An organization is implementing a new identity and access management architecture with the following objectives:
1.Supporting MFA against on-premises infrastructure
2.Improving the user experience by integrating with SaaS applications
3.Applying risk-based policies based on location
4.Performing just-in-time provisioning
Which of the following authentication protocols should the organization implement to support these requirements?
A. Kerberos and TACACSAn architectural firm is working with its security team to ensure that any draft images that are leaked to the public can be traced back to a specific external party. Which of the following would BEST accomplish this goal?
A. Properly configure a secure file transfer system to ensure file integrity.A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One Of the requirements for the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which of the following would BEST achieve this objective?
A. Deploy endpoint agents that monitor local web traffic to enforce DLP and encryption policies.A facilities manager requests approval to deploy a new key management system that integrates with logical network access controls to provide conditional access. The security analyst who is assessing the risk has no experience with the category of products.
Which of the following is the FIRST step the analyst should take to begin the research?
A. Seek documented industry best practices.A software developer must choose encryption algorithms to secure two parts of a mobile application. Given the following part descriptions and requirements:
The first part of the application is used to transfer large files and must support file parts with transfer start/stop/resume. This part requires strong file encryption. The second part of the application uses a bit stream to continuously authenticate
both ends of the connection. This part must implement confidentiality for the stream.
Which of the following encryption algorithms should the developer implement in the code to support both parts of the application? (Select two).
A. P384A hospital has fallen behind with patching known vulnerabilities due to concerns that patches may cause disruptions in the availability of data and impact patient care. The hospital does not have a tracking solution in place to audit whether systems have been updated or to track the length of time between notification of the weakness and patch completion Since tracking is not in place the hospital lacks accountability with regard to who is responsible for these activities and the timeline of patching efforts. Which of the following should the hospital do first to mitigate this risk?
A. Complete a vulnerability analysisThe findings from a recent penetration test report indicate a systematic issue related to cross-site scripting (XSS). A security engineer would like to prevent this type of issue for future reports.
Which of the following mitigation strategies should the engineer use to best resolve the issue?
A. Implement static analysis with blocking capabilities in the CI/CD system.A security analyst detected a malicious PowerShell attack on a single server. The malware used the Invoke-Expression function to execute an external malicious script. The security analyst scanned the disk with an antivirus application and did not find any IOCs. The security analyst now needs to deploy a protection solution against this type of malware.
Which of the following BEST describes the type of malware the solution should protect against?
A. WormA security analyst is reviewing the following output from a vulnerability scan of an organization's internet-facing web services:
1. Line 06: Hostname sent via SNI does not match certificate.
2. Line 10: Certificate not validated by OCSP.
3. Line 13: Weak SHA-1 signature algorithm detected.
4. Line 17: TLS 1.2 cipher suite negotiated.
5. Line 18: SSL session not using forward secrecy.
Which of the following indicates a susceptibility whereby an attacker can take advantage of the trust relationship between the client and the server?
A. Line 06During a recent security incident investigation, a security analyst mistakenly turned off the infected machine prior to consulting with a forensic analyst. Upon rebooting the machine, a malicious script that was running as a background process was no longer present. As a result, potentially useful evidence was lost. Which of the following should the security analyst have followed?
A. Order of volatilityNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.