[15-Aug-2022] New CASP+ CAS-004 Dumps with VCE and PDF from PassLeader (New Questions)

PassLeader released the NEWEST CompTIA CAS-004 exam dumps recently! Both CAS-004 VCE dumps and CAS-004 PDF dumps are available on PassLeader, either CAS-004 VCE dumps or CAS-004 PDF dumps have the NEWEST CAS-004 exam questions in it, they will help you passing CompTIA CAS-004 exam easily! You can download the valid CAS-004 dumps VCE and PDF from PassLeader here: https://www.passleader.com/cas-004.html (450 Q&As Dumps)

Also, previewing the NEWEST PassLeader CAS-004 dumps online for free on Google Drive: https://drive.google.com/drive/folders/1xDW57juM57tDgYf7o5sx957VEN2Bv3jc

An organization requires a contractual document that includes:
– An overview of what is covered.
– Goals and objectives.
– Performance metrics for each party.
– A review of how the agreement is managed by all parties.
Which of the following BEST describes this type of contractual document?

A.    SLA
B.    BAA
C.    NDA
D.    ISA

Answer: A

Based on PCI DSS v3.4, one particular database field can store data, but the data must be unreadable. Which of the following data objects meets this requirement?

A.    PAN.
B.    CVV2.
C.    Cardholder name.
D.    expiration date.

Answer: A

A developer wants to develop a secure external-facing web application. The developer is looking for an online community that produces tools, methodologies, articles, and documentation in the field of web-application security. Which of the following is the BEST option?

D.    CSA
E.    NIST

Answer: C

Which of the following is the BEST disaster recovery solution when resources are running in a cloud environment?

A.    Remote provider BCDR.
B.    Cloud provider BCDR.
C.    Alternative provider BCDR.
D.    Primary provider BCDR.

Answer: B

An organization is assessing the security posture of a new SaaS CRM system that handles sensitive PI I and identity information, such as passport numbers. The SaaS CRM system does not meet the organization’s current security standards. The assessment identifies the following:
1. There will be a 520,000 per day revenue loss for each day the system is delayed going into production.
2. The inherent risk is high.
3. The residual risk is low.
4. There will be a staged deployment to the solution rollout to the contact center.
Which of the following risk-handling techniques will BEST meet the organization’s requirements?

A.    Apply for a security exemption, as the risk is too high to accept.
B.    Transfer the risk to the SaaS CRM vendor, as the organization is using a cloud service.
C.    Accept the risk, as compensating controls have been implemented to manage the risk.
D.    Avoid the risk by accepting the shared responsibility model with the SaaS CRM provider.

Answer: D

An auditor needs to scan documents at rest for sensitive text. These documents contain both text and images. Which of the following software functionalities must be enabled in the DLP solution for the auditor to be able to fully read these documents? (Choose two.)

A.    Document interpolation.
B.    Regular expression pattern matching.
C.    Optical character recognition functionality.
D.    Baseline image matching.
E.    Advanced rasterization.
F.    Watermarking.

Answer: AC

Due to adverse events, a medium-sized corporation suffered a major operational disruption that caused its servers to crash and experience a major power outage. Which of the following should be created to prevent this type of issue in the future?

A.    SLA
B.    BIA
C.    BCM
D.    BCP
E.    RTO

Answer: E

A company is adopting a new artificial-intelligence-based analytics SaaS solution. This is the company’s first attempt at using a SaaS solution, and a security architect has been asked to determine any future risks. Which of the following would be the GREATEST risk In adopting this solution?

A.    The inability to assign access controls to comply with company policy.
B.    The inability to require the service provider process data in a specific country.
C.    The inability to obtain company data when migrating to another service.
D.    The inability to conduct security assessments against a service provider.

Answer: C

A help desk technician just informed the security department that a user downloaded a suspicious file from internet explorer last night. The user confirmed accessing all the files and folders before going home from work. The next morning, the user was no longer able to boot the system and was presented a screen with a phone number. The technician then tries to boot the computer using wake-on-LAN, but the system would not come up. Which of the following explains why the computer would not boot?

A.    The operating system was corrupted.
B.    SElinux was in enforced status.
C.    A secure boot violation occurred.
D.    The disk was encrypted.

