Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

CAS-004Free trial

By comptia

Verified

25Q per page

Question 76

A security analyst wants to keep track of all outbound web connections from workstations. The analyst's company uses an on-premises web filtering solution that forwards the outbound traffic to a perimeter firewall. When the security analyst gets the connection events from the firewall, the source IP of the outbound web traffic is the translated IP of the web filtering solution. Considering this scenario involving source NAT, which of the following would be the BEST option to inject in the HTTP header to include the real source IP from workstations?

A: X-Forwarded-Proto
B: X-Forwarded-For
C: Cache-Control
D: Strict-Transport-Security
E: Content-Security-Policy

—

Question 77

An HVAC contractor requested network connectivity permission to remotely support/troubleshoot equipment issues at a company location. Currently, the company does not have a process that allows vendors remote access to the corporate network. Which of the following solutions represents the BEST course of action to allow the contractor access?

A: Add the vendor's equipment to the existing network. Give the vendor access through the standard corporate VPN.
B: Give the vendor a standard desktop PC to attach the equipment to. Give the vendor access through the standard corporate VPN.
C: Establish a certification process for the vendor. Allow certified vendors access to the VDI to monitor and maintain the HVAC equipment.
D: Create a dedicated segment with no access to the corporate network. Implement dedicated VPN hardware for vendor access.

—

Question 78

An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors. Which of the following categories BEST describes this type of vendor risk?

A: SDLC attack
B: Side-load attack
C: Remote code signing
D: Supply chain attack

—

Question 79

A security engineer has been asked to close all non-secure connections from the corporate network. The engineer is attempting to understand why the corporate
UTM will not allow users to download email via IMAPS. The engineer formulates a theory and begins testing by creating the firewall ID 58, and users are able to download emails correctly by using IMAP instead. The network comprises three VLANs:

The security engineer looks at the UTM firewall rules and finds the following:

Which of the following should the security engineer do to ensure IMAPS functions properly on the corporate user network?

A: Contact the email service provider and ask if the company IP is blocked.
B: Confirm the email server certificate is installed on the corporate computers.
C: Make sure the UTM certificate is imported on the corporate computers.
D: Create an IMAPS firewall rule to ensure email is allowed.

—

Question 80

A company is adopting a new artificial-intelligence-based analytics SaaS solution. This is the company's first attempt at using a SaaS solution, and a security architect has been asked to determine any future risks. Which of the following would be the GREATEST risk in adopting this solution?

A: The inability to assign access controls to comply with company policy
B: The inability to require the service provider process data in a specific country
C: The inability to obtain company data when migrating to another service
D: The inability to conduct security assessments against a service provider

—

Question 81

A BIA of a popular online retailer identified several mission-essential functions that would take more than seven days to recover in the event of an outage. Which of the following should be considered when setting priorities for the restoration of these functions?

A: Supply chain issues
B: Revenue generation
C: Warm-site operations
D: Scheduled impacts to future projects

—

Question 82

A software development company makes its software version available to customers from a web portal. On several occasions, hackers were able to access the software repository to change the package that is automatically published on the website. Which of the following would be the technique to ensure the software the users download is the official software released by the company?

A: Distribute the software via a third-party repository.
B: Close the web repository and deliver the software via email.
C: Email the software link to all customers.
D: Display the SHA checksum on the website.

—

Question 83

An organization decided to begin issuing corporate mobile device users microSD HSMs that must be installed in the mobile devices in order to access corporate resources remotely. Which of the following features of these devices MOST likely led to this decision? (Choose two.)

A: Software-backed keystore
B: Embedded cryptoprocessor
C: Hardware-backed public key storage
D: Support for stream ciphers
E: Decentralized key management
F: TPM 2.0 attestation services

—

Question 84

A company recently acquired a SaaS provider and needs to integrate its platform into the company's existing infrastructure without impact to the customer's experience. The SaaS provider does not have a mature security program. A recent vulnerability scan of the SaaS provider's systems shows multiple critical vulnerabilities attributed to very old and outdated OSs. Which of the following solutions would prevent these vulnerabilities from being introduced into the company's existing infrastructure?

A: Segment the systems to reduce the attack surface if an attack occurs.
B: Migrate the services to new systems with a supported and patched OS.
C: Patch the systems to the latest versions of the existing OSs.
D: Install anti-malware, HIPS, and host-based firewalls on each of the systems.

—

Question 85

A company was recently infected by malware. During the root cause analysis, the company determined that several users were installing their own applications.
To prevent further compromises, the company has decided it will only allow authorized applications to run on its systems. Which of the following should the company implement?

A: Signing
B: Access control
C: HIPS
D: Permit listing

—

Question 86

A security analyst is reviewing the following vulnerability assessment report:

Which of the following should be patched FIRST to minimize attacks against Internet-facing hosts?

A: Server1
B: Server2
C: Server3
D: Server4

—

Question 87

An organization is researching the automation capabilities for systems within an OT network. A security analyst wants to assist with creating secure coding practices and would like to learn about the programming languages used on the PLCs. Which of the following programming languages is the MOST relevant for
PLCs?

