CAS-004 Free Exam Study Guide! (Aktualisiert 173 Fragen) [Q18-Q36]

NEUE FRAGE 18
Ein Unternehmen wurde kürzlich Opfer eines Ransomware-Angriffs. Der Leiter des Sicherheitsteams ist besorgt, dass sich der Angriff wiederholen könnte. Es wurden jedoch keine weiteren Sicherheitsmaßnahmen ergriffen.
Welche der folgenden Verfahren können zur Ermittlung potenzieller Präventionsempfehlungen eingesetzt werden?

NEUE FRAGE 19
A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software. Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run in serial to restore nominal performance. The ISP wants this process to be automated.
Which of the following techniques would be BEST suited for this requirement?

NEUE FRAGE 20
While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?

NEUE FRAGE 21
Technicians have determined that the current server hardware is outdated, so they have decided to throw it out.
Prior to disposal, which of the following is the BEST method to use to ensure no data remnants can be recovered?

NEUE FRAGE 22
A developer wants to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users.
Which of the following would be BEST for the developer to perform? (Choose two.)

NEUE FRAGE 23
A security administrator configured the account policies per security implementation guidelines. However, the accounts still appear to be susceptible to brute-force attacks. The following settings meet the existing compliance guidelines:
Must have a minimum of 15 characters
Must use one number
Must use one capital letter
Must not be one of the last 12 passwords used
Which of the following policies should be added to provide additional security?

NEUE FRAGE 24
A company’s claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee’s laptop when was opened.

NEUE FRAGE 25
Ein Unternehmen entwickelt einen Disaster-Recovery-Plan, bei dem die Daten gesichert werden müssen, damit sie jederzeit verfügbar sind.
Welche der folgenden Möglichkeiten sollte die Organisation als ERSTES in Betracht ziehen, um diese Anforderung zu erfüllen?

NEUE FRAGE 26
A SOC analyst is reviewing malicious activity on an external, exposed web server. During the investigation, the analyst determines specific traffic is not being logged, and there is no visibility from the WAF for the web application.
Which of the following is the MOST likely cause?

NEUE FRAGE 27
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours.
Based on RPO requirements, which of the following recommendations should the management team make?

NEUE FRAGE 28
In Vorbereitung auf das Weihnachtsgeschäft hat ein Unternehmen das System zur Verwaltung der Einzelhandelsverkäufe umgestaltet und zu einem Cloud-Anbieter verlagert. Die neue Infrastruktur entsprach nicht den Verfügbarkeitsanforderungen des Unternehmens. Bei einer Postmortem-Analyse wurden die folgenden Probleme festgestellt:
1. Internationale Nutzer meldeten Latenzzeiten beim ersten Laden der Bilder auf der Webseite.
2. Während der Berichtsverarbeitung meldeten die Benutzer Probleme mit dem Bestand, wenn sie versuchten, Bestellungen aufzugeben.
3. Trotz der Hinzufügung von zehn neuen API-Servern war die Belastung der Server zu Spitzenzeiten hoch.
Welche der folgenden Änderungen am Infrastrukturdesign wären für das Unternehmen am besten geeignet, um diese Probleme in Zukunft zu vermeiden?

NEUE FRAGE 29
A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings.
Which of the following scan types will provide the systems administrator with the MOST accurate information?

NEUE FRAGE 30
As part of the customer registration process to access a new bank account, customers are required to upload a number of documents, including their passports and driver’s licenses. The process also requires customers to take a current photo of themselves to be compared against provided documentation.
Which of the following BEST describes this process?

NEUE FRAGE 31
A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident.
Which of the following would be BEST to proceed with the transformation?

NEUE FRAGE 32
A security analyst is validating the MAC policy on a set of Android devices. The policy was written to ensure non-critical applications are unable to access certain resources. When reviewing dmesg, the analyst notes many entries such as:
Despite the deny message, this action was still permit following is the MOST likely fix for this issue?

NEUE FRAGE 33
A networking team asked a security administrator to enable Flash on its web browser. The networking team explained that an important legacy embedded system gathers SNMP information from various devices. The system can only be managed through a web browser running Flash. The embedded system will be replaced within the year but is still critical at the moment.
Which of the following should the security administrator do to mitigate the risk?

NEUE FRAGE 34
An organization is implementing a new identity and access management architecture with the following objectives:
Supporting MFA against on-premises infrastructure
Improving the user experience by integrating with SaaS applications
Applying risk-based policies based on location
Performing just-in-time provisioning
Which of the following authentication protocols should the organization implement to support these requirements?

NEUE FRAGE 35
Ein Sicherheitsingenieur eines Unternehmens entwirft ein System, um die jüngsten Rückschläge durch Konkurrenten abzufedern, die das Unternehmen bei der Markteinführung neuer Produkte überholen. Mehrere der Produkte enthalten proprietäre Erweiterungen, die von der Firma des Ingenieurs entwickelt wurden. Das Netzwerk umfasst bereits ein SEIM und ein NIPS und erfordert 2FA für alle Benutzerzugriffe. Welches der folgenden Systeme sollte der Ingenieur als Nächstes in Betracht ziehen, um die damit verbundenen Risiken zu mindern?

NEUE FRAGE 36
A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:
Unauthorized insertions into application development environments
Authorized insiders making unauthorized changes to environment configurations Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)