CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-004

Free CAS-004 Exam Braindumps

A threat hunting team receives a report about possible APT activity in the network.
Which of the following threat management frameworks should the team implement?

  1. NIST SP 800-53
  2. MITRE ATT&CK
  3. The Cyber Kill Chain
  4. The Diamond Model of Intrusion Analysis

Answer(s): B


Reference:

https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-30r1.pdf



Device event logs sourced from MDM software as follows:
Which of the following security concerns and response actions would BEST address the risks posed by the device in the logs?

  1. Malicious installation of an application; change the MDM configuration to remove application ID 1220.
  2. Resource leak; recover the device for analysis and clean up the local storage.
  3. Impossible travel; disable the device's account and access while investigating.
  4. Falsified status reporting; remotely wipe the device.

Answer(s): C



An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports.
Which of the following historian server locations will allow the business to get the required reports in an ׀׀¢ and IT environment?

  1. In the ׀׀¢ environment, use a VPN from the IT environment into the ׀׀¢ environment.
  2. In the ׀׀¢ environment, allow IT traffic into the ׀׀¢ environment.
  3. In the IT environment, allow PLCs to send data from the ׀׀¢ environment to the IT environment.
  4. Use a screened subnet between the ׀׀¢ and IT environments.

Answer(s): D



Which of the following is a benefit of using steganalysis techniques in forensic response?

  1. Breaking a symmetric cipher used in secure voice communications
  2. Determining the frequency of unique attacks against DRM-protected media
  3. Maintaining chain of custody for acquired evidence
  4. Identifying least significant bit encoding of data in a .wav file

Answer(s): D


Reference:

https://www.garykessler.net/library/fsc_stego.html






Post your Comments and Discuss CompTIA CAS-004 exam with other Community members:

michrle23 commented on November 08, 2024
The purchase and download is very streamlined. I was able to quickly pay and download my course content. I have now started preparing. Once I finish my exam I will share my experience of the exam.
PAKISTAN
upvote

Fatima commented on June 17, 2024
The purchase and download is very streamlined. I was able to quickly pay and download my course content. I have now started preparing. Once I finish my exam I will share my experience of the exam.
EUROPEAN UNION
upvote

Sysadmin commented on April 22, 2024
How can you report incorrect answers? #27 is incorrect. First and foremost is always stop the spread, and then access the damage.
UNITED STATES
upvote

Gord commented on March 19, 2024
I hardly submit reivews... but the team at Xcerts.com really deserve one. They are super professional and the quality of their study guides are good. I highly recommend it anyone preparing for their exams.
UNITED KINGDOM
upvote

9eagles commented on April 07, 2023
on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous
upvote

Change commented on December 11, 2023
Are some answers wrong
UNITED STATES
upvote

makeel commented on December 10, 2023
the questions are the same exist of another website
Anonymous
upvote

SecPro commented on October 29, 2023
Great dumps, helped me pass the exam.
Anonymous
upvote