최신CompTIA Advanced Security Practitioner (CASP+) - CAS-004무료샘플문제
문제1
A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

Which of the following MOST appropriate corrective action to document for this finding?
A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

Which of the following MOST appropriate corrective action to document for this finding?
정답: C
문제2
A company is developing an application that will be used to perform e-commerce transactions for a subscription-based service. The application must be able to use previously saved payment methods to perform recurring transactions. Which of the following is the most appropriate?
A company is developing an application that will be used to perform e-commerce transactions for a subscription-based service. The application must be able to use previously saved payment methods to perform recurring transactions. Which of the following is the most appropriate?
정답: A
문제3
An internal security audit determines that Telnet is currently being used within the environment to manage network switches. Which of the following tools should be utilized to identify credentials in plaintext that are used to log in to these devices?
An internal security audit determines that Telnet is currently being used within the environment to manage network switches. Which of the following tools should be utilized to identify credentials in plaintext that are used to log in to these devices?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제4
A client is adding scope to a project. Which of the following processes should be used when requesting updates or corrections to the client's systems?
A client is adding scope to a project. Which of the following processes should be used when requesting updates or corrections to the client's systems?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제5
A company wants to prevent a partner company from denying agreement to a transaction. Which of the following is the best solution for the company?
A company wants to prevent a partner company from denying agreement to a transaction. Which of the following is the best solution for the company?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제6
An organization is moving its intellectual property data from on premises to a CSP and wants to secure the data from theft. Which of the following can be used to mitigate this risk?
An organization is moving its intellectual property data from on premises to a CSP and wants to secure the data from theft. Which of the following can be used to mitigate this risk?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제7
Which of the following is the best way to protect the website browsing history for an executive who travels to foreign countries where internet usage is closely monitored?
Which of the following is the best way to protect the website browsing history for an executive who travels to foreign countries where internet usage is closely monitored?
정답: B
문제8
A company's BIA indicates that any loss of more than one hour of data would be catastrophic to the business.
Which of the following must be in place to meet this requirement?
A company's BIA indicates that any loss of more than one hour of data would be catastrophic to the business.
Which of the following must be in place to meet this requirement?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제9
A DevOps team has deployed databases, event-driven services, and an API gateway as PaaS solution that will support a new billing system. Which of the following security responsibilities will the DevOps team need to perform?
A DevOps team has deployed databases, event-driven services, and an API gateway as PaaS solution that will support a new billing system. Which of the following security responsibilities will the DevOps team need to perform?
정답: D
문제10
A security analyst reviews network logs and notices a large number of domain name queries originating from an internal server for an unknown domain, similar to the following:
2736287327321782.hgQ43jsi23-y.com
0357320932922C91.hgQ43jsu23Ty.com
4042301801399103.hgQ43jsu23Ly.com
Which of the following should the analyst do next?
A security analyst reviews network logs and notices a large number of domain name queries originating from an internal server for an unknown domain, similar to the following:
2736287327321782.hgQ43jsi23-y.com
0357320932922C91.hgQ43jsu23Ty.com
4042301801399103.hgQ43jsu23Ly.com
Which of the following should the analyst do next?
정답: A
설명: (KoreaDumps 회원만 볼 수 있음)
문제11
A security manager has written an incident response playbook for insider attacks and is ready to begin testing it. Which of the following should the manager conduct to test the playbook?
A security manager has written an incident response playbook for insider attacks and is ready to begin testing it. Which of the following should the manager conduct to test the playbook?
정답: B
설명: (KoreaDumps 회원만 볼 수 있음)
문제12
A mobile device hardware manufacturer receives the following requirements from a company that wants to produce and sell a new mobile platform:
*The platform should store biometric data.
*The platform should prevent unapproved firmware from being loaded.
* A tamper-resistant, hardware-based counter should track if unapproved firmware was loaded.
Which of the following should the hardware manufacturer implement? (Select three).
A mobile device hardware manufacturer receives the following requirements from a company that wants to produce and sell a new mobile platform:
*The platform should store biometric data.
*The platform should prevent unapproved firmware from being loaded.
* A tamper-resistant, hardware-based counter should track if unapproved firmware was loaded.
Which of the following should the hardware manufacturer implement? (Select three).
정답: A,F,H
설명: (KoreaDumps 회원만 볼 수 있음)
문제13
A security architect discovers the following page while testing a website for vulnerabilities:
404 - page not found: /gy67162
The page you have requested is no. avai.able on .his server.
Apache Tomcat 7.0.52
Which of the following best describes why this issue should be corrected?
A security architect discovers the following page while testing a website for vulnerabilities:
404 - page not found: /gy67162
The page you have requested is no. avai.able on .his server.
Apache Tomcat 7.0.52
Which of the following best describes why this issue should be corrected?
정답: A
설명: (KoreaDumps 회원만 볼 수 있음)