2023年最新のCAS-004問題集PDFでCAS-004リアル試験問題解答
有効なCAS-004テスト解答とCompTIA CAS-004試験PDF問題を試そう
CompTIA CASP+認定試験は、90の複数選択肢とパフォーマンスベースの問題から構成されています。試験は、ITプロフェッショナルの知識とスキルを実世界のシナリオでテストすることを目的としています。つまり、試験の問題は、ITプロフェッショナルが日々の仕事で遭遇する実際の状況に基づいています。試験は厳しい設計になっていますが、仕事に必要なスキルと知識に公正かつ関連性があります。
質問 # 67
An organization is planning for disaster recovery and continuity of operations.
INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected host.
After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.
Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
正解:
解説:
質問 # 68
A security architect is tasked with scoping a penetration test that will start next month. The architect wants to define what security controls will be impacted. Which of the following would be the BEST document to consult?
- A. Rules of engagement
- B. Master service agreement
- C. Statement of work
- D. Target audience
正解:C
解説:
The Statement of Work is a document that outlines the scope of the penetration test and defines the objectives, tools, methodology, and targets of the test. It also outlines the security controls that will be impacted by the test and what the expected outcomes are. Additionally, the Statement of Work should include any legal requirements and other considerations that should be taken into account during the penetration test.
質問 # 69
An organization mat provides a SaaS solution recently experienced an incident involving customer data loss.
The system has a level of sell-healing that includes monitoring performance and available resources. When me system detects an issue, the self-healing process is supposed to restart pans of me software.
During the incident, when me self-healing system attempted to restart the services, available disk space on the data drive to restart all the services was inadequate. The self-healing system did not detect that some services did not fully restart and declared me system as fully operational. Which of the following BEST describes me reason why the silent failure occurred?
- A. Conditional checks prior to the service restart succeeded.
- B. The number of nodes in me self-healing cluster was healthy,
- C. The disk utilization alarms are higher than what me service restarts require.
- D. The system logs rotated prematurely.
正解:A
質問 # 70
A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session:
Which of the following BEST explains why secure LDAP is not working? (Select TWO.)
- A. Secure LDAP should be running on UDP rather than TCP.
- B. The clients may not trust Chicago by default.
- C. The company is using the wrong port. It should be using port 389 for secure LDAP.
- D. Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.
- E. Secure LDAP does not support wildcard certificates.
- F. The secure LDAP service is not started, so no connections can be made.
- G. The clients may not trust idapt by default.
正解:C、F
質問 # 71
A company is preparing to deploy a global service.
Which of the following must the company do to ensure GDPR compliance? (Choose two.)
- A. Provide data deletion capabilities.
- B. Grant data access to third parties.
- C. Provide alternative authentication techniques.
- D. Inform users regarding what data is stored.
- E. Provide optional data encryption.
- F. Provide opt-in/out for marketing messages.
正解:A、D
質問 # 72
A company Is adopting a new artificial-intelligence-based analytics SaaS solution. This Is the company's first attempt at using a SaaS solution, and a security architect has been asked to determine any future risks. Which of the following would be the GREATEST risk In adopting this solution?
- A. The inability to require the service provider process data in a specific country
- B. The inability to assign access controls to comply with company policy
- C. The inability to obtain company data when migrating to another service
- D. The inability to conduct security assessments against a service provider
正解:C
質問 # 73
A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following:
The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:
Which of the following is an appropriate security control the company should implement?
- A. Restrict directory permission to read-only access.
- B. Parameterize a query in the path variable to prevent SQL injection.
- C. Separate the items in the system call to prevent command injection.
- D. Use server-side processing to avoid XSS vulnerabilities in path input.
正解:C
質問 # 74
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.
Which of the following would be the BEST option to implement?
