Comptia edusum comptia Casp Changed Cas-004 Questions by Madina q224 vce pdf

Page: 22 / 42

Exam Name:	CompTIA SecurityX Certification Exam
Exam Code:	CAS-004 Dumps
Vendor:	CompTIA	Certification:	CompTIA CASP
Questions:	564 Q&A's	Shared By:	madina

Question 88

The IT team suggests the company would save money by using self-signed certificates, but the security team indicates the company must use digitally signed third-party certificates. Which of the following is a valid reason to pursue the security team's recommendation?

Options:

PKCS #10 is still preferred over PKCS #12.

Private-key CSR signage prevents on-path interception.

There is more control in using a local certificate over a third-party certificate.

There is minimal benefit in using a certificate revocation list.

Discussion

Question 89

In order to save money, a company has moved its data to the cloud with a low-cost provider. The company did not perform a security review prior to the move; however, the company requires all of its data to be stored within the country where the headquarters is located. A new employee on the security team has been asked to evaluate the current provider against the most important requirements. The current cloud provider that the company is using offers:

• Only multitenant cloud hosting

• Minimal physical security

• Few access controls

• No access to the data center

The following information has been uncovered:

• The company is located in a known floodplain, which flooded last year.

• Government regulations require data to be stored within the country.

Which of the following should be addressed first?

Options:

Update the disaster recovery plan to account for natural disasters.

Establish a new memorandum of understanding with the cloud provider.

Establish a new service-level agreement with the cloud provider.

Provision services according to the appropriate legal requirements.

Discussion

Cecilia

Yes, I passed my certification exam using Cramkey Dumps.

Helena Sep 19, 2024

Great. Yes they are really effective

Melody

My experience with Cramkey was great! I was surprised to see that many of the questions in my exam appeared in the Cramkey dumps.

Colby Aug 17, 2024

Yes, In fact, I got a score of above 85%. And I attribute a lot of my success to Cramkey's dumps.

Ernest

That's amazing. I think I'm going to give Cramkey Dumps a try for my next exam. Thanks for telling me about them! CramKey admin please share more questions……You guys are amazing.

Nate Sep 15, 2024

I failed last week, I never know this site , but amazed to see all these questions were in my exam week before. I feel bad now, why I didn’t bother this site. Thanks Cramkey, Excellent Job.

Yusra

I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.

Alisha Aug 29, 2024

I recently used their dumps for the certification exam I took and I have to say, I was really impressed.

Anya

I must say they're considered the best dumps available and the questions are very similar to what you'll see in the actual exam. Recommended!!!

Cassius Nov 2, 2024

Yes, they offer a 100% success guarantee. And many students who have used them have reported passing their exams with flying colors.

Question 90

A security engineer investigates an incident and determines that a rogue device is on the network. Further investigation finds that an employee's personal device has been set up to access company resources and does not comply with standard security controls. Which of the following should the security engineer recommend to reduce the risk of future reoccurrence?

Options:

Require device certificates to access company resources.

Enable MFA at the organization's SSO portal.

Encrypt all workstation hard drives.

Hide the company wireless SSID.

Discussion

Question 91

A security architect is reviewing the following organizational specifications for a new application:

• Be sessionless and API-based

• Accept uploaded documents with Pll, so all storage must be ephemeral

• Be able to scale on-demand across multiple nodes

• Restrict all network access except for the TLS port

Which of the following ways should the architect recommend the application be deployed in order to meet security and organizational infrastructure requirements?

Options:

Utilizing the cloud container service

On server instances with autoscaling groups

Using scripted delivery

With a content delivery network