CompTIA CompTIA Certifications CAS-004 Questions & Answers

• Question 231:

  A security administrator has been tasked with hardening a domain controller against lateral movement attacks. Below is an output of running services:

  

  Which of the following configuration changes must be made to complete this task?

  A. Stop the Print Spooler service and set the startup type to disabled.

  B. Stop the DNS Server service and set the startup type to disabled.

  C. Stop the Active Directory Web Services service and set the startup type to disabled.

  D. Stop Credential Manager service and leave the startup type to disabled.

  Correct Answer: A

• Question 232:

  Which of the following describes the system responsible for storing private encryption/decryption files with a third party to ensure these files are stored safely?

  A. Key escrow

  B. TPM

  C. Trust models

  D. Code signing

  Correct Answer: A

• Question 233:

  Which of the following is MOST commonly found in a network SLA contract?

  A. Price for extra services

  B. Performance metrics

  C. Service provider responsibility only

  D. Limitation of liability

  E. Confidentiality and non-disclosure

  Correct Answer: B

• Question 234:

  An investigator is attempting to determine if recent data breaches may be due to issues with a company's web server that offers news subscription services. The investigator has gathered the following data:

  1.

  Clients successfully establish TLS connections to web services provided by the server.

  2.

  After establishing the connections, most client connections are renegotiated.

  3.

  The renegotiated sessions use cipher suite TLS_RSA_WITH_NULL_SHA. Which of the following is the MOST likely root cause?

  A. The clients disallow the use of modem cipher suites.

  B. The web server is misconfigured to support HTTP/1.1

  C. A ransomware payload dropper has been installed.

  D. An entity is performing downgrade attacks on path.

  Correct Answer: D

• Question 235:

  An executive has decided to move a company's customer-facing application to the cloud after experiencing a lengthy power outage at a locally managed service provider's data center. The executive would like a solution that can be implemented as soon as possible. Which of the following will BEST prevent similar issues when the service is running in the cloud? (Choose two.)

  A. Placing the application instances in different availability zones

  B. Restoring the snapshot and starting the new application instance from a different zone

  C. Enabling autoscaling based on application instance usage

  D. Having several application instances running in different VPCs

  E. Using the combination of block storage and multiple CDNs in each application instance

  F. Setting up application instances in multiple regions

  Correct Answer: AF

• Question 236:

  A security researcher has been given an executable that was captured by a honeypot. Which of the following should the security researcher implement to test the executable?

  A. OSINT

  B. SAST

  C. DAST

  D. OWASP

  Correct Answer: C

• Question 237:

  In comparison to other types of alternative processing sites that may be invoked as a part of disaster recovery, cold sites are different because they:

  A. have basic utility coverage, including power and water.

  B. provide workstations and read-only domain controllers.

  C. are generally the least costly to sustain.

  D. are the quickest way to restore business.

  E. are geographically separated from the company's primary facilities.

  Correct Answer: C

• Question 238:

  A product manager at a new company needs to ensure the development team produces high-quality code on time. The manager has decided to implement an agile development approach instead of waterfall. Which of the following are reasons to choose an agile development approach? (Choose two.)

  A. The product manager gives the developers more autonomy to write quality code prior to deployment.

  B. An agile approach incorporates greater application security in the development process than a waterfall approach does.

  C. The scope of work is expected to evolve during the lifetime of project development.

  D. The product manager prefers to have code iteratively tested throughout development.

  E. The product manager would like to produce code in linear phases.

  F. Budgeting and creating a timeline for the entire project is often more straightforward using an agile approach rather than waterfall.

  Correct Answer: CD

• Question 239:

  A security analyst is performing a review of a web application. During testing as a standard user, the following error log appears:

  

  Which of the following BEST describes the analyst's findings and a potential mitigation technique?

  A. The findings indicate unsecure references. All potential user input needs to be properly sanitized.

  B. The findings indicate unsecure protocols All cookies should be marked as HttpOnly.

  C. The findings indicate information disclosure. The displayed error message should be modified.

  D. The findings indicate a SQL injection. The database needs to be upgraded.

  Correct Answer: C

• Question 240:

  A hospitality company experienced a data breach that included customer PII. The hacker used social engineering to convince an employee to grant a third-party application access to some company documents within a cloud file storage service Which of the following is the BEST solution to help prevent this type of attack in the future?

  A. NGFW for web traffic inspection and activity monitoring

  B. CSPM for application configuration control

  C. Targeted employee training and awareness exercises

  D. CASB for OAuth application permission control

  Correct Answer: C