CompTIA CAS-004 Online Practice Questions and Exam Preparation

CompTIA CAS-004 Online Questions & Answers

• Question 281:

  An HVAC contractor requested network connectivity permission to remotely support/troubleshoot equipment issues at a company location. Currently, the company does not have a process that allows vendors remote access to the corporate network.

  Which of the following solutions represents the BEST course of action to allow the contractor access?

  A. Add the vendor's equipment to the existing network Give the vendor access through the standard corporate VPN
  B. Give the vendor a standard desktop PC to attach the equipment to Give the vendor access through the standard corporate VPN
  C. Establish a certification process for the vendor Allow certified vendors access to the VDI to monitor and maintain the HVAC equipment
  D. Create a dedicated segment with no access to the corporate network Implement dedicated VPN hardware for vendor access
  D. Create a dedicated segment with no access to the corporate network Implement dedicated VPN hardware for vendor access

  ---

  Explanation

• Question 282:

  Which of the following is used to assess compliance with internal and external requirements?

  A. RACI matrix
  B. Audit report
  C. After-action report
  D. Business continuity plan
  B. Audit report

  ---

  Explanation

  https://reciprocity.com/a-guide-to-completing-an-internal-audit-for-compliance-management/#:~:text=Compliance%20audit.,a%20policy%20or%20statutory%20requirement

• Question 283:

  When implementing serverless computing an organization must still account for:

  A. the underlying computing network infrastructure
  B. hardware compatibility
  C. the security of its data
  D. patching the service
  C. the security of its data

  ---

  Explanation

  While serverless computing abstracts the infrastructure layer from developers, organizations must still ensure the security of their data in the serverless environment. This includes protecting the data from unauthorized access and ensuring data privacy and integrity. Serverless architectures can be complex, and understanding the security model and shared responsibility is essential for safeguarding applications and services.

• Question 284:

  The management team at a company with a large, aging server environment is conducting a server risk assessment in order to create a replacement strategy. The replacement strategy will be based upon the likelihood a server will fail,

  regardless of the criticality of the application running on a particular server.

  Which of the following should be used to prioritize the server replacements?

  A. SLE
  B. MTTR
  C. TCO
  D. MTBF
  E. MSA
  D. MTBF

  ---

  Explanation

  To prioritize server replacements based on the likelihood of failure, the MTBF (Mean Time Between Failures) metric is most appropriate. MTBF provides a measure of the average time a server or system is expected to operate before experiencing failure. This allows the management team to assess which servers are more likely to fail soon, irrespective of the application criticality, and thus should be replaced first. CASP+ highlights the use of MTBF in hardware lifecycle management and risk assessments.

  References: CASP+ CAS-004 Exam Objectives: Domain 1.0 Risk Management (MTBF in Hardware Lifecycle) CompTIA CASP+ Study Guide: Server Risk Assessments Using MTBF and Reliability Metrics

• Question 285:

  A digital forensics expert has obtained an ARM binary suspected of including malicious behavior. The expert would like to trace and analyze the ARM binary's execution. Which of the following tools would BEST support this effort?

  A. objdump
  B. OllyDbg
  C. FTK Imager
  D. Ghidra
  D. Ghidra

  ---

  Explanation

• Question 286:

  A company wants to use a process to embed a sign of ownership covertly inside a proprietary document without adding any identifying attributes. Which of the following would be BEST to use as part of the process to support copyright protections of the document?

  A. Steganography
  B. E-signature
  C. Watermarking
  D. Cryptography
  A. Steganography

  ---

  Explanation

• Question 287:

  An organization relies heavily on third-party mobile applications for official use within a BYOD deployment scheme An excerpt from an approved text-based-chat client application AndroidManifest xml is as follows:

  

  Which of the following would restrict application permissions while minimizing the impact to normal device operations?

  A. Add the application to the enterprise mobile whitelist.
  B. Use the MDM to disable the devices' recording microphones and SMS.
  C. Wrap the application before deployment.
  D. Install the application outside of the corporate container.
  B. Use the MDM to disable the devices' recording microphones and SMS.

  ---

  Explanation

• Question 288:

  A security analyst is reviewing an endpoint that was found to have a rookit installed. The rootkit survived multiple attempts to clean the endpoints, as well as an attempt to reinstall the QS. The security analyst needs to implement a method to prevent other endpoint from having similar issues. Which of the following would BEST accomplish this objective?

  A. Utilize measured boot attestation.
  B. Enforce the secure boot process.
  C. Reset the motherboard's TPM chip.
  D. Reinstall the OS with known-good media.
  E. Configure custom anti-malware rules.
  A. Utilize measured boot attestation.

  ---

  Explanation

• Question 289:

  HOTSPOT

  A product development team has submitted code snippets for review prior to release.

  INSTRUCTIONS

  Analyze the code snippets, and then select one vulnerability, and one fix for each code snippet.

  If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  Code Snippet 1

  

  Code Snippet 2

  

  

  

  Explanation

  1: The potential vulnerability here is not about SQL injection but about the direct use of a user-provided userid without verifying whether the user is authorized to view or interact with the specified user ID, which leads to Insecure Direct Object

  References (IDOR).

  2: There is no evidence in the provided code of credentials being passed or an "authenticated" value being present or checked. The vulnerability here is not related to credential handling but to the execution of potentially unsafe commands.

• Question 290:

  A technician accidentally deleted the secret key that was corresponding to the public key pinned to a busy online magazine. To remedy the situation, the technician obtained a new certificate with a different key. However, paying subscribers

  were locked out of the website until the key-pinning policy expired.

  Which of the following alternatives should the technician adopt to prevent a similar issue in the future?

  A. Registration authority
  B. Certificate revocation list
  C. Client authentication
  D. Certificate authority authorization
  D. Certificate authority authorization

  ---

  Explanation

  Certificate Authority Authorization (CAA) is not listed directly in the provided options, but it is a relevant mechanism in the context of managing certificates and preventing issues similar to the one described. However, based on the available choices, the Online Certificate Status Protocol (OCSP) comes closest to providing a viable solution. OCSP allows for real-time validation of a certificate's revocation status, which could mitigate the issue of users being locked out due to key pinning policies. It is a more modern and efficient alternative to Certificate Revocation Lists (CRLs), offering faster and more reliable certificate status checks. By implementing OCSP, the technician could ensure that clients receive timely updates on the revocation status of certificates, potentially avoiding the downtime caused by the key-pinning policy awaiting expiration.