Comptia dumpskey helping Hand Questions For Cas-004 by Gideon q199 vce pdf

Page: 20 / 42

Exam Name:	CompTIA SecurityX Certification Exam
Exam Code:	CAS-004 Dumps
Vendor:	CompTIA	Certification:	CompTIA CASP
Questions:	571 Q&A's	Shared By:	gideon

Question 80

A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.

Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?

Options:

NAC to control authorized endpoints

FIM on the servers storing the data

A jump box in the screened subnet

A general VPN solution to the primary network

Discussion

Addison

Want to tell everybody through this platform that I passed my exam with excellent score. All credit goes to Cramkey Exam Dumps.

Libby Aug 9, 2024

That's good to know. I might check it out for my next IT certification exam. Thanks for the info.

Hassan

Highly Recommended Dumps… today I passed my exam! Same questions appear. I bought Full Access.

Kasper Oct 20, 2024

Hey wonderful….so same questions , sounds good. Planning to write this week, I will go for full access today.

Wyatt

Passed my exam… Thank you so much for your excellent Exam Dumps.

Arjun Sep 18, 2024

That sounds really useful. I'll definitely check it out.

Josie

I just passed my certification exam using their dumps and I must say, I was thoroughly impressed.

Fatimah Oct 24, 2024

You’re right. The dumps were authentic and covered all the important topics. I felt confident going into the exam and it paid off.

Melody

My experience with Cramkey was great! I was surprised to see that many of the questions in my exam appeared in the Cramkey dumps.

Colby Aug 17, 2024

Yes, In fact, I got a score of above 85%. And I attribute a lot of my success to Cramkey's dumps.

Question 81

Users are reporting intermittent access issues with & new cloud application that was recently added to the network. Upon investigation, he scary administrator notices the human resources department Is able to run required queries with the new application, but the marketing department is unable to pull any needed reports on various resources using the new application. Which of the following MOST likely needs to be done to avoid this in the future?

Options:

Modify the ACLs.

Review the Active Directory.

Update the marketing department's browser.

Reconfigure the WAF.

Discussion

Question 82

A recent data breach revealed that a company has a number of files containing customer data across its storage environment. These files are individualized for each employee and are used in tracking variouscustomer orders, inquiries, and issues. The files are not encrypted and can be accessed by anyone. The senior management team would like to address these issues without interrupting existing processes.

Which of the following should a security architect recommend?

Options:

A DLP program to identify which files have customer data and delete them

An ERP program to identify which processes need to be tracked

A CMDB to report on systems that are not configured to security baselines

A CRM application to consolidate the data and provision access based on the process and need

Discussion

Question 83

A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following.

* Transactions being required by unauthorized individual

* Complete discretion regarding client names, account numbers, and investment information.

* Malicious attacker using email to distribute malware and ransom ware.

* Exfiltration of sensitivity company information.

The cloud-based email solution will provide an6-malware, reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the board’s concerns for this email migration?

Options:

Data loss prevention

Endpoint detection response

SSL VPN

Application whitelisting