Best Free Actual Exam Prep Sources

JOB Exam Prep
Menu

CompTIA CAS-004 Questions and Answers

Get Full PDF

Question.81
A company is deploying multiple VPNs to support supplier connections into its extranet applications. The network security standard requires:

All remote devices to have up-to-date antivirus
A HIDS
An up-to-date and patched OS

Which of the following technologies should the company deploy to meet its security objectives? (Choose two.)
(A) NAC
(B) WAF
(C) NIDS
(D) Reverse proxy
(E) NGFW
(F) Bastion host
81. Click here to View Answer

Answer: AF

Question.82
A penetration tester is testing a companys login form for a web application using a list of known usernames and a common password list. According to a brute-force utility, the penetration tester needs to provide the tool with the proper headers, POST URL with variable names, and the error string returned with an improper login. Which of the following would BEST help the tester to gather this information? (Choose two.)
(A) The new source feature of the web browser
(B) The logs from the web server
(C) The inspect feature from the web browser
(D) A tcpdump from the web server
(E) An HTTP interceptor
(F) The website certificate viewed via the web browser
82. Click here to View Answer

Answer: DE

Question.83
A cybersecurity analyst discovered a private key that could have been exposed.

Which of the following is the BEST way for the analyst to determine if the key has been compromised?
(A) HSTS
(B) PKI
(C) CSRs
(D) OCSP
83. Click here to View Answer

Answer: D

Question.84
A security architect is advising the application team to implement the following controls in the application before it is released:

Least privilege
Blocklist input validation for the following characters: \<>;, =#+

Based on the requirements, which of the following attacks is the security architect trying to prevent?
(A) XML injection
(B) LDAP injection
(C) CSRF
(D) XSS
84. Click here to View Answer

Answer: D

Question.85
The Chief Information Officer (CIO) wants to implement enterprise mobility throughout the organization. The goal is to allow employees access to company resources. However, the CIO wants the ability to enforce configuration settings, manage data, and manage both company-owned and personal devices.
Which of the following should the CIO implement to achieve this goal?
(A) BYOD
(B) CYOD
(C) COPE
(D) MDM
85. Click here to View Answer

Answer: D

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
Scroll to Top