CAS-004 Online Practice Questions and Answers
Which of the following is a benefit of using steganalysis techniques in forensic response?
A. Breaking a symmetric cipher used in secure voice communications
B. Determining the frequency of unique attacks against DRM-protected media
C. Maintaining chain of custody for acquired evidence
D. Identifying least significant bit encoding of data in a .wav file
A network administrator receives a ticket regarding an error from a remote worker who is trying to reboot a laptop. The laptop has not yet loaded the operating system, and the user is unable to continue the boot process. The administrator is able to provide the user with a recovery PIN, and the user is able to reboot the system and access the device as needed. Which of the following is the MOST likely cause of the error?
A. Lockout of privileged access account
B. Duration of the BitLocker lockout period
C. Failure of the Kerberos time drift sync
D. Failure of TPM authentication
A company has instituted a new policy in which all outbound traffic must go over TCP ports 80 and 443 for all its managed mobile devices. No other IP traffic is allowed to be initiated from a device. Which of the following should the organization consider implementing to ensure internet access continues without interruption?
A. CYOD
B. MDM
C. WPA3
D. DoH
A company has decided that only administrators are permitted to use PowerShell on their Windows computers. Which of the following is the BEST way for an administrator to implement this decision?
A. Monitor the Application and Services Logs group within Windows Event Log.
B. Uninstall PowerShell from all workstations.
C. Configure user settings In Group Policy.
D. Provide user education and training.
E. Block PowerShell via HIDS.
A security architect recommends replacing the company's monolithic software application with a containerized solution. Historically, secrets have been stored in the application's configuration files. Which of the following changes should the security architect make in the new system?
A. Use a secrets management tool.
B. Save secrets in key escrow.
C. Store the secrets inside the Dockerfiles.
D. Run all Dockerfiles in a randomized namespace.
A security engineer performed an assessment on a recently deployed web application. The engineer was able to exfiltrate a company report by visiting the following URL:
www.intranet.abc.com/get-files.jsp?file=report.pdf
Which of the following mitigation techniques would be BEST for the security engineer to recommend?
A. Input validation
B. Firewall
C. WAF
D. DLP
A company runs a well ttended, on-premises fitness club for its employees, about 200 of them each day. Employees want to sync center's login and attendance program with their smartphones. Human resources, which manages the contract for the fitness center, has asked the security architecture to help draft security and privacy requirements.
Which of the following would BEST address these privacy concerns?
A. Use biometric authentication.
B. Utilize geolocation/geofencing.
C. Block unauthorized domain bridging.
D. Implement containerization
Within change management, winch of the following ensures functions are earned out by multiple employees?
A. Least privilege
B. Mandatory vacation
C. Separator of duties
D. Job rotation
Immediately following the report of a potential breach, a security engineer creates a forensic image of the server in question as part of the organization incident response procedure. Which of the must occur to ensure the integrity of the image?
A. The image must be password protected against changes.
B. A hash value of the image must be computed.
C. The disk containing the image must be placed in a seated container.
D. A duplicate copy of the image must be maintained
A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following.
1.
Transactions being required by unauthorized individual
2.
Complete discretion regarding client names, account numbers, and investment information.
3.
Malicious attacker using email to distribute malware and ransom ware.
4.
Exfiltration of sensitivity company information.
The cloud-based email solution will provide an6-malware, reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the board's concerns for this email migration?
A. Data loss prevention
B. Endpoint detection response
C. SSL VPN
D. Application whitelisting
A company's Chief Information Security Officer (CISO) is working with the product owners to perform a business impact assessment. The product owners provide feedback related to the critically of various business processes, personal, and technologies. Transitioning into risk assessment activities, which of the following types of information should the CISO require to determine the proper risk ranking? (Select TWO).
A. Trend analysis
B. Likelihood
C. TCO
D. Compensating controls
E. Magnitude
F. ROI
A security analyst is reviewing weekly email reports and finds an average of 1.000 emails received daily from the internal security alert email address. Which of the following should be implemented?
A. Tuning the network monitoring service
B. Separation of duties for systems administrators
C. Machine learning algorithms
D. DoS attack prevention
A company is repeatedly being breached by hackers who valid credentials. The company's Chief information Security Officer (CISO) has installed multiple controls for authenticating users, including biometric and token-based factors. Each successive control has increased overhead and complexity but has failed to stop further breaches. An external consultant is evaluating the process currently in place to support the authentication controls. Which of the following recommendation would MOST likely reduce the risk of unauthorized access?
A. Implement strict three-factor authentication.
B. Implement least privilege policies
C. Switch to one-time or all user authorizations.
D. Strengthen identify-proofing procedures
An organization is establishing a new software assurance program to vet applications before they are introduced into the production environment, Unfortunately. many Of the applications are provided only as compiled binaries. Which Of the following should the organization use to analyze these applications? (Select TWO).
A. Regression testing
B. SAST
C. Third-party dependency management
D. IDE SAST
E. Fuzz testing
F. IAST
An attack team performed a penetration test on a new smart card system. The team demonstrated that by subjecting the smart card to high temperatures, the secret key could be revealed. Which of the following side-channel attacks did the team use?
A. Differential power analysis
B. Differential fault analysis
C. Differential temperature analysis
D. Differential timing analysis
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
• 6000+ PDF and VCE exam dumps
• 6000+ Free demo downloads available
• 50+ Preparation Labs
• 20+ Representatives Providing 24/7 Support
Copyright © 2004-2024 certbus.com, All Rights Reserved.