high-availability web servers.

B.

Enhance network access controls.

C.

Implement a content delivery network.

D.

Migrate to a virtualized environment.

Buy Now
Question # 29

An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access.

Which of the following describes the administrator’s discovery?

Options:

A.

A vulnerability

B.

A threat

C.

A breach

D.

A risk

Buy Now
Question # 30

A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away.

Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

Options:

A.

Scan the code with a static code analyzer, change privileged user passwords, and provide security training.

B.

Change privileged usernames, review the OS logs, and deploy hardware tokens.

C.

Implement MFA, review the application logs, and deploy a WAF.

D.

Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.

Buy Now
Question # 31

A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badgeto access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field.

Which of the following should the security team recommend FIRST?

Options:

A.

Investigating a potential threat identified in logs related to the identity management system

B.

Updating the identity management system to use discretionary access control

C.

Beginning research on two-factor authentication to later introduce into the identity management system

D.

Working with procurement and creating a requirements document to select a new IAM system/vendor

Buy Now
Question # 32

A security engineer is concerned about the threat of side-channel attacks The company experienced a past attack that degraded parts of a SCADA system, causing a fluctuation to 20,000rpm from its normal operating range As a result, the part deteriorated more quickly than the mean time to failure A further investigation revealed the attacker was able to determine the acceptable rpm range, and the malware would then fluctuate the rpm until the pan failed Which of the following solutions would be best to prevent a side-channel attack in the future?

Options:

A.

Installing online hardware sensors

B.

Air gapping important ICS and machines

C.

Implementing a HIDS

D.

Installing a SIEM agent on the endpoint

Buy Now
Question # 33

Which of the following describes how a risk assessment is performed when an organization has a critical vendor that provides multiple products?

Options:

A.

At the individual product level

B.

Through the selection of a random product

C.

Using a third-party audit report

D.

By choosing a major product

Buy Now
Exam Code: CAS-004
Exam Name: CompTIA SecurityX Certification Exam
Last Update: Apr 25, 2025
Questions: 571
CAS-004 pdf

CAS-004 PDF

$34  $84.99
CAS-004 Engine

CAS-004 Testing Engine

$38  $94.99
CAS-004 PDF + Engine

CAS-004 PDF + Testing Engine

$54  $134.99