Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-004

Free CompTIA CAS-004 Exam Questions (page: 28)

Page 28 of 159
PDF with 645 Questions

A security analyst detected a malicious PowerShell attack on a single server. The malware used the Invoke-Expression function to execute an external malicious script. The security analyst scanned the disk with an antivirus application and did not find any IOCs. The security analyst now needs to deploy a protection solution against this type of malware.
Which of the following BEST describes the type of malware the solution should protect against?

  1. Worm
  2. Logic bomb
  3. Fileless
  4. Rootkit

Answer(s): C



A development team created a mobile application that contacts a company's back-end APIs housed in a PaaS environment. The APIs have been experiencing high processor utilization due to scraping activities. The security engineer needs to recommend a solution that will prevent and remedy the behavior.
Which of the following would BEST safeguard the APIs? (Choose two.)

  1. Bot protection
  2. OAuth 2.0
  3. Input validation
  4. Autoscaling endpoints
  5. Rate limiting
  6. CSRF protection

Answer(s): A,E


Reference:

https://stackoverflow.com/questions/3161548/how-do-i-prevent-site-scraping



An organization's existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently, the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.
Which of the following designs would be BEST for the CISO to use?

  1. Adding a second redundant layer of alternate vendor VPN concentrators
  2. Using Base64 encoding within the existing site-to-site VPN connections
  3. Distributing security resources across VPN sites
  4. Implementing IDS services with each VPN concentrator
  5. Transitioning to a container-based architecture for site-based services

Answer(s): A



A local government that is investigating a data exfiltration claim was asked to review the fingerprint of the malicious user's actions. An investigator took a forensic image of the VM and downloaded the image to a secured USB drive to share with the government.
Which of the following should be taken into consideration during the process of releasing the drive to the government?

  1. Encryption in transit
  2. Legal issues
  3. Chain of custody
  4. Order of volatility
  5. Key exchange

Answer(s): C



Viewing page 28 of 159



Post your Comments and Discuss CompTIA CAS-004 exam prep with other Community members:

CAS-004 Exam Discussions & Posts