Instant Access CompTIA.CAS-004.v2023-06-15.q131 Actual Practice Test Engine for Free (Page 19)

40%off

CAS-004 Premium Dumps

Latest CAS-004 Exam Premium Dumps provide by TrainingQuiz.com to help you Passing CAS-004 Exam! TrainingQuiz.com offers the updated CAS-004 exam dumps, the TrainingQuiz.com CAS-004 exam questions has been updated to correct Answer. Get the latest TrainingQuiz.com CAS-004 pdf dumps with Exam Engine here:

(620 Q&As Dumps, 40%OFF Special Discount: DumpsDB)

Question 86

An organization is planning for disaster recovery and continuity of operations.
INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected host.
After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.
Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Question 87

A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the company is concerned about HTTPS interception attacks.
Which of the following would be the BEST solution against this type of attack?

A.Cookies
B.Wildcard certificates
C.Certificate pinning
D.HSTS

Question 88

A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect toauthorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.
Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?

A.NAC to control authorized endpoints
B.FIM on the servers storing the data
C.A jump box in the screened subnet
D.A general VPN solution to the primary network

Question 89

A security engineer is hardening a company's multihomed SFTP server. When scanning a public-facing network interface, the engineer finds the following ports are open:
22
25
110
137
138
139
445
Internal Windows clients are used to transferring files to the server to stage them for customer download as part of the company's distribution process.
Which of the following would be the BEST solution to harden the system?

A.Close ports 25 and 110. Bind ports 137, 138, 139, and 445 to only the internal interface.
B.Close ports 110, 138, and 139. Bind ports 22, 25, and 137 to only the internal interface.
C.Close ports 22, 137, and 138. Bind ports 110 and 445 to only the internal interface.
D.Close ports 22 and 139. Bind ports 137, 138, and 445 to only the internal interface.

Question 90

A vulnerability scanner detected an obsolete version of an open-source file-sharing application on one of a company's Linux servers. While the software version is no longer supported by the OSS community, the company's Linux vendor backported fixes, applied them for all current vulnerabilities, and agrees to support the software in the future.
Based on this agreement, this finding is BEST categorized as a:

A.true positive.
B.true negative.
C.false positive.
D.false negative.