- A. Local caching
- B. Content delivery network
- C. Distributed connection allocation
- D. SD-WAN vertical heterogeneity
正解:B
質問 # 75
An organization developed a social media application that is used by customers in multiple remote geographic locations around the world. The organization's headquarters and only datacenter are located in New York City. The Chief Information Security Officer wants to ensure the following requirements are met for the social media application:
Low latency for all mobile users to improve the users' experience
SSL offloading to improve web server performance
Protection against DoS and DDoS attacks
High availability
Which of the following should the organization implement to BEST ensure all requirements are met?
- A. Dual gigabit-speed Internet connections with managed DDoS prevention
- B. A cache server farm in its datacenter
- C. A CDN with the origin set to its datacenter
- D. A load-balanced group of reverse proxy servers with SSL acceleration
正解:D
質問 # 76
A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One Of the requirements for the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which of the following would BEST achieve this objective?
- A. Implement cloud infrastructure to proxy all user web traffic to enforce DI-P and encryption policies.
- B. Deploy endpoint agents that monitor local web traffic and control access according to centralized policy.
- C. Deploy endpoint agents that monitor local web traffic to enforce DLP and encryption policies.
- D. Implement cloud infrastructure to proxy all user web traffic and control access according to centralized policy.
正解:D
解説:
The best way to achieve the objective of discovering SaaS applications and blocking access to unapproved or identified as risky ones is to implement cloud infrastructure to proxy all user web traffic and control access according to centralized policy (C). This solution would allow the security architect to inspect all web traffic and enforce access control policies centrally. This solution also allows the security architect to detect and block risky SaaS applications.
質問 # 77
An organization decided to begin issuing corporate mobile device users microSD HSMs that must be installed in the mobile devices in order to access corporate resources remotely Which of the following features of these devices MOST likely led to this decision? (Select TWO.)
- A. Decentralized key management
- B. Support for stream ciphers
- C. TPM 2.0 attestation services
- D. Software-backed keystore
- E. Embedded cryptoprocessor
- F. Hardware-backed public key storage
正解:E、F
質問 # 78
A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One Of the requirements for the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which of the following would BEST achieve this objective?
- A. Implement cloud infrastructure to proxy all user web traffic to enforce DI-P and encryption policies.
- B. Deploy endpoint agents that monitor local web traffic and control access according to centralized policy.
- C. Deploy endpoint agents that monitor local web traffic to enforce DLP and encryption policies.
- D. Implement cloud infrastructure to proxy all user web traffic and control access according to centralized policy.
正解:D
質問 # 79
A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security.
Which of the following encryption methods should the cloud security engineer select during the implementation phase?
- A. Storage-based
- B. Array controller-based
- C. Proxy-based
- D. Instance-based
正解:D
質問 # 80
A security engineer has been asked to close all non-secure connections from the corporate network. The engineer is attempting to understand why the corporate UTM will not allow users to download email via IMAPS. The engineer formulates a theory and begins testing by creating the firewall ID 58, and users are able to download emails correctly by using IMAP instead. The network comprises three VLANs:
The security engineer looks at the UTM firewall rules and finds the following:
Which of the following should the security engineer do to ensure IMAPS functions properly on the corporate user network?
- A. Make sure the UTM certificate is imported on the corporate computers.
- B. Contact the email service provider and ask if the company IP is blocked.
- C. Create an IMAPS firewall rule to ensure email is allowed.
- D. Confirm the email server certificate is installed on the corporate computers.
正解:A
質問 # 81
A company Invested a total of $10 million lor a new storage solution Installed across live on-site datacenters.
Fitly percent of the cost of this Investment was for solid-state storage. Due to the high rate of wear on this storage, the company Is estimating that 5% will need to be replaced per year. Which of the following is the ALE due to storage replacement?
- A. $250,000
- B. $51,000,000
- C. $500.000
- D. $125,000
- E. $50,000
正解:A
質問 # 82
A company is looking to fortify its cybersecurity defenses and is focusing on its network infrastructure. The solution cannot affect the availability of the company's services to ensure false positives do not drop legitimate traffic.
Which of the following would satisfy the requirement?