Answer: A

A small business would like to provide guests who are using mobile devices encrypted WPA3 access without first distributing PSKs or other credentials. Which of the following features will enable the business to meet this objective?

A.    Simultaneous Authentication of Equals.
B.    Enhanced open.
C.    Perfect forward secrecy.
D.    Extensible Authentication Protocol.

Answer: A

Due to internal resource constraints, the management team has asked the principal security architect to recommend a solution that shifts partial responsibility for application-level controls to the cloud provider. In the shared responsibility model, which of the following levels of service meets this requirement?

A.    laaS
B.    SaaS
C.    FaaS
D.    PaaS

Answer: D

A large telecommunications equipment manufacturer needs to evaluate the strengths of security controls in a new telephone network supporting first responders. Which of the following techniques would the company use to evaluate data confidentiality controls?

A.    Eavesdropping.
B.    On-path.
C.    Cryptanalysis.
D.    Code signing.
E.    RF sidelobe sniffing.

Answer: A

A company wants to quantify and communicate the effectiveness of its security controls but must establish measures. Which of the following is MOST likely to be included in an effective assessment roadmap for these controls?

A.    Create a change management process.
B.    Establish key performance indicators.
C.    Create an integrated master schedule.
D.    Develop a communication plan.
E.    Perform a security control assessment.

Answer: C

An enterprise is undergoing an audit to review change management activities when promoting code to production. The audit reveals the following:
– Some developers can directly publish code to the production environment.
– Static code reviews are performed adequately.
– Vulnerability scanning occurs on a regularly scheduled basis per policy.
Which of the following should be noted as a recommendation within the audit report?

A.    Implement short maintenance windows.
B.    Perform periodic account reviews.
C.    Implement job rotation.
D.    Improve separation of duties.

Answer: D

A company’s finance department acquired a new payment system that exports data to an unencrypted file on the system. The company implemented controls on the file so only appropriate personnel are allowed access. Which of the following risk techniques did the department use in this situation?

A.    Accept
B.    Avoid
C.    Transfer
D.    Mitigate

Answer: D

An organization requires a legacy system to incorporate reference data into a new system. The organization anticipates the legacy system will remain in operation for the next 18 to 24 months. Additionally, the legacy system has multiple critical vulnerabilities with no patches available to resolve them. Which of the following is the BEST design option to optimize security?

A.    Limit access to the system using a jump box.
B.    Place the new system and legacy system on separate VLANs.
C.    Deploy the legacy application on an air-gapped system.
D.    Implement MFA to access the legacy system.

Answer: C

A user experiences an HTTPS connection error when trying to access an Internet banking website from a corporate laptop. The user then opens a browser on a mobile phone and is able to access the same Internet banking website without issue. Which of the following security configurations is MOST likely the cause of the error?

A.    HSTS.
B.    TLS 1.2.
C.    Certificate pinning.
D.    Client authentication.

Answer: A

A company wants to improve its active protection capabilities against unknown and zero-day malware. Which of the following Is the MOST secure solution?

A.    NIDS.
B.    Application allow list.
C.    Sandbox detonation.
D.    Endpoint log collection.
E.    HIDS.

Answer: C

A bank is working with a security architect to find the BEST solution to detect database management system compromises. The solution should meet the following requirements:
– Work at the application layer.
– Send alerts on attacks from both privileged and malicious users.
– Have a very low false positive.
Which of the following should the architect recommend?

A.    FIM
B.    WAF
C.    NIPS
D.    DAM
E.    UTM

Answer: D

An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors. Which of the following categories BEST describes this type of vendor risk?

A.    SDLC attack.
B.    Side-load attack.
C.    Remote code signing.
D.    Supply chain attack.

Answer: D


Welcome to choose PassLeader CAS-004 dumps for 100% passing CompTIA CAS-004 exam: https://www.passleader.com/cas-004.html (450 Q&As VCE Dumps and PDF Dumps)

Also, previewing the NEWEST PassLeader CAS-004 dumps online for free on Google Drive: https://drive.google.com/drive/folders/1xDW57juM57tDgYf7o5sx957VEN2Bv3jc