CompTIA CAS-004 Online Practice Questions and Exam Preparation

CompTIA CAS-004 Online Questions & Answers

• Question 531:

  Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.

  Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

  A. Implement rate limiting on the API.
  B. Implement geoblocking on the WAF.
  C. Implement OAuth 2.0 on the API.
  D. Implement input validation on the API.
  A. Implement rate limiting on the API.

  ---

  Explanation

• Question 532:

  An organization is running its e-commerce site in the cloud. The capacity is sufficient to meet the organization's needs throughout most of the year, except during the holidays when the organization plans to introduce a new line of products and expects an increase in traffic. The organization is not sure how well its products will be received. To address this issue, the organization needs to ensure that:

  1.System capacity is optimized.

  2.Cost is reduced

  Which of the following should be implemented to address these requirements? (Choose two.)

  A. Containerization
  B. Load balancer
  C. Microsegmentation
  D. Autoscaling
  E. WAF
  F. CDN
  B. Load balancer
  D. Autoscaling

  ---

  Explanation

• Question 533:

  A security engineer is reviewing a record of events after a recent data breach incident that Involved the following:

  1.A hacker conducted reconnaissance and developed a footprint of the company s Internet- facing web application assets.

  2.A vulnerability in a third-party horary was exploited by the hacker, resulting in the compromise of a local account.

  3.The hacker took advantage of the account's excessive privileges to access a data store and exfilltrate the data without detection.

  Which of the following is the BEST solution to help prevent this type of attack from being successful in the future?

  A. Dynamic analysis
  B. Secure web gateway
  C. Software composition analysis
  D. User behavior analysis
  E. Web application firewall
  C. Software composition analysis

  ---

  Explanation

• Question 534:

  A security analyst for a managed service provider wants to implement the most up-to-date and effective security methodologies to provide clients with the best offerings. Which of the following resources would the analyst MOST likely adopt?

  A. OSINT
  B. ISO
  C. MITRE ATTandCK
  D. OWASP
  C. MITRE ATTandCK

  ---

  Explanation

• Question 535:

  A development team created a mobile application that contacts a company's back-end APIs housed in a PaaS environment. The APIs have been experiencing high processor utilization due to scraping activities. The security engineer needs to recommend a solution that will prevent and remedy the behavior.

  Which of the following would BEST safeguard the APIs? (Choose two.)

  A. Bot protection
  B. OAuth 2.0
  C. Input validation
  D. Autoscaling endpoints
  E. Rate limiting
  F. CSRF protection
  A. Bot protection
  E. Rate limiting

  ---

  Explanation

• Question 536:

  A common industrial protocol has the following characteristics:

  1. Provides for no authentication/security

  2. Is often implemented in a client/server relationship

  3. Is implemented as either RTU or TCP/IP

  Which of the following is being described?

  A. Profinet
  B. Modbus
  C. Zigbee
  D. Z-Wave
  B. Modbus

  ---

  Explanation

  The protocol described is Modbus, which is a commonly used industrial protocol that lacks built-in authentication and security features. Modbus operates in a client/server model and can be implemented over RTU (Remote Terminal Unit) or TCP/IP for communication between devices. The other protocols mentioned either have different characteristics or are used in different contexts (such as Profinet for industrial automation, Zigbee for wireless IoT devices, and Z-Wave for home automation). CASP+ identifies Modbus as a critical protocol in industrial environments that lacks security and requires additional protective measures.

  References: CASP+ CAS-004 Exam Objectives: Domain 4.0 Industrial Control Systems (ICS) and Modbus Protocol CompTIA CASP+ Study Guide: Industrial Protocols and Modbus Security

• Question 537:

  An loT device implements an encryption module built within its SoC where the asymmetric private key has been defined in a write-once read-many portion of the SoC hardware Which of the following should the loT manufacture do if the private key is compromised?

  A. Use over-the-air updates to replace the private key
  B. Manufacture a new loT device with a redesigned SoC
  C. Replace the public portion of the loT key on its servers
  D. Release a patch for the SoC software
  B. Manufacture a new loT device with a redesigned SoC

  ---

  Explanation

  If the asymmetric private key defined in the write-once read-many (WORM) portion of the System on Chip (SoC) is compromised, the IoT device manufacturer cannot simply replace or update the key through software changes due to the nature of WORM memory. The compromised key would necessitate the production of a new IoT device with a redesigned SoC that includes a new, secure private key. This is because the integrity of the encryption module is fundamental to the device's security, and a compromised key cannot be allowed to persist in the hardware.

• Question 538:

  A PKI engineer is defining certificate templates for an organization's CA and would like to ensure at least two of the possible SAN certificate extension fields populate for documentation purposes. Which of the following are explicit options within this extension? (Select two).

  A. Type
  B. Email
  C. OCSP responder
  D. Registration authority
  E. Common Name
  F. DNS name
  B. Email
  F. DNS name

  ---

  Explanation

  The SAN (Subject Alternative Name) field in a certificate can include multiple types of entries, including DNS names and email addresses. These are explicit options within the SAN extension, allowing a single certificate to be valid for multiple domain names and email addresses. This is often used in multi-domain SSL certificates, where a single certificate needs to be valid for multiple subdomains or different domain names.

• Question 539:

  An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to change the server configuration to avoid this kind of performance issue.

  Which of the following is the MOST cost-effective solution?

  A. Move the server to a cloud provider.
  B. Change the operating system.
  C. Buy a new server and create an active-active cluster.
  D. Upgrade the server with a new one.
  A. Move the server to a cloud provider.

  ---

  Explanation

• Question 540:

  DRAG DROP

  An organization is planning for disaster recovery and continuity of operations.

  INSTRUCTIONS

  Review the following scenarios and instructions. Match each relevant finding to the affected host.

  After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.

  Each finding may be used more than once.

  If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  

  Select and Place:

  

  

  Explanation