CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-004

Free CAS-004 Exam Braindumps (page: 7)

Page 7 of 140
PDF with 555 Questions

An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access.
Which of the following describes the administrator's discovery?

  1. A vulnerability
  2. A threat
  3. A breach
  4. A risk

Answer(s): A


Reference:

https://www.beyondtrust.com/blog/entry/privilege-escalation-attack-defense-explained



A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization.
Which of the following should be the analyst's FIRST action?

  1. Create a full inventory of information and data assets.
  2. Ascertain the impact of an attack on the availability of crucial resources.
  3. Determine which security compliance standards should be followed.
  4. Perform a full system penetration test to determine the vulnerabilities.

Answer(s): A



While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?

  1. Pay the ransom within 48 hours.
  2. Isolate the servers to prevent the spread.
  3. Notify law enforcement.
  4. Request that the affected servers be restored immediately.

Answer(s): B



A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:
-Only users with corporate-owned devices can directly access servers hosted by the cloud provider.
-The company can control what SaaS applications each individual user can access.
-User browser activity can be monitored.
Which of the following solutions would BEST meet these requirements?

  1. IAM gateway, MDM, and reverse proxy
  2. VPN, CASB, and secure web gateway
  3. SSL tunnel, DLP, and host-based firewall
  4. API gateway, UEM, and forward proxy

Answer(s): B



Page 7 of 140



Post your Comments and Discuss CompTIA CAS-004 exam with other Community members:

michrle23 commented on November 08, 2024
The purchase and download is very streamlined. I was able to quickly pay and download my course content. I have now started preparing. Once I finish my exam I will share my experience of the exam.
PAKISTAN
upvote

Fatima commented on June 17, 2024
The purchase and download is very streamlined. I was able to quickly pay and download my course content. I have now started preparing. Once I finish my exam I will share my experience of the exam.
EUROPEAN UNION
upvote

Sysadmin commented on April 22, 2024
How can you report incorrect answers? #27 is incorrect. First and foremost is always stop the spread, and then access the damage.
UNITED STATES
upvote

Gord commented on March 19, 2024
I hardly submit reivews... but the team at Xcerts.com really deserve one. They are super professional and the quality of their study guides are good. I highly recommend it anyone preparing for their exams.
UNITED KINGDOM
upvote

9eagles commented on April 07, 2023
on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous
upvote

Change commented on December 11, 2023
Are some answers wrong
UNITED STATES
upvote

makeel commented on December 10, 2023
the questions are the same exist of another website
Anonymous
upvote

SecPro commented on October 29, 2023
Great dumps, helped me pass the exam.
Anonymous
upvote