CompTIA CASP CAS-004 Updated Exam

Page: 4 / 42

Question 16

A security analyst is designing a touch screen device so users can gain entry into a locked room by touching buttons numbered zero through nine in a specific numerical sequence. The analyst designs the keypad so that the numbers are randomly presented to the user each time the device is used. Which of the following best describes the design trade-offs? (Select two.)

Options:

The risk of someone overseeing a pattern as a user enters the numbers is decreased.

The routines to generate the random sequences are trivial to implement.

This design makes entering numbers more difficult for users.

The device needs to have additional power to compute the numbers.

End users will have a more difficult time remembering the access numbers.

Weak or easily guessed access numbers are more likely.

Question 17

During the development process, the team identifies major components that need to be rewritten. As a result, the company hires a security consultant to help address major process issues. Which of the following should the consultant recommend to best prevent these issues from reoccurring in the future?

Options:

Implementing a static analysis tool within the CI/CD system

Configuring a dynamic application security testing tool

Performing software composition analysis on all third-party components

Utilizing a risk-based threat modeling approach on new projects

Setting up an interactive application security testing tool

Question 18

The principal security analyst for a global manufacturer is investigating a security incident related to abnormal behavior in the ICS network. A controller was restarted as part of the troubleshooting process, and the following issue was identified when the controller was restarted:

During the investigation, this modified firmware version was identified on several other controllers at the site. The official vendor firmware versions do not have this checksum. Which of the following stages of the MITRE ATT&CK framework for ICS includes this technique?

Options:

Evasion

Persistence

Collection

Lateral movement

Question 19

A financial institution generates a list of newly created accounts and sensitive information on a daily basis. The financial institution then sends out a file containing thousands of lines of data. Which of the following would be the best way to reduce the risk of a malicious insider making changes to the file that could go undetected?

Options:

Write a SIEM rule that generates a critical alert when files are created on the application server.

Implement a FIM that automatically generates alerts when the file is accessed by IP addresses that are not associated with the application.

Create a script that compares the size of the file on an hourly basis and generates alerts when changes are identified.

Tune the rules on the host-based IDS for the application server to trigger automated alerts when the application server is accessed from the internet.