A: Ladder logic
B: Rust
C: C
D: Python
E: Java

—

Question 88

A security analyst sees that a hacker has discovered some keys and they are being made available on a public website. The security analyst is then able to successfully decrypt that data using the keys from the website. Which of the following should the security analyst recommend to protect the affected data?

A: Key rotation
B: Key revocation
C: Key escrow
D: Zeroization
E: Cryptographic obfuscation

—

Question 89

A company would like to obfuscate PII data accessed by an application that is housed in a database to prevent unauthorized viewing. Which of the following should the company do to accomplish this goal?

A: Use cell-level encryption.
B: Mask the data.
C: Implement a DLP solution.
D: Utilize encryption at rest.

—

Question 90

A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line.
Which of the following commands would be the BEST to run to view only active Internet connections?

A: sudo netstat -antu | grep ג€LISTENג€ | awk '{print$5}'
B: sudo netstat -nlt -p | grep ג€ESTABLISHEDג€
C: sudo netstat -plntu | grep -v ג€Foreign Addressג€
D: sudo netstat -pnut -w | column -t -s $'\w'
E: sudo netstat -pnut | grep -P ^tcp

—

Question 91

A security engineer needs to implement a CASB to secure employee user web traffic. A key requirement is that the relevant event data must be collected from existing on-premises infrastructure components and consumed by the CASB to expand traffic visibility. The solution must be highly resilient to network outages.
Which of the following architectural components would BEST meet these requirements?

A: Log collection
B: Reverse proxy
C: A WAF
D: API mode

—

Question 92

A company security engineer arrives at work to face the following scenario:

Website defacement
Calls from the company president indicating the website needs to be fixed immediately because it is damaging the brand
A job offer from the company's competitor
A security analyst's investigative report, based on logs from the past six months, describing how lateral movement across the network from various IP addresses originating from a foreign adversary country resulted in exfiltrated data
Which of the following threat actors is MOST likely involved?

A: Organized crime
B: Script kiddie
C: APT/nation-state
D: Competitor

—

Question 93

A company wants to improve its active protection capabilities against unknown and zero-day malware. Which of the following is the MOST secure solution?

A: NIDS
B: Application allow list
C: Sandbox detonation
D: Endpoint log collection
E: HIDS

—

Question 94

Which of the following BEST describe the importance of maintaining chain of custody in forensic evidence collection? (Choose two.)

A: It increases the likelihood that evidence will be deemed admissible in court.
B: It authenticates personnel who come in contact with evidence after collection.
C: It ensures confidentiality and the need-to-know basis of forensically acquired evidence.
D: It attests to how recently evidence was collected by recording date/time attributes.
E: It provides automated attestation for the integrity of the collected evidence.
F: It ensures the integrity of the collected evidence.

—

Question 95

A company just released a new video card. Due to limited supply and high demand, attackers are employing automated systems to purchase the device through the company's web store so they can resell it on the secondary market. The company's intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems.
Which of the following now describes the level of risk?

A: Inherent
B: Low
C: Mitigated
D: Residual
E: Transferred

—

Question 96

A vulnerability assessment endpoint generated a report of the latest findings. A security analyst needs to review the report and create a priority list of items that must be addressed. Which of the following should the analyst use to create the list quickly?

A: Business Impact rating
B: CVE dates
C: CVSS scores
D: OVAL

—

Question 97

An organization collects personal data from its global customers. The organization determines how that data is going to be used, why it is going to be used, and how it is manipulated for business processes. Which of the following will the organization need in order to comply with GDPR? (Choose two.)

A: Data processor
B: Data custodian
C: Data owner
D: Data steward
E: Data controller
F: Data manager

—

Question 98

The Chief Executive Officer (CEO) of a small wholesaler with low margins is concerned about the use of a newly developed artificial intelligence algorithm being used in the organization's marketing tool. The tool can make automated purchasing approval decisions based on data provided by customers and collected from the Internet. Which of the following is MOST likely the concern? (Choose two.)

A: Required computing power
B: Cost to maintain
C: Customer privacy
D: Adversarial attacks
E: Information bias
F: Customer approval speed

—

Question 99

A company's finance department acquired a new payment system that exports data to an unencrypted file on the system. The company implemented controls on the file so only appropriate personnel are allowed access. Which of the following risk techniques did the department use in this situation?

A: Accept
B: Avoid
C: Transfer
D: Mitigate

—

Question 100

A security architect is given the following requirements to secure a rapidly changing enterprise with an increasingly distributed and remote workforce:
✑ Cloud-delivered services
✑ Full network security stack
✑ SaaS application security management
✑ Minimal latency for an optimal user experience
✑ Integration with the cloud IAM platform
Which of the following is the BEST solution?

A: Routing and Remote Access Service (RRAS)
B: NGFW
C: Managed Security Service Provider (MSSP)
D: SASE

—

Page 4 of 26 • Questions 76-100 of 642

←

2 3 4 5 6

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!