Most Recent CompTIA Advanced Security Practitioner (CASP+) Exam CAS-004 Exam Question

NEW QUESTION 1
Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?

• A. Key sharing
• B. Key distribution
• C. Key recovery
• D. Key escrow

Answer: B

Explanation:
Reference: https://www.open.edu/openlearn/ocw/mod/oucontent/view.php?id=48322§ion=1.3

NEW QUESTION 2
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user’s workstation: graphic.linux_randomization.prg Which of the following technologies would mitigate the manipulation of memory segments?

• A. NX bit
• B. ASLR
• C. DEP
• D. HSM

Answer: B

Explanation:
Reference: http://webpages.eng.wayne.edu/~fy8421/19sp-csc5290/labs/lab2-instruction.pdf (3)

NEW QUESTION 3
A company publishes several APIs for customers and is required to use keys to segregate customer data sets. Which of the following would be BEST to use to store customer keys?

• A. A trusted platform module
• B. A hardware security module
• C. A localized key store
• D. A public key infrastructure

Answer: C

Explanation:
Reference: https://developer.android.com/studio/publish/app-signing

NEW QUESTION 4
Which of the following is a benefit of using steganalysis techniques in forensic response?

• A. Breaking a symmetric cipher used in secure voice communications
• B. Determining the frequency of unique attacks against DRM-protected media
• C. Maintaining chain of custody for acquired evidence
• D. Identifying least significant bit encoding of data in a .wav file

Answer: D

Explanation:
Reference: https://www.garykessler.net/library/fsc_stego.html

NEW QUESTION 5
Which of the following allows computation and analysis of data within a ciphertext without knowledge of the plaintext?

• A. Lattice-based cryptography
• B. Quantum computing
• C. Asymmetric cryptography
• D. Homomorphic encryption

Answer: C

Explanation:
Reference: https://searchsecurity.techtarget.com/definition/cryptanalysis

NEW QUESTION 6
All staff at a company have started working remotely due to a global pandemic. To transition to remote work, the company has migrated to SaaS collaboration tools. The human resources department wants to use these tools to process sensitive information but is concerned the data could be:
Leaked to the media via printing of the documents Sent to a personal email address
Accessed and viewed by systems administrators Uploaded to a file storage site Which of the following would mitigate the department’s concerns?

• A. Data loss detection, reverse proxy, EDR, and PGP
• B. VDI, proxy, CASB, and DRM
• C. Watermarking, forward proxy, DLP, and MFA
• D. Proxy, secure VPN, endpoint encryption, and AV

Answer: B

NEW QUESTION 7
Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights .
Which of the following documents will MOST likely contain these elements?

• A. Company A-B SLA v2.docx
• B. Company A OLA v1b.docx
• C. Company A MSA v3.docx
• D. Company A MOU v1.docx
• E. Company A-B NDA v03.docx

Answer: A

NEW QUESTION 8
A security engineer needs to recommend a solution that will meet the following requirements: Identify sensitive data in the provider’s network
Maintain compliance with company and regulatory guidelines
Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements?

• A. WAF
• B. CASB
• C. SWG
• D. DLP

Answer: A

NEW QUESTION 9
A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process memory location.
Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?

• A. Execute never
• B. No-execute
• C. Total memory encryption
• D. Virtual memory encryption

Answer: A

Explanation:
Reference: https://developer.arm.com/documentation/102433/0100/Stack-smashing-and-execution-permissions

NEW QUESTION 10
A systems administrator is in the process of hardening the host systems before connecting to the network. The administrator wants to add protection to the boot loader to ensure the hosts are secure before the OS fully boots.
Which of the following would provide the BEST boot loader protection?

• A. TPM
• B. HSM
• C. PKI
• D. UEFI/BIOS

Answer: D

Explanation:
Reference: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-898217D4-689D-4EB5-866C-888353FE241C.html

NEW QUESTION 11
A disaster recovery team learned of several mistakes that were made during the last disaster recovery parallel test. Computational resources ran out at 70% of restoration of critical services.
Which of the following should be modified to prevent the issue from reoccurring?

• A. Recovery point objective
• B. Recovery time objective
• C. Mission-essential functions
• D. Recovery service level

Answer: B

Explanation:
Reference: https://www.nakivo.com/blog/disaster-recovery-in-cloud-computing/

NEW QUESTION 12
A developer implement the following code snippet.

Which of the following vulnerabilities does the code snippet resolve?

• A. SQL inject
• B. Buffer overflow
• C. Missing session limit
• D. Information leakage

Answer: D

NEW QUESTION 13
A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks.
Which of the following sources could the architect consult to address this security concern?

• A. SDLC
• B. OVAL
• C. IEEE
• D. OWASP

Answer: B

Explanation:
Reference: https://dzone.com/articles/what-is-oval-a-community-driven-vulnerability-mana

NEW QUESTION 14
A threat hunting team receives a report about possible APT activity in the network. Which of the following threat management frameworks should the team implement?

• A. NIST SP 800-53
• B. MITRE ATT&CK
• C. The Cyber Kill Chain
• D. The Diamond Model of Intrusion Analysis

Answer: A

Explanation:
Reference: https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-30r1.pdf

NEW QUESTION 15
An organization is preparing to migrate its production environment systems from an on-premises environment to a cloud service. The lead security architect is concerned that the organization's current methods for addressing risk may not be possible in the cloud environment.
Which of the following BEST describes the reason why traditional methods of addressing risk may not be possible in the cloud?

• A. Migrating operations assumes the acceptance of all risk.
• B. Cloud providers are unable to avoid risk.
• C. Specific risks cannot be transferred to the cloud provider.
• D. Risks to data in the cloud cannot be mitigated.

Answer: C

Explanation:
Reference: https://arxiv.org/ftp/arxiv/papers/1303/1303.4814.pdf

NEW QUESTION 16
Device event logs sources from MDM software as follows:

Which of the following security concerns and response actions would BEST address the risks posed by the device in the logs?

• A. Malicious installation of an application; change the MDM configuration to remove application ID 1220.
• B. Resource leak; recover the device for analysis and clean up the local storage.
• C. Impossible travel; disable the device’s account and access while investigating.
• D. Falsified status reporting; remotely wipe the device.

Answer: A

NEW QUESTION 17
......