Comptia passguide comptia Casp Cas-004 Passing Score by Aubree q224 vce pdf

Page: 11 / 42

Exam Name:	CompTIA SecurityX Certification Exam
Exam Code:	CAS-004 Dumps
Vendor:	CompTIA	Certification:	CompTIA CASP
Questions:	571 Q&A's	Shared By:	aubree

Question 44

A recent data breach stemmed from unauthorized access to an employee’s company account with a cloud-based productivity suite. The attacker exploited excessive permissions granted to a third-party OAuth application to collect sensitive information.

Which of the following BEST mitigates inappropriate access and permissions issues?

Options:

SIEM

CASB

WAF

SOAR

Discussion

Question 45

A financial institution has several that currently employ the following controls:

* The severs follow a monthly patching cycle.

* All changes must go through a change management process.

* Developers and systems administrators must log into a jumpbox to access the servers hosting the data using two-factor authentication.

* The servers are on an isolated VLAN and cannot be directly accessed from the internal production network.

An outage recently occurred and lasted several days due to an upgrade that circumvented the approval process. Once the security team discovered an unauthorized patch was installed, they were able to resume operations within an hour. Which of the following should the security administrator recommend to reduce the time to resolution if a similar incident occurs in the future?

Options:

Require more than one approver for all change management requests.

Implement file integrity monitoring with automated alerts on the servers.

Disable automatic patch update capabilities on the servers

Enhanced audit logging on the jump servers and ship the logs to the SIEM.

Discussion

Question 46

A security operations center analyst is investigating anomalous activity between a database server and an unknown external IP address and gathered the following data:

• dbadmin last logged in at 7:30 a.m. and logged out at 8:05 a.m.

• A persistent TCP/6667 connection to the external address was established at 7:55 a.m. The connection is still active.

• Other than bytes transferred to keep the connection alive, only a few kilobytes of data transfer every hour since the start of the connection.

• A sample outbound request payload from PCAP showed the ASCII content: "JOIN #community".

Which of the following is the MOST likely root cause?

Options:

A SQL injection was used to exfiltrate data from the database server.

The system has been hijacked for cryptocurrency mining.

A botnet Trojan is installed on the database server.

The dbadmin user is consulting the community for help via Internet Relay Chat.

Discussion

Alessia

Amazing Dumps. Found almost all questions in actual exam whih I prepared from these valuable dumps. Recommended!!!!

Belle Nov 2, 2024

That's impressive. I've been struggling with finding good study material for my certification. Maybe I should give Cramkey Dumps a try.

Cody

I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.

Eric Sep 13, 2024

Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.

Ayesha

They are study materials that are designed to help students prepare for exams and certification tests. They are basically a collection of questions and answers that are likely to appear on the test.

Ayden Oct 16, 2024

That sounds interesting. Why are they useful? Planning this week, hopefully help me. Can you give me PDF if you have ?

Vienna

I highly recommend them. They are offering exact questions that we need to prepare our exam.

Jensen Oct 9, 2024

That's great. I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Question 47

A Chief Information Security Officer (CISO) is concerned that a company's current data disposal procedures could result in data remanence. The company uses only SSDs. Which of the following would be the MOST secure way to dispose of the SSDs given the CISO's concern?

Options:

Degaussing

Overwiting

Shredding

Formatting

Incinerating