CompTIA CAS-004 시험

Question No : 1

A company that all mobile devices be encrypted, commensurate with the full disk encryption scheme of assets, such as workstation, servers, and laptops.
Which of the following will MOST likely be a limiting factor when selecting mobile device managers for the company?

• A.Increased network latency
• B.Unavailable of key escrow
• C.Inability to selected AES-256 encryption
• D.Removal of user authentication requirements

답을 확인하기

정답:
Explanation:
The inability to select AES-256 encryption will most likely be a limiting factor when selecting mobile device managers for the company. AES-256 is a symmetric encryption algorithm that uses a 256-bit key to encrypt and decrypt data. It is considered one of the strongest encryption methods available and is widely used for securing sensitive data. Mobile device managers are software applications that allow administrators to remotely manage and secure mobile devices used by employees. However, not all mobile device managers may support AES-256 encryption or allow the company to enforce it as a policy on all mobile devices.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://searchmobilecomputing.techtarget.com/definition/mobile-device-management

Question No : 2

The Chief information Officer (CIO) asks the system administrator to improve email security at the company based on the following requirements:
* Transaction being requested by unauthorized individuals.
* Complete discretion regarding client names, account numbers, and investment information.
* Malicious attackers using email to malware and ransomeware.
* Exfiltration of sensitive company information.
The cloud-based email solution will provide anti-malware reputation-based scanning, signature-based scanning, and sandboxing.
Which of the following is the BEST option to resolve the boar’s concerns for this email migration?

• A.Data loss prevention
• B.Endpoint detection response
• C.SSL VPN
• D.Application whitelisting

답을 확인하기

정답:
Explanation:
Data loss prevention (DLP) is the best option to resolve the board’s concerns for this email migration. DLP is a set of tools and policies that aim to prevent unauthorized access, disclosure, or exfiltration of sensitive data. DLP can monitor, filter, encrypt, or block email messages based on predefined rules and criteria, such as content, sender, recipient, attachment, etc. DLP can help protect transactions, customer data, and company information from being compromised by malicious actors or accidental leaks.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.csoonline.com/article/3245746/what-is-dlp-data-loss-prevention-and-how-does-it-work.html

Question No : 3

A security engineer at a company is designing a system to mitigate recent setbacks caused competitors that are beating the company to market with the new products. Several of the products incorporate propriety enhancements developed by the engineer’s company. The network already includes a SEIM and a NIPS and requires 2FA for all user access.
Which of the following system should the engineer consider NEXT to mitigate the associated risks?

• A.DLP
• B.Mail gateway
• C.Data flow enforcement
• D.UTM

답을 확인하기

정답:
Explanation:
A DLP system is the best option for the company to mitigate the risk of losing its proprietary enhancements to competitors. DLP stands for data loss prevention, which is a set of tools and policies that aim to prevent unauthorized access, disclosure, or exfiltration of sensitive data. DLP can monitor, filter, encrypt, or block data transfers based on predefined rules and criteria, such as content, source, destination, etc. DLP can help protect the company’s intellectual property and trade secrets from being compromised by malicious actors or accidental leaks.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.csoonline.com/article/3245746/what-is-dlp-data-loss-prevention-and-how-does-it-work.html

Question No : 4

A security is assisting the marketing department with ensuring the security of the organization’s social media platforms.
The two main concerns are:
The Chief marketing officer (CMO) email is being used department wide as the username
The password has been shared within the department
Which of the following controls would be BEST for the analyst to recommend?

• A.Configure MFA for all users to decrease their reliance on other authentication.
• B.Have periodic, scheduled reviews to determine which OAuth configuration are set for each media platform.
• C.Create multiple social media accounts for all marketing user to separate their actions.
• D.Ensue the password being shared is sufficiently and not written down anywhere.

