CompTIA CAS-004問題集で必ず試験合格させる [Q102-Q127]

Share

CompTIA CAS-004問題集で必ず試験合格させる

CAS-004試験問題(更新されたのは2023年)100%リアル問題解答

質問 # 102

An organization is planning for disaster recovery and continuity of operations.
INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected host.
After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.
Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simul-ation, please click the Reset All button.

正解:

解説:


質問 # 103
A company processes data subject to NDAs with partners that define the processing and storage constraints for the covered dat a. The agreements currently do not permit moving the covered data to the cloud, and the company would like to renegotiate the terms of the agreements.
Which of the following would MOST likely help the company gain consensus to move the data to the cloud?

  • A. Purchasing managed FIM services to alert on detected modifications to covered data
  • B. Designing data protection schemes to mitigate the risk of loss due to multitenancy
  • C. Implementing redundant stores and services across diverse CSPs for high availability
  • D. Emulating OS and hardware architectures to blur operations from CSP view

正解:B


質問 # 104
Which of the following allows computation and analysis of data within a ciphertext without knowledge of the plaintext?

  • A. Lattice-based cryptography
  • B. Homomorphic encryption
  • C. Quantum computing
  • D. Asymmetric cryptography

正解:B


質問 # 105
A shipping company that is trying to eliminate entire classes of threats is developing an SELinux policy to ensure its custom Android devices are used exclusively for package tracking.
After compiling and implementing the policy, in which of the following modes must the company ensure the devices are configured to run?

  • A. Permissive
  • B. Mandatory
  • C. Enforcing
  • D. Protecting

正解:A


質問 # 106
A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization.
Which of the following should be the analyst's FIRST action?

  • A. Create a full inventory of information and data assets.
  • B. Perform a full system penetration test to determine the vulnerabilities.
  • C. Determine which security compliance standards should be followed.
  • D. Ascertain the impact of an attack on the availability of crucial resources.

正解:C


質問 # 107
An organization is implementing a new identity and access management architecture with the following objectives:
Supporting MFA against on-premises infrastructure
Improving the user experience by integrating with SaaS applications
Applying risk-based policies based on location
Performing just-in-time provisioning
Which of the following authentication protocols should the organization implement to support these requirements?

  • A. OAuth and OpenID
  • B. SAML and RADIUS
  • C. OTP and 802.1X
  • D. Kerberos and TACACS

正解:D


質問 # 108
A company publishes several APIs for customers and is required to use keys to segregate customer data sets.
Which of the following would be BEST to use to store customer keys?

  • A. A hardware security module
  • B. A localized key store
  • C. A trusted platform module
  • D. A public key infrastructure

正解:A


質問 # 109
An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports.
Which of the following historian server locations will allow the business to get the required reports in an and IT environment?

  • A. Use a screened subnet between the and IT environments.
  • B. In the IT environment, allow PLCs to send data from the environment to the IT environment.
  • C. In the environment, allow IT traffic into the environment.
  • D. In the environment, use a VPN from the IT environment into the environment.

正解:B


質問 # 110
A company's finance department acquired a new payment system that exports data to an unencrypted file on the system. The company implemented controls on the file so only appropriate personnel are allowed access.
Which of the following risk techniques did the department use in this situation?

  • A. Avoid
  • B. Transfer
  • C. Mitigate
  • D. Accept

正解:C


質問 # 111
A company is migrating from company-owned phones to a BYOD strategy for mobile devices. The pilot program will start with the executive management team and be rolled out to the rest of the staff in phases. The company's Chief Financial Officer loses a phone multiple times a year.
Which of the following will MOST likely secure the data on the lost device?

  • A. Require MFA to access company applications.
  • B. Set up different profiles based on the person's risk.
  • C. Require a VPN to be active to access company data.
  • D. Remotely wipe the device.

正解:D


質問 # 112
A security analyst notices a number of SIEM events that show the following activity:

Which of the following response actions should the analyst take FIRST?

  • A. Configure the forward proxy to block 40.90.23.154.
  • B. Disable powershell.exe on all Microsoft Windows endpoints.
  • C. Restart Microsoft Windows Defender.
  • D. Disable local administrator privileges on the endpoints.

正解:A


質問 # 113
A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server. To further investigate, the analyst pulls the event logs directly from /var/log/auth.log: graphic.ssh_auth_log.
Which of the following actions would BEST address the potential risks by the activity in the logs?

  • A. Alerting the misconfigured service account password
  • B. Modifying the AllowUsers configuration directive
  • C. Restricting external port 22 access
  • D. Implementing host-key preferences

正解:C


質問 # 114
A security analyst is reading the results of a successful exploit that was recently conducted by third-party penetration testers. The testers reverse engineered a privileged executable. In the report, the planning and execution of the exploit is detailed using logs and outputs from the test However, the attack vector of the exploit is missing, making it harder to recommend remediation's. Given the following output:

The penetration testers MOST likely took advantage of:

  • A. A buffer overflow vulnerability
  • B. A plain-text password disclosure
  • C. An integer overflow vulnerability
  • D. A TOC/TOU vulnerability

正解:D


質問 # 115
A large number of emails have been reported, and a security analyst is reviewing the following information from the emails:

As part of the image process, which of the following is the FIRST step the analyst should take?

  • A. Compare the 'Return-Path" and "Received" fields.
  • B. Block the email address carl b@comptia1 com, as it is sending spam to subject matter experts
  • C. Validate the final "Received" header against the DNS entry of the domain.
  • D. Ignore the emails, as SPF validation is successful, and it is a false positive

正解:A


質問 # 116
A company's employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email traveling . Which of the following is the MOST likely explanation?
(Select TWO.)

