Instant Access CompTIA.CAS-004.v2022-09-24.q81 Actual Practice Test Engine for Free (Page 4)

40%off

CAS-004 Premium Dumps

Latest CAS-004 Exam Premium Dumps provide by TrainingQuiz.com to help you Passing CAS-004 Exam! TrainingQuiz.com offers the updated CAS-004 exam dumps, the TrainingQuiz.com CAS-004 exam questions has been updated to correct Answer. Get the latest TrainingQuiz.com CAS-004 pdf dumps with Exam Engine here:

(620 Q&As Dumps, 40%OFF Special Discount: DumpsDB)

Question 11

An organization's existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently, the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.
Which of the following designs would be BEST for the CISO to use?

A.Transitioning to a container-based architecture for site-based services
B.Distributing security resources across VPN sites
C.Implementing IDS services with each VPN concentrator
D.Using Base64 encoding within the existing site-to-site VPN connections
E.Adding a second redundant layer of alternate vendor VPN concentrators

Question 12

Which of the following technologies allows CSPs to add encryption across multiple data storages?

A.Symmetric encryption
B.Data dispersion
C.Homomorphic encryption
D.Bit splitting

Question 13

While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?

A.Request that the affected servers be restored immediately.
B.Pay the ransom within 48 hours.
C.Notify law enforcement.
D.Isolate the servers to prevent the spread.

Question 14

A threat analyst notices the following URL while going through the HTTP logs.

Which of the following attack types is the threat analyst seeing?

A.SQL injection
B.CSRF
C.XSS
D.Session hijacking

Question 15

A recent data breach revealed that a company has a number of files containing customer data across its storage environment. These files are individualized for each employee and are used in tracking various customer orders, inquiries, and issues. The files are not encrypted and can be accessed by anyone. The senior management team would like to address these issues without interrupting existing processes.
Which of the following should a security architect recommend?

A.A DLP program to identify which files have customer data and delete them
B.A CRM application to consolidate the data and provision access based on the process and need
C.A CMDB to report on systems that are not configured to security baselines
D.An ERP program to identify which processes need to be tracked