CAS-004 exam

An application developer is including third-party background security fixes in an application. The fixes seem to resolve a currently identified security issue. However, when the application is released to the public, report come In that a previously vulnerability has returned . Which of the following should the developer integrate into...

A small business requires a low-cost approach to theft detection for the audio recordings it produces and sells. Which of the following techniques will MOST likely meet the business’s needs?A . Performing deep-packet inspection of all digital audio filesB . Adding identifying filesystem metadata to the digital audio filesC ....

A company’s claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee’s laptop when was opened.A . Impalement application whitelisting and...

An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following: Unstructured data being exfiltrated after an employee leaves the...

Due to locality and budget constraints, an organization’s satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not...

A security analyst is investigating a series of suspicious emails by employees to the security team. The email appear to come from a current business partner and do not contain images or URLs. No images or URLs were stripped from the message by the security tools the company uses instead,...

The Chief information Officer (CIO) asks the system administrator to improve email security at the company based on the following requirements: * Transaction being requested by unauthorized individuals. * Complete discretion regarding client names, account numbers, and investment information. * Malicious attackers using email to malware and ransomeware. * Exfiltration...

Over the last 90 days, many storage services has been exposed in the cloud services environments, and the security team does not have the ability to see is creating these instance. Shadow IT is creating data services and instances faster than the small security team can keep up with them....

A security analyst notices a number of SIEM events that show the following activity: Which of the following response actions should the analyst take FIRST?A . Disable powershell.exe on all Microsoft Windows endpoints.B . Restart Microsoft Windows Defender.C . Configure the forward proxy to block 40.90.23.154.D . Disable local administrator...

A developer implement the following code snippet. Which of the following vulnerabilities does the code snippet resolve?A . SQL injectB . Buffer overflowC . Missing session limitD . Information leakageView AnswerAnswer: D