Free CAS-004 Exam Braindumps (page: 82)

Page 82 of 140

A corporation discovered its internet connection is saturated with traffic originating from multiple IP addresses across the internet. A security analyst needs to find a solution to address future occurrences of this type of attack.
Which of the following would be the BEST solution to meet this goal?

  1. Implementing cloud-scrubbing services
  2. Upgrading the internet link
  3. Deploying a web application firewall
  4. Provisioning a reverse proxy

Answer(s): A



A security engineer is working for a service provider and analyzing logs and reports from a new EDR solution, which is installed on a small group of workstations. Later that day, another security engineer receives an email from two developers reporting the software being used for development activities is now blocked. The developers have not made any changes to the software being used.
Which of the following is the EDR reporting?

  1. True positive
  2. False negative
  3. False positive
  4. True negative

Answer(s): C



An organization has just been breached, and the attacker is exfiltrating data from workstations. The security analyst validates this information with the firewall logs and must stop the activity immediately.
Which of the following steps should the security analyst perform NEXT?

  1. Determine what data is being stolen and change the folder permissions to read only.
  2. Determine which users may have clicked on a malicious email link and suspend their accounts.
  3. Determine where the data is being transmitted and create a block rule.
  4. Determine if a user inadvertently installed malware from a USB drive and update antivirus definitions.
  5. Determine if users have been notified to save their work and turn off their workstations.

Answer(s): C



A security architect is analyzing an old application that is not covered for maintenance anymore because the software company is no longer in business.
Which of the following techniques should have been implemented to prevent these types of risks?

  1. Code reviews
  2. Supply chain visibility
  3. Software audits
  4. Source code escrows

Answer(s): D



Page 82 of 140



Post your Comments and Discuss CompTIA CAS-004 exam with other Community members:

michrle23 commented on November 08, 2024
The purchase and download is very streamlined. I was able to quickly pay and download my course content. I have now started preparing. Once I finish my exam I will share my experience of the exam.
PAKISTAN
upvote

Fatima commented on June 17, 2024
The purchase and download is very streamlined. I was able to quickly pay and download my course content. I have now started preparing. Once I finish my exam I will share my experience of the exam.
EUROPEAN UNION
upvote

Sysadmin commented on April 22, 2024
How can you report incorrect answers? #27 is incorrect. First and foremost is always stop the spread, and then access the damage.
UNITED STATES
upvote

Gord commented on March 19, 2024
I hardly submit reivews... but the team at Xcerts.com really deserve one. They are super professional and the quality of their study guides are good. I highly recommend it anyone preparing for their exams.
UNITED KINGDOM
upvote

9eagles commented on April 07, 2023
on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous
upvote

Change commented on December 11, 2023
Are some answers wrong
UNITED STATES
upvote

makeel commented on December 10, 2023
the questions are the same exist of another website
Anonymous
upvote

SecPro commented on October 29, 2023
Great dumps, helped me pass the exam.
Anonymous
upvote