Which of the following should be established when configuring a mobile device to protect user internet privacy, to ensure the connection is encrypted, and to keep user activity hidden? (Choose two.)
A. Proxy
B. Tunneling
C. VDI
D. MDM
E. RDP
F. MAC address randomization
An employee's device was missing for 96 hours before being reported. The employee called the help desk to ask for another device. Which of the following phases of the incident response cycle needs improvement?
A. Containment
B. Preparation
C. Resolution
D. Investigation
A security architect must mitigate the risks from what is suspected to be an exposed, private cryptographic key. Which of the following is the BEST step to take?
A. Revoke the certificate.
B. Inform all the users of the certificate.
C. Contact the company's Chief Information Security Officer.
D. Disable the website using the suspected certificate.
E. Alert the root CA.
Which of the following is the primary reason that a risk practitioner determines the security boundary prior to conducting a risk assessment?
A. To determine the scope of the risk assessment
B. To determine the business owner(s) of the system
C. To decide between conducting a quantitative or qualitative analysis
D. To determine which laws and regulations apply
A security engineer is concerned about the threat of side-channel attacks. The company experienced a past attack that degraded parts of a SCADA system, causing a fluctuation to 20,000rpm from its normal operating range. As a result, the part deteriorated more quickly than the mean time to failure. A further investigation revealed the attacker was able to determine the acceptable rpm range, and the malware would then fluctuate the rpm until the part failed. Which of the following solutions would be BEST to prevent a side-channel attack in the future?
A. Installing online hardware sensors
B. Air gapping important ICS and machines
C. Implementing a HIDS
D. Installing a SIEM agent on the endpoint
A network administrator receives a ticket regarding an error from a remote worker who is trying to reboot a laptop. The laptop has not yet loaded the operating system, and the user is unable to continue the boot process. The administrator is able to provide the user with a recovery PIN, and the user is able to reboot the system and access the device as needed. Which of the following is the MOST likely cause of the error?
A. Lockout of privileged access account
B. Duration of the BitLocker lockout period
C. Failure of the Kerberos time drift sync
D. Failure of TPM authentication
A company processes sensitive cardholder information that is stored in an internal production database and accessed by internet-facing web servers. The company's Chief Information Security Officer (CISO) is concerned with the risks related to sensitive data exposure and wants to implement tokenization of sensitive information at the record level. The company implements a one-to-many mapping of primary credit card numbers to temporary credit card numbers.
Which of the following should the CISO consider in a tokenization system?
A. Data field watermarking
B. Field tagging
C. Single-use translation
D. Salted hashing
A law firm experienced a breach in which access was gained to a secure server. During an investigation to determine how the breach occurred, an employee admitted to clicking on a spear-phishing link. A security analyst reviewed the event logs and found the following:
1.
PAM had not been bypassed.
2.
DLP did not trigger any alerts.
3.
The antivirus was updated to the most current signatures.
Which of the following MOST likely occurred?
A. Exploitation
B. Exfiltration
C. Privilege escalation
D. Lateral movement
A company has retained the services of a consultant to perform a security assessment. As part of the assessment, the consultant recommends engaging with others in the industry to collaborate in regards to emerging attacks. Which of the following would BEST enable this activity?
A. ISAC
B. OSINT
C. CVSS
D. Threat modeling
After the latest risk assessment, the Chief Information Security Officer (CISO) decides to meet with the development and security teams to find a way to reduce the security task workload. The CISO would like to:
1.
Have a solution that uses API to communicate with other security tools.
2.
Use the latest technology possible.
3.
Have the highest controls possible on the solution.
Which of following is the BEST option to meet these requirements?
A. EDR
B. CSP
C. SOAR
D. CASB
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.