답을 확인하기

정답:
Explanation:
Configuring MFA for all users to decrease their reliance on other authentication is the best option to improve email security at the company. MFA stands for multi-factor authentication, which is a method of verifying a user’s identity by requiring two or more factors, such as something the user knows (e.g., password), something the user has (e.g., token), or something the user is (e.g., biometric). MFA can prevent unauthorized access to email accounts even if the username or password is compromised or shared.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.csoonline.com/article/3239144/what-is-mfa-how-multi-factor-authentication-works.html

Question No : 5

A small company needs to reduce its operating costs. vendors have proposed solutions, which all focus on management of the company’s website and services. The Chief information Security Officer (CISO) insist all available resources in the proposal must be dedicated, but managing a private cloud is not an option.
Which of the following is the BEST solution for this company?

• A.Community cloud service model
• B.Multinency SaaS
• C.Single-tenancy SaaS
• D.On-premises cloud service model

답을 확인하기

정답:
Explanation:
A single-tenancy SaaS solution is the best solution for this company. SaaS stands for software as a service, which is a cloud-based model that allows customers to access applications hosted by a provider over the internet. A single-tenancy SaaS solution means that the company has its own dedicated instance of the application and its underlying infrastructure, which offers more control, customization, and security than a multi-tenancy SaaS solution where multiple customers share the same resources. A single-tenancy SaaS solution also eliminates the need for managing a private cloud or an on-premises infrastructure.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.ibm.com/cloud/learn/saas

Question No : 6

Which of the following BEST sets expectation between the security team and business units within an organization?

• A.Risk assessment
• B.Memorandum of understanding
• C.Business impact analysis
• D.Business partnership agreement
• E.Services level agreement

답을 확인하기

정답:
Explanation:
A service level agreement (SLA) is the best option to set expectations between the security team and business units within an organization. An SLA is a document that defines the scope, quality, roles, responsibilities, and metrics of a service provided by one party to another. An SLA can help align the security team’s objectives and activities with the business units’ needs and expectations, as well as establish accountability and communication channels.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://searchitchannel.techtarget.com/definition/service-level-agreement

Question No : 7

A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration.
The board is concerned about the following.
* Transactions being required by unauthorized individual
* Complete discretion regarding client names, account numbers, and investment information.
* Malicious attacker using email to distribute malware and ransom ware.
* Exfiltration of sensitivity company information.
The cloud-based email solution will provide an6-malware, reputation-based scanning, signature-based scanning, and sandboxing.
Which of the following is the BEST option to resolve the board’s concerns for this email migration?

• A.Data loss prevention
• B.Endpoint detection response
• C.SSL VPN
• D.Application whitelisting

답을 확인하기

정답:
Explanation:
Data loss prevention (DLP) is the best option to resolve the board’s concerns for this email migration. DLP is a set of tools and policies that aim to prevent unauthorized access, disclosure, or exfiltration of sensitive data. DLP can monitor, filter, encrypt, or block email messages based on predefined rules and criteria, such as content, sender, recipient, attachment, etc. DLP can help protect transactions, customer data, and company information from being compromised by malicious actors or accidental leaks.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.csoonline.com/article/3245746/what-is-dlp-data-loss-prevention-and-how-does-it-work.html

Question No : 8

A security analyst is investigating a series of suspicious emails by employees to the security team. The email appear to come from a current business partner and do not contain images or URLs. No images or URLs were stripped from the message by the security tools the company uses instead, the emails only include the following in plain text.



Which of the following should the security analyst perform?

• A.Contact the security department at the business partner and alert them to the email event.
• B.Block the IP address for the business partner at the perimeter firewall.
• C.Pull the devices of the affected employees from the network in case they are infected with a zero-day virus.
• D.Configure the email gateway to automatically quarantine all messages originating from the business partner.

답을 확인하기

정답:
Explanation:
The best option for the security analyst to perform is to contact the security department at the business partner and alert them to the email event. The email appears to be a phishing attempt that tries to trick the employees into revealing their login credentials by impersonating a legitimate sender. The security department at the business partner should be notified so they can investigate the source and scope of the attack and take appropriate actions to protect their systems and users.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://us-cert.cisa.gov/ncas/tips/ST04-014

Question No : 9

A developer implement the following code snippet.



Which of the following vulnerabilities does the code snippet resolve?

