最新の2024年11月13日試験エンジン練習問題CAS-004最新の有効問題集を提供中です [Q71-Q88]

Share

最新の2024年11月13日試験エンジン練習問題CAS-004最新の有効問題集を提供中です

試験解答はCAS-004最新版テストエンジンをタダで提供します


CASP+認定試験は、サイバーセキュリティでキャリアを促進しようとしているITの専門家にとって理想的です。 IT管​​理で最低10年の経験を持つ個人向けに設計されており、技術的セキュリティで少なくとも5年間の実践的な経験があります。この試験は、他のIT分野からサイバーセキュリティへの移行を検討しているIT専門家にも適しています。

 

質問 # 71
As part of the customer registration process to access a new bank account, customers are required to upload a number of documents, including their passports and driver's licenses. The process also requires customers to take a current photo of themselves to be compared against provided documentation.
Which of the following BEST describes this process?

  • A. Deepfake
  • B. Know your customer
  • C. Identity proofing
  • D. Passwordless

正解:C

解説:
Identity proofing is the process of verifying a user's identity: confirming that they are who they say they are. This may sound like ordinary authentication, the kind based on a username/password combination, but identity proofing actually comes into play before users get their credentials to access an application or alongside the traditional authentication process.
Identity proofing allows you to verify a user's identity based on life history (a credit report), biometrics (a facial scan), and other factors before granting them access to your system.
Of course, you can manually verify your users' identities by requiring them to provide paper documentation (a copy of their passport) or performing an interactive check via online meeting tools like Zoom. As you might expect, these time-consuming manual processes don't scale effectively, and they inevitably detract from your user experience.


質問 # 72
A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line.
Which of the following commands would be the BEST to run to view only active Internet connections?

  • A. sudo netstat -plntu | grep -v "Foreign Address"
  • B. sudo netstat -pnut -w | column -t -s $'\w'
  • C. sudo netstat -pnut | grep -P ^tcp
  • D. sudo netstat -nlt -p | grep "ESTABLISHED"
  • E. sudo netstat -antu | grep "LISTEN" | awk `{print$5}'

正解:C

解説:
It shows all connections and filtering by TCP which is the goal.


質問 # 73
A new requirement for legislators has forced a government security team to develop a validation process to verify the integrity of a downloaded file and the sender of the file Which of the following is the BEST way for the security team to comply with this requirement?

  • A. Message hash
  • B. Message authentication code
  • C. Message digest
  • D. Digital signature

正解:D

解説:
A digital signature is a cryptographic technique that allows the sender of a file to sign it with their private key and the receiver to verify it with the sender's public key. This ensures the integrity and authenticity of the file, as well as the non-repudiation of the sender. A message hash or a message digest is a one-way function that produces a fixed-length output from an input, but it does not provide any information about the sender. A message authentication code (MAC) is a symmetric-key technique that allows both the sender and the receiver to generate and verify a code using a shared secret key, but it does not provide non-repudiation. Reference: [CompTIA Advanced Security Practitioner (CASP+) Certification Exam Objectives], Domain 2: Enterprise Security Architecture, Objective 2.1: Apply cryptographic techniques


質問 # 74
Which of the following allows computation and analysis of data within a ciphertext without knowledge of the plaintext?

  • A. Homomorphic encryption
  • B. Quantum computing
  • C. Lattice-based cryptography
  • D. Asymmetric cryptography

正解:A

解説:
Reference: https://searchsecurity.techtarget.com/definition/cryptanalysis Homomorphic encryption is a type of encryption that allows computation and analysis of data within a ciphertext without knowledge of the plaintext. This means that encrypted data can be processed without being decrypted first, which enhances the security and privacy of the data. Homomorphic encryption can enable applications such as secure cloud computing, machine learning, and data analytics.References:
https://www.ibm.com/security/homomorphic-encryptionhttps://www.synopsys.com/blogs/software-security/hom


質問 # 75
The Chief Information Security Officer is concerned about the possibility of employees downloading
'malicious files from the internet and 'opening them on corporate workstations. Which of the following solutions would be BEST to reduce this risk?

  • A. Block known malware sites on the web proxy.
  • B. Integrate the web proxy with threat intelligence feeds.
  • C. Execute the files in the sandbox on the web proxy.
  • D. Scan all downloads using an antivirus engine on the web proxy.

正解:C

解説:
Explanation
Executing the files in the sandbox on the web proxy is the best solution to reduce the risk of employees downloading and opening malicious files from the internet. A sandbox is a secure and isolated environment that can run untrusted or potentially harmful code without affecting the rest of the system. By executing the files in the sandbox, the web proxy can analyze their behavior and detect any malicious activity before allowing them to reach the corporate workstations.
References: [CompTIA CASP+ Study Guide, Second Edition, page 273]


質問 # 76
A security analyst observes the following while looking through network traffic in a company's cloud log:

Which of the following steps should the security analyst take FIRST?

