CompTIA CAS-004 Online Practice Questions and Exam Preparation

CompTIA CAS-004 Online Questions & Answers

• Question 511:

  The Chief Information Security Officer (CISO) is working with a new company and needs a legal document to ensure all parties understand their roles during an assessment. Which of the following should the CISO have each party sign?

  A. SLA
  B. ISA
  C. Permissions and access
  D. Rules of engagement
  D. Rules of engagement

  ---

  Explanation

  The Rules of Engagement (ROE) document is essential for ensuring all parties understand their roles, responsibilities, and limitations during an assessment. It provides a clear framework that helps prevent legal and operational misunderstandings, making it the most appropriate choice for the CISO to have each party sign in this scenario.

• Question 512:

  An organization is assessing the security posture of a new SaaS CRM system that handles sensitive Pll and identity information, such as passport numbers. The SaaS CRM system does not meet the organization's current security standards.

  The assessment identifies the following:

  1- There will be a $20,000 per day revenue loss for each day the system is delayed going into production.

  2- The inherent risk is high.

  3- The residual risk is low.

  4- There will be a staged deployment to the solution rollout to the contact center.

  Which of the following risk-handling techniques will BEST meet the organization's requirements?

  A. Apply for a security exemption, as the risk is too high to accept.
  B. Transfer the risk to the SaaS CRM vendor, as the organization is using a cloud service.
  C. Accept the risk, as compensating controls have been implemented to manage the risk.
  D. Avoid the risk by accepting the shared responsibility model with the SaaS CRM provider.
  C. Accept the risk, as compensating controls have been implemented to manage the risk.

  ---

  Explanation

  Accept the risk, as compensating controls have been implemented to manage the risk

  The key points are:

  1. The residual risk is low, meaning sufficient compensating controls are already in place.

  2. Delaying deployment would result in significant revenue loss ($20,000/day).

  3. A staged rollout suggests a controlled and risk-aware deployment strategy.

  Since the risk has already been reduced to a low level and delaying would incur high costs, the best approach is to accept the residual risk.

• Question 513:

  An organization's finance system was recently attacked. A forensic analyst is reviewing the contents Of the compromised files for credit card data.

  Which of the following commands should the analyst run to BEST determine whether financial data was lost?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  C. Option C

  ---

  Explanation

• Question 514:

  A cloud security architect has been tasked with selecting the appropriate solution given the following:

  1.The solution must allow the lowest RTO possible.

  2.The solution must have the least shared responsibility possible.

  3.Patching should be a responsibility of the CSP.

  Which of the following solutions can BEST fulfil the requirements?

  A. PaaS
  B. IaaS
  C. Private
  D. SaaS
  D. SaaS

  ---

  Explanation

  Least shared responsibility = SaaS Patching by the CSP = SaaS Lowest RTO possible =SaaS

• Question 515:

  Which of the following most likely determines the level of controls that is required for specific databases?

  A. Retention schedule
  B. Classification
  C. Data ownership
  D. Sanitation requirements
  B. Classification

  ---

  Explanation

  "Data classification is the process of categorizing information based on its sensitivity, criticality, and value to the organization. Once classified-such as Public, Internal, Confidential, or Restricted-each category is assigned a predefined set of security controls (encryption, access restrictions, audit logging, etc.) that must be applied to systems housing that data. Thus, the classification level directly dictates the stringency and type of controls required for a given database." 1. CompTIA CASP+ Official Study Guide, Third Edition, Chapter 2: Data Management and Classification, pp. defines the control requirements for each classification level and drives the implementation of technical, administrative, and physical safeguards for databases and other data repositories." 134-135 "Implement governance and policy controls by establishing a data classification scheme. The scheme

  1. CompTIA CASP+ CAS-004 Exam Objectives (v7.1), Section 1.2: Data Governance and Policy, p. 4 By leveraging a formal data classification framework, organizations ensure that databases containing higher-sensitivity information receive appropriately rigorous controls, whereas less sensitive data may be subject to more moderate safeguards.

• Question 516:

  An organization that provides a SaaS solution recently experienced an incident involving customer data loss. The system has a level of self-healing that includes monitoring performance and available resources. When the system detects an issue, the self-healing process is supposed to restart parts of the software.

  During the incident, when the self-healing system attempted to restart the services, available disk space on the data drive to restart all the services was inadequate. The self-healing system did not detect that some services did not fully restart and declared the system as fully operational.

  Which of the following BEST describes the reason why the silent failure occurred?

  A. The system logs rotated prematurely.
  B. The disk utilization alarms are higher than what the service restarts require.
  C. The number of nodes in the self-healing cluster was healthy.
  D. Conditional checks prior to the service restart succeeded.
  D. Conditional checks prior to the service restart succeeded.

  ---

  Explanation

• Question 517:

  A company wants to securely manage the APIs that were developed for its in-house applications. Previous penetration tests revealed that developers were embedding unencrypted passwords in the code. Which of the following can the company do to address this finding? (Choose two.)

  A. Implement complex, key-length API key management.
  B. Implement user session logging.
  C. Implement time-based API key management.
  D. Use SOAP instead of restful services.
  E. Incorporate a DAST into the DevSecOps process to identify the exposure of secrets.
  F. Enforce MFA on the developers' workstations and production systems.
  E. Incorporate a DAST into the DevSecOps process to identify the exposure of secrets.
  F. Enforce MFA on the developers' workstations and production systems.

  ---

  Explanation

• Question 518:

  A business stores personal client data of individuals residing in the EU in order to process requests for mortgage loan approvals. Which of the following does the business's IT manager need to consider?

  A. The availability of personal data
  B. The right to personal data erasure
  C. The company's annual revenue
  D. The language of the web application
  B. The right to personal data erasure

  ---

  Explanation

  https://gdpr.eu/right-to-be-forgotten/#:~:text=Also%20known%20as%20the%20right,to%20delete%20their%20personal%20data.andtext=The%20General%20Data%20Protection%20Regulation,collected%2C%20processed%2C% 20and%20erased

• Question 519:

  An ISP is receiving reports from a portion of its customers who state that typosquatting is occurring when they type in a portion of the URL for the ISP's website. The reports state that customers are being directed to an advertisement website that is asking for personal information. The security team has verified the DNS system is returning proper results and has no known lOCs. Which of the following should the security team implement to best mitigate this situation?

  A. DNSSEC
  B. DNS filtering
  C. Multifactor authentication
  D. Self-signed certificates
  E. Revocation of compromised certificates
  B. DNS filtering

  ---

  Explanation

  DNS filtering can be used to prevent users from accessing malicious or unintended websites by blocking certain domains at the DNS level. In the case of typosquatting, where users are being directed to an advertisement website asking for personal information, DNS filtering can help by blocking access to these known malicious domains. This would ensure that even if users mistype a URL, they will not be directed to a harmful site.

• Question 520:

  Which of the following are risks associated with vendor lock-in? (Choose two.)

  A. The client can seamlessly move data.
  B. The vendor can change product offerings.
  C. The client receives a sufficient level of service.
  D. The client experiences decreased quality of service.
  E. The client can leverage a multicloud approach.
  F. The client experiences increased interoperability.
  B. The vendor can change product offerings.
  D. The client experiences decreased quality of service.

  ---

  Explanation

  https://www.cloudflare.com/learning/cloud/what-is-vendor-lock- in/#:~:text=Vendor%20lock%2Din%20can%20become,may%20involve%20reformatting%2 0the%20data