  • A. Disabled GPS on mobile devices
  • B. Chief use of UDP protocols
  • C. VPN on the mobile device
  • D. Privilege escalation attack
  • E. Outdated escalation attack
  • F. Unrestricted email administrator accounts

正解:A、C


質問 # 117
A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:
Unauthorized insertions into application development environments
Authorized insiders making unauthorized changes to environment configurations Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)

  • A. Install an IDS on the development subnet and passively monitor for vulnerable services.
  • B. Monitor dependency management tools and report on susceptible third-party libraries.
  • C. Model user behavior and monitor for deviations from normal.
  • D. Implement an XML gateway and monitor for policy violations.
  • E. Perform static code analysis of committed code and generate summary reports.
  • F. Continuously monitor code commits to repositories and generate summary logs.

正解:E、F


質問 # 118
An organization developed a social media application that is used by customers in multiple remote geographic locations around the world. The organization's headquarters and only datacenter are located in New York City. The Chief Information Security Officer wants to ensure the following requirements are met for the social media application:
Low latency for all mobile users to improve the users' experience
SSL offloading to improve web server performance
Protection against DoS and DDoS attacks
High availability
Which of the following should the organization implement to BEST ensure all requirements are met?

  • A. A CDN with the origin set to its datacenter
  • B. A cache server farm in its datacenter
  • C. Dual gigabit-speed Internet connections with managed DDoS prevention
  • D. A load-balanced group of reverse proxy servers with SSL acceleration

正解:D


質問 # 119
A security architect works for a manufacturing organization that has many different branch offices. The architect is looking for a way to reduce traffic and ensure the branch offices receive the latest copy of revoked certificates issued by the CA at the organization's headquarters location. The solution must also have the lowest power requirement on the CA.
Which of the following is the BEST solution?

  • A. Deploy an RA on each branch office.
  • B. Send the new CRLs by using GPO.
  • C. Use Delta CRLs at the branches.
  • D. Configure clients to use OCSP.

正解:D


質問 # 120
An analyst execute a vulnerability scan against an internet-facing DNS server and receives the following report:

Which of the following tools should the analyst use FIRST to validate the most critical vulnerability?

  • A. Exploitation framework
  • B. Port scanner
  • C. Account enumerator
  • D. Password cracker

正解:D


質問 # 121
A company just released a new video card. Due to limited supply and high demand, attackers are employing automated systems to purchase the device through the company's web store so they can resell it on the secondary market. The company's intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems. Which of the following now describes the level of risk?

  • A. Residual.
  • B. Inherent
  • C. Transferred
  • D. Mitigated
  • E. Low

正解:A


質問 # 122
A security analyst is researching containerization concepts for an organization. The analyst is concerned about potential resource exhaustion scenarios on the Docker host due to a single application that is overconsuming available resources.
Which of the following core Linux concepts BEST reflects the ability to limit resource allocation to containers?

  • A. Linux namespaces
  • B. Cgroups
  • C. Union filesystem overlay
  • D. Device mapper

正解:A


質問 # 123
An administrator at a software development company would like to protect the integrity Of the company's applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however, is working properly on the website, is valid, and is issued by a trusted CA. Which of the following is MOST likely the cause of the signature failing?

  • A. The CA has included the certificate in its CRL_
  • B. Each application is missing a SAN or wildcard entry on the certificate.
  • C. The NTP server is set incorrectly for the developers.
  • D. The certificate is set for the wrong key usage.

正解:D

解説:
Explanation
Digital signatures require the use of a cryptographic key pair, which consists of a private key used to sign the application and a public key used to verify the signature. If the certificate used for signing the application is set for the wrong key usage, then the signature will fail. This can happen if the certificate is set for encrypting data instead of signing data, or if the certificate is set for the wrong algorithm, such as using an RSA key for an ECDSA signature.


質問 # 124
An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following:
Unstructured data being exfiltrated after an employee leaves the organization Data being exfiltrated as a result of compromised credentials Sensitive information in emails being exfiltrated Which of the following solutions should the security team implement to mitigate the risk of data loss?

  • A. Certificates, DLP, and geofencing
  • B. Conditional access, DoH, and full disk encryption
  • C. Mobile device management, remote wipe, and data loss detection
  • D. Mobile application management, MFA, and DRM

正解:C


質問 # 125
A company's SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign.
Which of the following should the company use to make this determination?

  • A. The Cyber Kill Chain
  • B. A system penetration test
  • C. Threat hunting
  • D. Log analysis within the SIEM tool

正解:C


質問 # 126
Immediately following the report of a potential breach, a security engineer creates a forensic image of the server in question as part of the organization incident response procedure. Which of the must occur to ensure the integrity of the image?

  • A. The disk containing the image must be placed in a seated container.
  • B. A hash value of the image must be computed.
  • C. The image must be password protected against changes.
  • D. A duplicate copy of the image must be maintained

正解:B


質問 # 127
......


CompTIA Advanced Security Practitioner (CASP+) は、IT 業界での高度なセキュリティ技術と知識を検証する認定試験です。この認定は、情報セキュリティ分野でキャリアを進めたい経験豊富な IT プロフェッショナルを対象に設計されています。試験はベンダー中立であり、候補者は様々な技術とプラットフォームにわたるスキルを示すことができます。

 

合格させるCompTIA CAS-004試験最速合格にはFast2test:https://jp.fast2test.com/CAS-004-premium-file.html

準備CAS-004問題解答でCAS-004試験問題集:https://drive.google.com/open?id=118JcFVpTII6VOFGwYWgFcAWJh_50_ERp


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어