Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-004

Free CompTIA CAS-004 Exam Questions (page: 24)

Page 24 of 159
PDF with 645 Questions

A host on a company's network has been infected by a worm that appears to be spreading via SMB. A security analyst has been tasked with containing the incident while also maintaining evidence for a subsequent investigation and malware analysis.
Which of the following steps would be best to perform FIRST?

  1. Turn off the infected host immediately.
  2. Run a full anti-malware scan on the infected host.
  3. Modify the smb.conf file of the host to prevent outgoing SMB connections.
  4. Isolate the infected host from the network by removing all network connections.

Answer(s): D



SIMULATION
You are a security analyst tasked with interpreting an Nmap scan output from company's privileged network.
The company's hardening guidelines indicate the following:
-There should be one primary server or service per device.
-Only default ports should be used.
-Non-secure protocols should be disabled.
INSTRUCTIONS
Using the Nmap output, identify the devices on the network and their roles, and any open ports that should be closed.
For each device found by Nmap, add a device entry to the Devices Discovered list, with the following information:
-The IP address of the device
The primary server or service of the device (Note that each IP should by associated with one service/port only)
-The protocol(s) that should be disabled based on the hardening guidelines (Note that multiple ports may need to be closed to comply with the hardening guidelines)
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  1. See Explanation section for answer.

Answer(s): A

Explanation:

10.1.45.65 SFTP Server Disable 8080
10.1.45.66 Email Server Disable 415 and 443
10.1.45.67 Web Server Disable 21, 80
10.1.45.68 UTM Appliance Disable 21



A company's product site recently had failed API calls, resulting in customers being unable to check out and purchase products. This type of failure could lead to the loss of customers and damage to the company's reputation in the market.
Which of the following should the company implement to address the risk of system unavailability?

  1. User and entity behavior analytics
  2. Redundant reporting systems
  3. A self-healing system
  4. Application controls

Answer(s): C



Which of the following represents the MOST significant benefit of implementing a passwordless authentication solution?

  1. Biometric authenticators are immutable.
  2. The likelihood of account compromise is reduced.
  3. Zero trust is achieved.
  4. Privacy risks are minimized.

Answer(s): B


Reference:

https://cloudworks.no/en/5-benefits-of-passwordless-authentication/



Viewing page 24 of 159



Post your Comments and Discuss CompTIA CAS-004 exam prep with other Community members:

CAS-004 Exam Discussions & Posts