- A. WAF
- B. Reverse proxy
- C. NIPS
- D. NIDS
正解:D
質問 # 83
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user's workstation:
graphic.linux_randomization.prg
Which of the following technologies would mitigate the manipulation of memory segments?
- A. DEP
- B. NX bit
- C. ASLR
- D. HSM
正解:C
解説:
Explanation
https://eklitzke.org/memory-protection-and-aslr
質問 # 84
An organization recently recovered from an attack that featured an adversary injecting Malicious logic into OS bootloaders on endpoint devices Therefore, the organization decided to require the use of TPM for measured boot and attestation, monitoring each component from the IJEFI through the full loading of OS components. of the following TPM structures enables this storage functionality?
- A. Clock/counter structures
- B. Command tag structures with MAC schemes
- C. Endorsement tickets
- D. Platform configuration registers
正解:D
解説:
TPMs provide the ability to store measurements of code and data that can be used to ensure that code and data remain unchanged over time. This is done through Platform Configuration Registers (PCRs), which are structures used to store measurements of code and data. The measurements are taken during the boot process and can be used to compare the state of the system at different times, which can be used to detect any changes to the system and verify that the system has not been tampered with.
質問 # 85
A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks.
Which of the following sources could the architect consult to address this security concern?
- A. OVAL
- B. OWASP
- C. IEEE
- D. SDLC
正解:A
質問 # 86
A threat hunting team receives a report about possible APT activity in the network.
Which of the following threat management frameworks should the team implement?
- A. NIST SP 800-53
- B. MITRE ATT&CK
- C. The Cyber Kill Chain
- D. The Diamond Model of Intrusion Analysis
正解:A
質問 # 87
A company has decided to purchase a license for software that is used to operate a mission-critical process. The third-party developer is new to the industry but is delivering what the company needs at this time.
Which of the following BEST describes the reason why utilizing a source code escrow will reduce the operational risk to the company if the third party stops supporting the application?
- A. The company will be able to manage the third-party developer's development process.
- B. The company will be paid by the third-party developer to hire a new development team.
- C. The company will be able to force the third-party developer to continue support.
- D. The company will have access to the latest version to continue development.
正解:D
質問 # 88
A security architect is reviewing the following proposed corporate firewall architecture and configuration:
Both firewalls are stateful and provide Layer 7 filtering and routing. The company has the following requirements:
Web servers must receive all updates via HTTP/S from the corporate network.
Web servers should not initiate communication with the Internet.
Web servers should only connect to preapproved corporate database servers.
Employees' computing devices should only connect to web services over ports 80 and 443.
Which of the following should the architect recommend to ensure all requirements are met in the MOST secure manner? (Choose two.)
- A. Add the following to Firewall_B: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0 TCP/UDP 0-65535
- B. Add the following to Firewall_B: 15 PERMIT FROM 0.0.0.0/0 TO 10.0.0.0/16 TCP/UDP 0-65535
- C. Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP 80,443
- D. Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP/UDP 0-65535
- E. Add the following to Firewall_B: 15 PERMIT FROM 192.168.1.0/24 TO 10.0.2.10/32 TCP 80,443
- F. Add the following to Firewall_A: 15 PERMIT FROM 192.168.1.0/24 TO 0.0.0.0 TCP 80,443
正解:B、C
質問 # 89
An organization's hunt team thinks a persistent threats exists and already has a foothold in the enterprise network.
Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?
- A. Deploy a SOAR tool.
- B. Apply new isolation and segmentation schemes.
- C. Implement decoy files on adjacent hosts.
- D. Modify user password history and length requirements.
正解:B
質問 # 90
......
CAS-004試験問題集でPDF問題とテストエンジン:https://jp.fast2test.com/CAS-004-premium-file.html
実際に出るCAS-004試験問題集には正確で更新された問題:https://drive.google.com/open?id=118JcFVpTII6VOFGwYWgFcAWJh_50_ERp