Updated Jul-2023 Exam CAS-004 Dumps - Pass Your Certification Exam [Q20-Q35]

Updated Jul-2023 Exam CAS-004 Dumps - Pass Your Certification Exam

Latest Real CompTIA CAS-004 Exam Dumps Questions

CompTIA CAS-004 (CompTIA Advanced Security Practitioner (CASP+)) Certification Exam is a vendor-neutral industry certification that validates the advanced-level security skills and knowledge of experienced IT professionals. The exam is designed for professionals who have a minimum of ten years of experience in IT administration, including at least five years of hands-on technical security experience. The certification exam covers a wide range of security topics, including risk management, enterprise security architecture, research and collaboration, and integration of network, endpoint and cloud security.

NEW QUESTION # 20
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive.

Based on the output above, from which of the following process IDs can the analyst begin an investigation?

A. 0
B. 1
C. 2
D. 3

Answer: A

NEW QUESTION # 21
A company is looking to fortify its cybersecurity defenses and is focusing on its network infrastructure. The solution cannot affect the availability of the company's services to ensure false positives do not drop legitimate traffic.
Which of the following would satisfy the requirement?

A. Reverse proxy
B. NIDS
C. NIPS
D. WAF

Answer: B

Explanation:
Reference:
https://owasp.org/www-community/controls/Intrusion_Detection

NEW QUESTION # 22
A security analyst needs to recommend a remediation to the following threat:

Which of the following actions should the security analyst propose to prevent this successful exploitation?

A. Update the antivirus.
B. Patch the system.
C. Enable TLS 1.2.
D. Install a host-based firewall.

Answer: C

NEW QUESTION # 23
An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors. Which of the following categories BEST describes this type of vendor risk?

A. Side-load attack
B. Remote code signing
C. SDLC attack
D. Supply chain attack

Answer: D

NEW QUESTION # 24
A small company needs to reduce its operating costs. vendors have proposed solutions, which all focus on management of the company's website and services. The Chief information Security Officer (CISO) insist all available resources in the proposal must be dedicated, but managing a private cloud is not an option. Which of the following is the BEST solution for this company?

A. On-premises cloud service model
B. Multinency SaaS
C. Single-tenancy SaaS
D. Community cloud service model

Answer: D

NEW QUESTION # 25
An organization mat provides a SaaS solution recently experienced an incident involving customer data loss. The system has a level of sell-healing that includes monitoring performance and available resources. When me system detects an issue, the self-healing process is supposed to restart pans of me software.
During the incident, when me self-healing system attempted to restart the services, available disk space on the data drive to restart all the services was inadequate. The self-healing system did not detect that some services did not fully restart and declared me system as fully operational. Which of the following BEST describes me reason why the silent failure occurred?

A. The number of nodes in me self-healing cluster was healthy,
B. The disk utilization alarms are higher than what me service restarts require.
C. The system logs rotated prematurely.
D. Conditional checks prior to the service restart succeeded.

Answer: D

NEW QUESTION # 26
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.
Which of the following would be the BEST option to implement?

A. Distributed connection allocation
B. SD-WAN vertical heterogeneity
C. Content delivery network
D. Local caching

Answer: C

NEW QUESTION # 27
Leveraging cryptographic solutions to protect data that is in use ensures the data is encrypted:

A. in memory during processing
B. when it is passed across a local network.
C. by an enterprise hardware security module.
D. when it is written to a system's solid-state drive.

Answer: A

NEW QUESTION # 28
A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage.
Which of the following is a security concern that will MOST likely need to be addressed during migration?

A. Latency
B. Data dispersion
C. Data exposure
D. Data loss

Answer: A

NEW QUESTION # 29
A recent data breach revealed that a company has a number of files containing customer data across its storage environment. These files are individualized for each employee and are used in tracking various customer orders, inquiries, and issues. The files are not encrypted and can be accessed by anyone. The senior management team would like to address these issues without interrupting existing processes.
Which of the following should a security architect recommend?

A. An ERP program to identify which processes need to be tracked
B. A DLP program to identify which files have customer data and delete them
C. A CMDB to report on systems that are not configured to security baselines
D. A CRM application to consolidate the data and provision access based on the process and need

Answer: D

NEW QUESTION # 30
A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization. The legal department provided the security team with a list of search terms to investigate.
This is an example of:

A. legal hold.
B. due care.
C. e-discovery.
D. due intelligence

Answer: D

NEW QUESTION # 31
A security analyst needs to recommend a remediation to the following threat:

Which of the following actions should the security analyst propose to prevent this successful exploitation?

A. Update the antivirus.
B. Patch the system.
C. Enable TLS 1.2.
D. Install a host-based firewall.

Answer: C

NEW QUESTION # 32
A vulnerability scanner detected an obsolete version of an open-source file-sharing application on one of a company's Linux servers. While the software version is no longer supported by the OSS community, the company's Linux vendor backported fixes, applied them for all current vulnerabilities, and agrees to support the software in the future.
Based on this agreement, this finding is BEST categorized as a:

A. false positive.
B. true negative.
C. true positive.
D. false negative.

Answer: A

NEW QUESTION # 33
An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors.
Which of the following categories BEST describes this type of vendor risk?

A. Side-load attack
B. Remote code signing
C. SDLC attack
D. Supply chain attack

Answer: D

NEW QUESTION # 34
A security auditor needs to review the manner in which an entertainment device operates. The auditor is analyzing the output of a port scanning tool to determine the next steps in the security review. Given the following log output.
The best option for the auditor to use NEXT is: