A security architect is advising the application team to implement the following controls in the application before it is released:
1.
Least privilege
2.
Blocklist input validation for the following characters: \<>;, ="#+
Based on the requirements, which of the following attacks is the security architect trying to prevent?
A. XML injection
B. LDAP injection
C. CSRF
D. XSS
A company wants to use a process to embed a sign of ownership covertly inside a proprietary document without adding any identifying attributes. Which of the following would be BEST to use as part of the process to support copyright protections of the document?
A. Steganography
B. E-signature
C. Watermarking
D. Cryptography
A security analyst is using data provided from a recent penetration test to calculate CVSS scores to prioritize remediation. Which of the following metric groups would the analyst need to determine to get the overall scores? (Choose three.)
A. Temporal
B. Availability
C. Integrity
D. Confidentiality
E. Base
F. Environmental
G. Impact
H. Attack vector
During a recent security incident investigation, a security analyst mistakenly turned off the infected machine prior to consulting with a forensic analyst. Upon rebooting the machine, a malicious script that was running as a background process was no longer present. As a result, potentially useful evidence was lost. Which of the following should the security analyst have followed?
A. Order of volatility
B. Chain of custody
C. Verification
D. Secure storage
A security manager wants to transition the organization to a zero trust architecture. To meet this requirement, the security manager has instructed administrators to remove trusted zones, role-based access, and one-time authentication. Which of the following will need to be implemented to achieve this objective? (Choose three.)
A. Least privilege
B. VPN
C. Policy automation
D. PKI
E. Firewall
F. Continuous validation
G. Continuous integration
H. IaaS
A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?
A. The SD-WAN provider would not be able to handle the organization's bandwidth requirements.
B. The operating costs of the MPLS network are too high for the organization.
C. The SD-WAN provider may not be able to support the required troubleshooting and maintenance.
D. Internal IT staff will not be able to properly support remote offices after the migration.
A security architect for a manufacturing company must ensure that a new acquisition of IoT devices is securely integrated into the company's Infrastructure. The devices should not directly communicate with other endpoints on the network and must be subject to network traffic monitoring to identify anomalous traffic. Which of the following would be the BEST solution to meet these requirements?
A. Block all outbound traffic and implement an inline firewall.
B. Allow only wireless connections and proxy the traffic through a network tap.
C. Establish an air-gapped network and implement an IDS.
D. Use a separate VLAN with an ACL and implement network detection and response.
A digital forensics expert has obtained an ARM binary suspected of including malicious behavior. The expert would like to trace and analyze the ARM binary's execution. Which of the following tools would BEST support this effort?
A. objdump
B. OllyDbg
C. FTK Imager
D. Ghidra
A significant weather event caused all systems to fail over to the disaster recovery site successfully. However, successful data replication has not occurred in the last six months, which has resulted in the service being unavailable. Which of the following would BEST prevent this scenario form happening again?
A. Performing routine tabletop exercises
B. Implementing scheduled, full interruption tests
C. Backing up system log reviews
D. Performing department disaster recovery walk-throughs
A new mandate by the corporate security team requires that all endpoints must meet a security baseline before accessing the corporate network. All servers and desktop computers are scanned by the dedicated internal scanner appliance installed in each subnet. However, remote worker laptops do not access the network regularly. Which of the following is the BEST option for the security team to ensure remote worker laptops are scanned before being granted access to the corporate network?
A. Implement network access control to perform host validation of installed patches.
B. Create an 802.1X implementation with certificate-based device identification.
C. Create a vulnerability scanning subnet for remote workers to connect to on the network at headquarters.
D. Install a vulnerability scanning agent on each remote laptop to submit scan data.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.