Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

CAS-004Free trial

By comptia

Verified

25Q per page

Question 126

A hospitality company experienced a data breach that included customer PII. The hacker used social engineering to convince an employee to grant a third-party application access to some company documents within a cloud file storage service Which of the following is the BEST solution to help prevent this type of attack in the future?

A: NGFW for web traffic inspection and activity monitoring
B: CSPM for application configuration control
C: Targeted employee training and awareness exercises
D: CASB for OAuth application permission control

—

Question 127

A product manager at a new company needs to ensure the development team produces high-quality code on time. The manager has decided to implement an agile development approach instead of waterfall. Which of the following are reasons to choose an agile development approach? (Choose two.)

A: The product manager gives the developers more autonomy to write quality code prior to deployment.
B: An agile approach incorporates greater application security in the development process than a waterfall approach does.
C: The scope of work is expected to evolve during the lifetime of project development.
D: The product manager prefers to have code iteratively tested throughout development.
E: The product manager would like to produce code in linear phases.
F: Budgeting and creating a timeline for the entire project is often more straightforward using an agile approach rather than waterfall.

—

Question 128

An auditor needs to scan documents at rest for sensitive text. These documents contain both text and images. Which of the following software functionalities must be enabled in the DLP solution for the auditor to be able to fully read these documents? (Choose two.)

A: Document interpolation
B: Regular expression pattern matching
C: Optical character recognition functionality
D: Baseline image matching
E: Advanced rasterization
F: Watermarking

—

Question 129

A security analyst is performing a review of a web application. During testing as a standard user, the following error log appears:

Which of the following BEST describes the analyst's findings and a potential mitigation technique?

A: The findings indicate unsecure references. All potential user input needs to be properly sanitized.
B: The findings indicate unsecure protocols All cookies should be marked as HttpOnly.
C: The findings indicate information disclosure. The displayed error message should be modified.
D: The findings indicate a SQL injection. The database needs to be upgraded.

—

That’s the end of your free questions

You’ve reached the preview limit for CAS-004

Consider upgrading to gain full access!

Page 6 of 26 • Questions 126-150 of 642

←

4 5 6 7 8

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!