CAS-004 Online Practice Questions and Answers

A security analyst is reviewing the following output:

Which of the following would BEST mitigate this type of attack?

A. Installing a network firewall

B. Placing a WAF inline

C. Implementing an IDS

D. Deploying a honeypot

A company is on a deadline to roll out an entire CRM platform to all users at one time. However, the company is behind schedule due to reliance on third-party vendors. Which of the following development approaches will allow the company to begin releases but also continue testing and development for future releases?

A. Implement iterative software releases

B. Revise the scope of the project to use a waterfall approach.

C. Change the scope of the project to use the spiral development methodology.

D. Perform continuous integration.

Due to budget constraints, an organization created a policy that only permits vulnerabilities rated high and critical according to CVSS to be fixed or mitigated. A security analyst notices that many vulnerabilities that were previously scored as medium are now breaching higher thresholds. Upon further investigation, the analyst notices certain ratings are not aligned with the approved system categorization.

Which of the following can the analyst do to get a better picture of the risk while adhering to the organization's policy?

A. Align the exploitability metrics to the predetermined system categorization.

B. Align the remediation levels to the predetermined system categorization.

C. Align the impact subscore requirements to the predetermined system categorization.

D. Align the attack vectors to the predetermined system categorization.

A security consultant is designing an infrastructure security solution for a client company that has provided the following requirements:

1.

Access to critical web services at the edge must be redundant and highly available.

2.

Secure access services must be resilient to a proprietary zero-day vulnerability in a single component.

3.

Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff.

Which of the following solutions BEST meets these requirements?

A. Implementation of multiple IPSec VPN solutions with diverse endpoint configurations enabling user optionality in the selection of a remote access provider.

B. Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks.

C. Two separate secure access solutions orchestrated by SOAR with components provided by the same vendor for compatibility.

D. Reverse TLS proxy configuration using OpenVPN/OpenSSL with scripted failover functionality that connects critical web services out to endpoint computers.

An organization's finance system was recently attacked. A forensic analyst is reviewing the contents of the compromised files for credit card data. Which of the following commands should

the analyst run to BEST determine whether financial data was lost?

A. Option A

B. Option B

C. Option C

D. Option D

As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents. Which of the following BEST describes this kind of risk response?

A. Risk rejection

B. Risk mitigation

C. Risk transference

D. Risk avoidance

The Chief Information Security Officer of a startup company has asked a security engineer to implement a software security program in an environment that prev that previously had little oversight.

Which of the following testing methods would be BEST for the engineer to utilize in this situation?

A. Software composition analysis

B. Code obfuscation

C. Static analysis

D. Dynamic analysis

A software company is developing an application in which data must be encrypted with a cipher that requires the following:

1.

Initialization vector

2.

Low latency

3.

Suitable for streaming

Which of the following ciphers should the company use?

A. Cipher feedback

B. Cipher block chaining message authentication code

C. Cipher block chaining

D. Electronic codebook

A company's Chief Information Security Officer is concerned that the company's proposed move to the cloud could lead to a lack of visibility into network traffic flow logs within the VPC. Which of the following compensating controls would be BEST to implement in this situation?

A. EDR

B. SIEM

C. HIDS

D. UEBA

Which of the following protocols is a low power, low data rate that allows for the creation of PAN networks?

A. Zigbee

B. CAN

C. DNP3

D. Modbus