Practice Free CAS-004 Exam Online Questions
An organization requires a legacy system to incorporate reference data into a new system. The organization anticipates the legacy system will remain in operation for the next 18 to 24 months. Additionally, the legacy system has multiple critical vulnerabilities with no patches available to resolve them.
Which of the following is the BEST design option to optimize security?
- A . Limit access to the system using a jump box.
- B . Place the new system and legacy system on separate VLANs
- C . Deploy the legacy application on an air-gapped system.
- D . Implement MFA to access the legacy system.
Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?
- A . Importing the availability of messages
- B . Ensuring non-repudiation of messages
- C . Enforcing protocol conformance for messages
- D . Assuring the integrity of messages
D
Explanation:
Assuring the integrity of messages is the most important security objective when applying cryptography to control messages that tell an ICS (industrial control system) how much electrical power to output. Integrity is the security objective that ensures the accuracy and completeness of data or information, preventing unauthorized modifications or tampering. Assuring the integrity of messages can prevent malicious or accidental changes to the control messages that could affect the operation or safety of the ICS or the electrical power output. Importing the availability of messages is not a security objective when applying cryptography, but a security objective that ensures the accessibility and usability of data or information, preventing unauthorized denial or disruption of service. Ensuring non-repudiation of messages is not a security objective when applying cryptography, but a security objective that ensures the authenticity and accountability of data or information, preventing unauthorized denial or dispute of actions or transactions. Enforcing protocol conformance for messages is not a security objective when applying cryptography, but a security objective that ensures the compliance and consistency of data or information, preventing unauthorized deviations or violations of rules or standards.
Verified Reference:
https://www.comptia.org/blog/what-is-integrity
https://partners.comptia.org/docs/default-source/resources/casp-content-guide
A recent data breach stemmed from unauthorized access to an employee’s company account with a cloud-based productivity suite. The attacker exploited excessive permissions granted to a third-party OAuth application to collect sensitive information.
Which of the following BEST mitigates inappropriate access and permissions issues?
- A . SIEM
- B . CASB
- C . WAF
- D . SOAR
C
Explanation:
Reference: https://www.cloudflare.com/en-gb/learning/ddos/glossary/web-application-firewall-waf/
A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.
Which of the following scan types will provide the systems administrator with the MOST accurate information?
- A . A passive, credentialed scan
- B . A passive, non-credentialed scan
- C . An active, non-credentialed scan
- D . An active, credentialed scan
A security analyst received a report that a suspicious flash drive was picked up in the office’s waiting area, located beyond the secured door. The analyst investigated the drive and found malware designed to harvest and transmit credentials. Security cameras in the area where the flash drive was discovered showed a vendor representative dropping the drive.
Which of the following should the analyst recommend as an additional way to identify anyone who enters the building, in the event the camera system fails?
- A . Employee badge logs
- B . Phone call logs
- C . Vehicle registration logs
- D . Visitor logs
D
Explanation:
Visitor logs would be the best additional method for identifying individuals who enter the building in the event of a camera system failure. Visitor logs track who enters and exits a secured facility, providing a record that can be cross-referenced with security events, like the discovery of a suspicious flash drive. In this case, reviewing the visitor logs could help identify the vendor representative who dropped the flash drive. CASP+ highlights the importance of physical security measures, such as logging and auditing access to facilities, to complement digital security controls.
Reference: CASP+ CAS-004 Exam Objectives: Domain 2.0 C Enterprise Security Operations (Physical Security and Access Control Logs)
CompTIA CASP+ Study Guide: Physical Security and Incident Response Procedures
A hospitality company experienced a data breach that included customer Pll. The hacker used social engineering to convince an employee to grant a third-party application access to some company documents within a cloud file storage service.
Which of the following is the BEST solution to help prevent this type of attack in the future?
- A . NGFW for web traffic inspection and activity monitoring
- B . CSPM for application configuration control
- C . Targeted employee training and awareness exercises
- D . CASB for OAuth application permission control
D
Explanation:
The company should use CASB for OAuth application permission control to help prevent this type of attack in the future. CASB stands for cloud access security broker, which is a software tool that monitors and enforces security policies for cloud applications. CASB can help control which third-party applications can access the company’s cloud file storage service and what permissions they have. CASB can also detect and block any unauthorized or malicious applications that try to access the company’s data.
Verified Reference:
https://www.kaspersky.com/resource-center/threats/how-to-avoid-social-engineering-attacks
https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/understanding-preventing-social-engineering-attacks/
https://www.indusface.com/blog/10-ways-businesses-can-prevent-social-engineering-attacks/
A system administrator at a medical imaging company discovers protected health information (PHI) on a general-purpose file server.
Which of the following steps should the administrator take NEXT?
- A . Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2.
- B . Take an MD5 hash of the server.
- C . Delete all PHI from the network until the legal department is consulted.
- D . Consult the legal department to determine the legal requirements.
A security compliance requirement states that specific environments that handle sensitive data must
be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.
Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?
- A . NAC to control authorized endpoints
- B . FIM on the servers storing the data
- C . A jump box in the screened subnet
- D . A general VPN solution to the primary network
A
Explanation:
Network Access Control (NAC) is used to bolster the network security by restricting the availability of network resources to managed endpoints that don’t satisfy the compliance requirements of the Organization.
A company is in the process of refreshing its entire infrastructure The company has a business-critical process running on an old 2008 Windows server If this server fails, the company would lose millions of dollars in revenue.
Which of the following actions should the company should take?
- A . Accept the risk as the cost of doing business
- B . Create an organizational risk register for project prioritization
- C . Calculate the ALE and conduct a cost-benefit analysis
- D . Purchase insurance to offset the cost if a failure occurred
C
Explanation:
Calculating the Annual Loss Expectancy (ALE) and conducting a cost-benefit analysis is a critical part of risk management. The ALE will help the company understand the potential losses associated with the server failure per year, which can then be weighed against the cost of mitigating the risk (e.g., replacing the server or implementing redundancies). This analysis will inform the decision on the best course of action to manage the risk associated with the aging server.
A local university that has a global footprint is undertaking a complete overhaul of its website and associated systems.
Some of the requirements are:
• Handle an increase in customer demand of resources
• Provide quick and easy access to information
• Provide high-quality streaming media
• Create a user-friendly interface
Which of the following actions should be taken FIRST?
- A . Deploy high-availability web servers.
- B . Enhance network access controls.
- C . Implement a content delivery network.
- D . Migrate to a virtualized environment.
C
Explanation:
A content delivery network (CDN) is a geographically distributed network of servers that can cache content close to end users, allowing for faster and more efficient delivery of web content, such as images, videos, and streaming media. A CDN can also handle an increase in customer demand of resources, provide high-quality streaming media, and create a user-friendly interface by reducing latency and bandwidth consumption. A CDN can also improve the security and availability of the website by mitigating DDoS attacks and providing redundancy.
Verified Reference:
https://www.cloudflare.com/learning/cdn/what-is-a-cdn/ https://learn.microsoft.com/en-us/azure/cdn/cdn-overview https://en.wikipedia.org/wiki/Content_delivery_network