CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-004

Free CAS-004 Exam Braindumps (page: 15)

Page 15 of 159
PDF with 645 Questions

A company is implementing SSL inspection. During the next six months, multiple web applications that will be separated out with subdomains will be deployed.
Which of the following will allow the inspection of the data without multiple certificate deployments?

  1. Include all available cipher suites.
  2. Create a wildcard certificate.
  3. Use a third-party CA.
  4. Implement certificate pinning.

Answer(s): B



A small business requires a low-cost approach to theft detection for the audio recordings it produces and sells.
Which of the following techniques will MOST likely meet the business's needs?

  1. Performing deep-packet inspection of all digital audio files
  2. Adding identifying filesystem metadata to the digital audio files
  3. Implementing steganography
  4. Purchasing and installing a DRM suite

Answer(s): C


Reference:

https://portswigger.net/daily-swig/what-is-steganography-a-complete-guide-to-the-ancient-art-of-concealing-messages



Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.
Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

  1. Implement rate limiting on the API.
  2. Implement geoblocking on the WAF.
  3. Implement OAuth 2.0 on the API.
  4. Implement input validation on the API.

Answer(s): A



An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following:
-Unstructured data being exfiltrated after an employee leaves the organization
-Data being exfiltrated as a result of compromised credentials
-Sensitive information in emails being exfiltrated
Which of the following solutions should the security team implement to mitigate the risk of data loss?

  1. Mobile device management, remote wipe, and data loss detection
  2. Conditional access, DoH, and full disk encryption
  3. Mobile application management, MFA, and DRM
  4. Certificates, DLP, and geofencing

Answer(s): C






Post your Comments and Discuss CompTIA CAS-004 exam with other Community members:

CAS-004 Exam Discussions & Posts