Comptia exactexam cas-004 Questions Bank by Kaleb q149 vce pdf

Page: 24 / 46

Exam Name:	CompTIA SecurityX Certification Exam
Exam Code:	CAS-004 Dumps
Vendor:	CompTIA	Certification:	CompTIA CASP
Questions:	619 Q&A's	Shared By:	kaleb

Question 96

A security engineer is assessing a legacy server and needs to determine if FTP is running and on which port The service cannot be turned off, as it would impact a critical application's ability to function. Which of the following commands would provide the information necessary to create a firewall rule to prevent that service from being exploited?

Options:

service —status-ali I grep ftpd

chkconfig --list

neestat -tulpn

systeactl list-unit-file —type service ftpd

service ftpd. status

Discussion

Question 97

An IDS was unable to detect malicious network traffic during a recent security incident, even though all traffic was being sent using HTTPS. As a result, a website used by employees was compromised. Which of the following detection mechanisms would allow the IDS to detect an attack like this one in the future?

Options:

Deobfuscation

Protocol decoding

Inspection proxy

Digital rights management

Discussion

Question 98

A company with only U S -based customers wants to allow developers from another country to work on the company's website However, the company plans to block normal internet traffic from the other country Which of the following strategies should the company use to accomplish this objective? (Select two).

Options:

Block foreign IP addresses from accessing the website

Have the developers use the company's VPN

Implement a WAP for the website

Give the developers access to a jump box on the network

Employ a reverse proxy for the developers

Use NAT to enable access for the developers

Discussion

Zayaan

Successfully aced the exam… Thanks a lot for providing amazing Exam Dumps.

Harmony Oct 9, 2025

That's fantastic! I'm glad to hear that their dumps helped you. I also used them and found it accurate.

Conor

I recently used these dumps for my exam and I must say, I was impressed with their authentic material.

Yunus Oct 23, 2025

Exactly…….The information in the dumps is so authentic and up-to-date. Plus, the questions are very similar to what you'll see on the actual exam. I felt confident going into the exam because I had studied using Cramkey Dumps.

Andrew

Are these dumps helpful?

Jeremiah Oct 2, 2025

Yes, Don’t worry!!! I'm confident you'll find them to be just as helpful as I did. Good luck with your exam!

Yusra

I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.

Alisha Oct 16, 2025

I recently used their dumps for the certification exam I took and I have to say, I was really impressed.

Rosalie

I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.

Maja Oct 23, 2025

That sounds great. I'll definitely check them out. Thanks for the suggestion!

Question 99

A development team needs terminal access to preproduction servers to verify settings and enter purchased license keys. To address the team’s needs, the security administrator implements the following requirements:

•Only trusted accounts can access the preproduction servers.

•Developers cannot access the preproduction servers directly from their workstations.

•The trusted accounts should only have access to specific preproduction servers.

Which of the following are necessary to fulfill the security requirements? (Select two).

Options:

SSL VPN

NAT gateway

Air gap

WAF

Jump box

Network ACLs