Free CAS-004 Exam Braindumps

A threat hunting team receives a report about possible APT activity in the network.
Which of the following threat management frameworks should the team implement?

  1. NIST SP 800-53
  2. MITRE ATT&CK
  3. The Cyber Kill Chain
  4. The Diamond Model of Intrusion Analysis

Answer(s): B


Reference:

https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-30r1.pdf



Device event logs sources from MDM software as follows:


Which of the following security concerns and response actions would BEST address the risks posed by the device in the logs?

  1. Malicious installation of an application; change the MDM configuration to remove application ID 1220.
  2. Resource leak; recover the device for analysis and clean up the local storage.
  3. Impossible travel; disable the device’s account and access while investigating.
  4. Falsified status reporting; remotely wipe the device.

Answer(s): C



An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports.

Which of the following historian server locations will allow the business to get the required reports in an ОТ and IT environment?

  1. In the ОТ environment, use a VPN from the IT environment into the ОТ environment.
  2. In the ОТ environment, allow IT traffic into the ОТ environment.
  3. In the IT environment, allow PLCs to send data from the ОТ environment to the IT environment.
  4. Use a screened subnet between the ОТ and IT environments.

Answer(s): D



Which of the following is a benefit of using steganalysis techniques in forensic response?

  1. Breaking a symmetric cipher used in secure voice communications
  2. Determining the frequency of unique attacks against DRM-protected media
  3. Maintaining chain of custody for acquired evidence
  4. Identifying least significant bit encoding of data in a .wav file

Answer(s): D

Explanation:


Reference:

https://www.garykessler.net/library/fsc_stego.html






Post your Comments and Discuss CompTIA CAS-004 exam with other Community members:

Sysadmin 4/22/2024 3:30:17 PM
How can you report incorrect answers? #27 is incorrect. First and foremost is always stop the spread, and then access the damage.
UNITED STATES
upvote

Gord 3/19/2024 9:44:01 AM
I hardly submit reivews... but the team at Xcerts.com really deserve one. They are super professional and the quality of their study guides are good. I highly recommend it anyone preparing for their exams.
UNITED KINGDOM
upvote

9eagles 4/7/2023 10:04:00 AM
on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous
upvote

Change 12/11/2023 5:07:09 PM
Are some answers wrong
UNITED STATES
upvote

makeel 12/10/2023 2:13:20 PM
the questions are the same exist of another website
Anonymous
upvote