CAS-004Free trial

A security analyst discovered that the company's WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests:
(&(objectClass=)(objectClass=))(&(objectClass=void)(type=admin))
Which of the following would BEST mitigate this vulnerability?

...Show comments

—

A security consultant needs to protect a network of electrical relays that are used for monitoring and controlling the energy used in a manufacturing facility.
Which of the following systems should the consultant review before making a recommendation?

...Show comments

—

Company A acquired Company ׀’. During an audit, a security engineer found Company B's environment was inadequately patched. In response, Company A placed a firewall between the two environments until Company B's infrastructure could be integrated into Company A's security program.
Which of the following risk-handling techniques was used?

...Show comments

—

An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the organization was able to successfully apply mitigations to reduce the likelihood of impact.
Which of the following should the organization perform NEXT?

...Show comments

—

A software house is developing a new application. The application has the following requirements:
✑ Reduce the number of credential requests as much as possible
✑ Integrate with social networks
✑ Authenticate users
Which of the following is the BEST federation method to use for the application?

...Show comments

—

A company is looking for a solution to hide data stored in databases. The solution must meet the following requirements:
✑ Be efficient at protecting the production environment
✑ Not require any change to the application
✑ Act at the presentation layer
Which of the following techniques should be used?

...Show comments

—

A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence.
Which of the following offers an authoritative decision about whether the evidence was obtained legally?

...Show comments

—

Technicians have determined that the current server hardware is outdated, so they have decided to throw it out.
Prior to disposal, which of the following is the BEST method to use to ensure no data remnants can be recovered?

...Show comments

—

A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence.
Which of the following techniques would BEST support this?

...Show comments

—

A disaster recovery team learned of several mistakes that were made during the last disaster recovery parallel test. Computational resources ran out at 70% of restoration of critical services.
Which of the following should be modified to prevent the issue from reoccurring?

...Show comments

—

A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic.
When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the ׀׀¢ network?

...Show comments

—

A security administrator configured the account policies per security implementation guidelines. However, the accounts still appear to be susceptible to brute-force attacks. The following settings meet the existing compliance guidelines:
✑ Must have a minimum of 15 characters
✑ Must use one number
✑ Must use one capital letter
✑ Must not be one of the last 12 passwords used
Which of the following policies should be added to provide additional security?

...Show comments

—

A cybersecurity analyst discovered a private key that could have been exposed.
Which of the following is the BEST way for the analyst to determine if the key has been compromised?

...Show comments

—

Which of the following technologies allows CSPs to add encryption across multiple data storages?

...Show comments

—

A vulnerability scanner detected an obsolete version of an open-source file-sharing application on one of a company's Linux servers. While the software version is no longer supported by the OSS community, the company's Linux vendor backported fixes, applied them for all current vulnerabilities, and agrees to support the software in the future.
Based on this agreement, this finding is BEST categorized as a:

...Show comments

—

A company's Chief Information Security Officer is concerned that the company's proposed move to the cloud could lead to a lack of visibility into network traffic flow logs within the VPC.
Which of the following compensating controls would be BEST to implement in this situation?

...Show comments

—

A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization.

The legal department -
provided the security team with a list of search terms to investigate.
This is an example of:

...Show comments

—

Which of the following protocols is a low power, low data rate that allows for the creation of PAN networks?

...Show comments

—

An organization's assessment of a third-party, non-critical vendor reveals that the vendor does not have cybersecurity insurance and IT staff turnover is high. The organization uses the vendor to move customer office equipment from one service location to another. The vendor acquires customer data and access to the business via an API.
Given this information, which of the following is a noted risk?

...Show comments

—

A company wants to quantify and communicate the effectiveness of its security controls but must establish measures. Which of the following is MOST likely to be included in an effective assessment roadmap for these controls?

...Show comments

—

A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped.
The files were transferred via TLS-protected HTTP sessions from systems that do not send traffic to those sites.
The technician will define this threat as:

...Show comments

—

A bank is working with a security architect to find the BEST solution to detect database management system compromises. The solution should meet the following requirements:
✑ Work at the application layer
✑ Send alerts on attacks from both privileged and malicious users
✑ Have a very low false positive
Which of the following should the architect recommend?

...Show comments

—

A business wants to migrate its workloads from an exclusively on-premises IT infrastructure to the cloud but cannot implement all the required controls. Which of the following BEST describes the risk associated with this implementation?

...Show comments

—

A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One of the requirements for the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which of the following would BEST achieve this objective?

...Show comments

—

During a phishing exercise, a few privileged users ranked high on the failure list. The enterprise would like to ensure that privileged users have an extra security- monitoring control in place. Which of the following is the MOST likely solution?

...Show comments

—