• A.SQL inject
• B.Buffer overflow
• C.Missing session limit
• D.Information leakage

답을 확인하기

정답:
Explanation:
SQL injection is a type of vulnerability that allows an attacker to execute malicious SQL commands on a database by inserting them into an input field. The code snippet resolves this vulnerability by using parameterized queries, which prevent the input from being interpreted as part of the SQL command.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://owasp.org/www-community/attacks/SQL_Injection

Question No : 10

A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information.
Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

• A.Hybrid IaaS solution in a single-tenancy cloud
• B.Pass solution in a multinency cloud
• C.SaaS solution in a community cloud
• D.Private SaaS solution in a single tenancy cloud.

답을 확인하기

정답:
Explanation:
A hybrid IaaS solution in a single-tenancy cloud is the best option for the company to meet the computing demand while complying with healthcare standards for virtualization and cloud computing. A hybrid IaaS solution allows the company to use both on-premises and cloud-based resources to scale up its capacity and performance. A single-tenancy cloud ensures that the company’s data and applications are isolated from other customers and have dedicated resources and security controls.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.hhs.gov/hipaa/for-professionals/special-topics/cloud-computing/index.html

Question No : 11

A company requires a task to be carried by more than one person concurrently.
This is an example of:

• A.separation of d duties.
• B.dual control
• C.least privilege
• D.job rotation

답을 확인하기

정답:
Explanation:
Dual control is a security principle that requires two or more authorized individuals to perform a task concurrently. This reduces the risk of fraud, error, or misuse of sensitive assets or information.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/using-dual-control-to-mitigate-risk

Question No : 12

Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights.
Which of the following documents will MOST likely contain these elements

• A.Company A-B SLA v2.docx
• B.Company A OLA v1b.docx
• C.Company A MSA v3.docx
• D.Company A MOU v1.docx
• E.Company A-B NDA v03.docx

답을 확인하기

정답:
Explanation:
A MSA stands for master service agreement, which is a document that covers the general terms and conditions of a contractual relationship between two parties. It usually includes payment terms, limitation of liability, intellectual property rights, dispute resolution, and other clauses that apply to all services provided by one party to another.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.upcounsel.com/master-service-agreement

Question No : 13

The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties.
Which of the following should be implemented to BEST manage the risk?

• A.Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier’s post-contract renewal with a dedicated risk management team.
• B.Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference.
• C.Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management.
• D.Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier’s rating. Report finding units that rely on the suppliers and the various risk teams.

답을 확인하기

정답:
Explanation:
A governance program that rates suppliers based on their access to data, the type of data, and how they access the data is the best way to manage the risk of handling and security of customer data by third parties. This allows the company to assign key controls that are reviewed and managed based on the supplier’s rating and report findings to the relevant units and risk teams.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/third-party-risk-management

Question No : 14

A threat analyst notices the following URL while going through the HTTP logs.



Which of the following attack types is the threat analyst seeing?

• A.SQL injection
• B.CSRF
• C.Session hijacking
• D.XSS

답을 확인하기

정답:
Explanation:
XSS stands for cross-site scripting, which is a type of attack that injects malicious code into a web page that is then executed by the browser of a victim. The URL in the question contains a script tag that tries to execute a JavaScript code from an external source, which is a sign of XSS.
Verified Reference:
https://www.comptia.org/training/books/casp-cas-004-study-guide, https://owasp.org/www-community/attacks/xss/

Question No : 15

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP.
Block is an except of output from the troubleshooting session:



Which of the following BEST explains why secure LDAP is not working? (Select TWO.)

• A.The clients may not trust idapt by default.
• B.The secure LDAP service is not started, so no connections can be made.
• C.Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.
• D.Secure LDAP should be running on UDP rather than TC
• E.The company is using the wrong port. It should be using port 389 for secure LDA
• F.Secure LDAP does not support wildcard certificates.
• G.The clients may not trust Chicago by default.

답을 확인하기

정답:
Explanation:
The clients may not trust idapt by default because it is a self-signed certificate authority that is not in the trusted root store of the clients. Secure LDAP does not support wildcard certificates because they do not match the fully qualified domain name of the server.
Verified Reference:
https://www.professormesser.com/security-plus/sy0-401/ldap-and-secure-ldap/, https://www.comptia.org/training/books/casp-cas-004-study-guide