  • A. Access 10.0.5.52 via EDR and identify processes that have network connections.
  • B. Quarantine 10.0.5.52 and run a malware scan against the host.
  • C. Investigate web logs on 10.0.50.6 to determine if this is normal traffic.
  • D. Isolate 10.0.50.6 via security groups.

正解:C


質問 # 77
A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security.
Which of the following encryption methods should the cloud security engineer select during the implementation phase?

  • A. Storage-based
  • B. Array controller-based
  • C. Proxy-based
  • D. Instance-based

正解:D


質問 # 78
An organization recently started processing, transmitting, and storing its customers' credit card information.
Within a week of doing so, the organization suffered a massive breach that resulted in the exposure of the customers' information.
Which of the following provides the BEST guidance for protecting such information while it is at rest and in transit?

  • A. NIST
  • B. PCI DSS
  • C. GDPR
  • D. ISO

正解:B

解説:
Explanation
PCI DSS (Payment Card Industry Data Security Standard) is a standard that provides the best guidance for protecting credit card information while it is at rest and in transit. PCI DSS is a standard that defines the security requirements and best practices for organizations that process, store, or transmit credit card information, such as merchants, service providers, or acquirers. PCI DSS aims to protect the confidentiality, integrity, and availability of credit card information and prevent fraud or identity theft. NIST (National Institute of Standards and Technology) is not a standard that provides the best guidance for protecting credit card information, but an agency that develops standards, guidelines, and recommendations for various fields of science and technology, including cybersecurity. GDPR (General Data Protection Regulation) is not a standard that provides the best guidance for protecting credit card information, but a regulation that defines the data protection and privacy rights and obligations for individuals and organizations in the European Union or the European Economic Area. ISO (International Organization for Standardization) is not a standard that provides the best guidance for protecting credit card information, but an organization that develops standards for various fields of science and technology, including information security. Verified References:
https://www.comptia.org/blog/what-is-pci-dss
https://partners.comptia.org/docs/default-source/resources/casp-content-guide


質問 # 79
A company's claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee's laptop when was opened.

  • A. Implement cloud-based content filtering with sandboxing capabilities.
  • B. Install a mail gateway to scan incoming messages and strip attachments before they reach the mailbox.
  • C. Required all laptops to connect to the VPN before accessing email.
  • D. Impalement application whitelisting and add only the email client to the whitelist for laptop in the claims processing department.

正解:A


質問 # 80
A technician is reviewing the following log:

Which of the following tools should the organization implement to reduce the highest risk identified in this log?

  • A. NIPS
  • B. SIEM
  • C. NGFW
  • D. DLP

正解:D


質問 # 81
A security manager needed to protect a high-security data center, so the manager installed a mantrap that can detect an employee's heartbeat, weight, and badge.
Which of the following did the security manager implement?

  • A. A managerial control
  • B. A compensating control
  • C. A corrective control
  • D. A physical control

正解:D

解説:
A mantrap is being used to control *physical* access to the data center.


質問 # 82
A company publishes several APIs for customers and is required to use keys to segregate customer data sets.
Which of the following would be BEST to use to store customer keys?

  • A. A hardware security module
  • B. A trusted platform module
  • C. A localized key store
  • D. A public key infrastructure

正解:D

解説:
A public key infrastructure (PKI) is a system of certificates and keys that can provide encryption and authentication for APIs (application programming interfaces). A PKI can be used to store customer keys for accessing APIs and segregating customer data sets. A trusted platform module (TPM) is a hardware device that provides cryptographic functions and key storage, but it is not suitable for storing customer keys for APIs. A hardware security module (HSM) is similar to a TPM, but it is used for storing keys for applications, not for APIs. A localized key store is a software component that stores keys locally, but it is not as secure or scalable as a PKI. Verified Reference: https://www.comptia.org/blog/what-is-pki https://partners.comptia.org/docs/default-source/resources/casp-content-guide


質問 # 83
An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Which of the following is MOST likely the root cause?

  • A. The client application is configured to use AES-256 in GCM.
  • B. The client application is testing PFS.
  • C. The client application is configured to use ECDHE.
  • D. The client application is configured to use RC4.

