A bank is working with a security architect to find the BEST solution to detect database management system compromises. The solution should meet the following requirements:
1. Work at the application layer
2. Send alerts on attacks from both privileged and malicious users
3. Have a very low false positive
Which of the following should the architect recommend?
A. FIMWhich of the following is the MOST important cloud-specific risk from the CSP's viewpoint?
A. Isolation control failureA security analyst received the following finding from a cloud security assessment tool:
Virtual Machine Data Disk is encrypted with the default encryption key.
Because the organization hosts highly sensitive data files, regulations dictate it must be encrypted so it is unreadable to the CSP.
Which of the following should be implemented to remediate the finding and meet the regulatory requirement? (Choose two.)
A. Disk encryption with customer-provided keysA senior security analyst is helping the development team improve the security of an application that is being developed. The developers use third-party libraries and applications. The software in development used old, third-party packages that were not replaced before market distribution. Which of the following should be implemented into the SDLC to resolve the issue?
A. Software composition analysisDuring a review of events, a security analyst notes that several log entries from the FIM system identify changes to firewall rule sets. While coordinating a response to the FIM entries, the analyst receives alerts from the DLP system that indicate an employee is sending sensitive data to an external email address. Which of the following would be the most relevant to review in order to gain a better understanding of whether these events are associated with an attack?
A. Configuration management toolA security analyst is configuring an IPSec tunnel to use the strongest encryption currently available.
Which of the following algorithms should be deployed to provide the most secure initial key exchange?
A. 3DESA consultant needs access to a customer's cloud environment. The customer wants to enforce the following engagement requirements:
1.All customer data must remain under the control of the customer at all times.
2.Third-party access to the customer environment must be controlled by the customer.
3.Authentication credentials and access control must be under the customer's control.
Which of the following should the consultant do to ensure all customer requirements are satisfied when accessing the cloud environment?
A. Use the customer's SSO with read-only credentials and share data using the customer's provisioned secure network storage.Law enforcement officials informed an organization that an investigation has begun. Which of the following is the FIRST step the organization should take?
A. Initiate a legal hold.A company is decommissioning old servers and hard drives that contain sensitive data.
Which of the following best protects against data leakage?
A. PurgingTo save on device life-cycle costs, a company is transitioning to a BYOD deployment scheme for enterprise mobility. Local laws protect users from corporate-initiated wiping or manipulation of data not owned by the company.
Which of the following techniques would best protect corporate data while ensuring the integrity of private data?
A. Wrap and/or containerize corporate applications.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.