正解:D

解説:
Reference:
The client application being configured to use RC4 is the most likely root cause of why users are unable to connect their clients to the server that prefers TLS 1.3. RC4 is an outdated and insecure symmetric-key encryption algorithm that has been deprecated and removed from TLS 1.3, which is the latest version of the protocol that provides secure communication between clients and servers. If the client application is configured to use RC4, it will not be able to negotiate a secure connection with the server that prefers TLS 1.3, resulting in an error message such as ERR_SSL_VERSION_OR_CIPHER_MISMATCH. The client application testing PFS (perfect forward secrecy) is not a likely root cause of why users are unable to connect their clients to the server that prefers TLS 1.3, as PFS is a property that ensures that session keys derived from a set of long-term keys cannot be compromised if one of them is compromised in the future. PFS is supported and recommended by TLS 1.3, which uses ephemeral Diffie-Hellman or elliptic curve Diffie-Hellman key exchange methods to achieve PFS. The client application being configured to use ECDHE (elliptic curve Diffie-Hellman ephemeral) is not a likely root cause of why users are unable to connect their clients to the server that prefers TLS 1.3, as ECDHE is a key exchange method that provides PFS and high performance by using elliptic curve cryptography to generate ephemeral keys for each session. ECDHE is supported and recommended by TLS 1.3, which uses ECDHE as the default key exchange method. The client application being configured to use AES-256 in GCM (Galois/Counter Mode) is not a likely root cause of why users are unable to connect their clients to the server that prefers TLS 1.3, as AES-256 in GCM is an encryption mode that provides confidentiality and integrity by using AES with a 256-bit key and GCM as an authenticated encryption mode. AES-256 in GCM is supported and recommended by TLS 1.3, which uses AES-256 in GCM as one of the default encryption modes. Verified Reference: https://www.comptia.org/blog/what-is-tls-13 https://partners.comptia.org/docs/default-source/resources/casp-content-guide


質問 # 84
A security architect has designated that a server segment of an enterprise network will require each server to have secure and measured boot capabilities. The architect now wishes to ensure service consumers and peers can verify the integrity of hosted services. Which of the following capabilities must the architect consider for enabling the verification?

  • A. Centralized attestation server
  • B. SIEM
  • C. vTPM
  • D. Enterprise HSM

正解:D


質問 # 85
Legal authorities notify a company that its network has been compromised for the second time in two years. The investigation shows the attackers were able to use the same vulnerability on different systems in both attacks.
Which of the following would have allowed the security team to use historical information to protect against the second attack?

  • A. Recovery point objectives
  • B. Lessons learned
  • C. Tabletop exercise
  • D. Key risk indicators

正解:B


質問 # 86
A security engineer needs to implement a CASB to secure employee user web traffic. A key requirement is that the relevant event data must be collected from existing on-premises infrastructure components and consumed by the CASB to expand traffic visibility. The solution must be highly resilient to network outages.
Which of the following architectural components would BEST meet these requirements?

  • A. Reverse proxy
  • B. API mode
  • C. AWAF
  • D. Log collection

正解:D

解説:
The architectural component that would best meet these requirements is log collection. A log collection system can gather event data from various on-premises infrastructure components and send it to the CASB for analysis and visibility. A log collection system can also be designed to be highly resilient to network outages, ensuring that data is collected and sent to the CASB even in the event of an outage.


質問 # 87
An organization is running its e-commerce site in the cloud. The capacity is sufficient to meet the organization's needs throughout most of the year, except during the holidays when the organization plans to introduce a new line of products and expects an increase in traffic. The organization is not sure how well its products will be received. To address this issue, the organization needs to ensure that:
* System capacity is optimized.
* Cost is reduced.
Which of the following should be implemented to address these requirements? (Select TWO).

  • A. Microsegmentation
  • B. Load balancer
  • C. Autoscaling
  • D. WAF
  • E. CDN
  • F. Containerization

正解:B、C

解説:
Load balancer and autoscaling are the solutions that should be implemented to address the requirements of optimizing system capacity and reducing cost for an e-commerce site in the cloud. A load balancer is a device or service that distributes incoming network traffic across multiple servers or instances based on various criteria, such as availability, performance, or location. A load balancer can improve system capacity by balancing the workload and preventing overloading or underutilization of resources. Autoscaling is a feature that allows cloud services to automatically adjust the number of servers or instances based on the demand or predefined rules. Autoscaling can reduce cost by scaling up or down the resources as needed, avoiding unnecessary expenses or wastage.
References: [CompTIA CASP+ Study Guide, Second Edition, pages 406-407 and 410]


質問 # 88
......


CompTIA CAS-004、またはCompTIA Advanced Security Practitioner(CASP +)試験は、サイバーセキュリティに高度な知識とスキルを持つITプロフェッショナル向けの認定試験です。これは、複雑な企業環境においてセキュアなソリューションを構想、設計、エンジニアリングするために必要な技術的な知識と専門知識を検証する、国際的に認められた認定資格です。

 

CAS-004試験問題集で無料サンプルは365日更新されます:https://jp.fast2test.com/CAS-004-premium-file.html

合格させるCAS-004試験問題と最新のCAS-004テスト問題集PDF:https://drive.google.com/open?id=118JcFVpTII6VOFGwYWgFcAWJh_50_ERp


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어