Free Access CompTIA.CAS-004.v2022-06-25.q79 Practice Test (Page 15)

Question 66

The Chief information Officer (CIO) asks the system administrator to improve email security at the company based on the following requirements:
* Transaction being requested by unauthorized individuals.
* Complete discretion regarding client names, account numbers, and investment information.
* Malicious attackers using email to malware and ransomeware.
* Exfiltration of sensitive company information.
The cloud-based email solution will provide anti-malware reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the boar's concerns for this email migration?

A.Endpoint detection response

B.Data loss prevention

C.SSL VPN

D.Application whitelisting

Question 67

A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:
Unauthorized insertions into application development environments
Authorized insiders making unauthorized changes to environment configurations Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)

A.Model user behavior and monitor for deviations from normal.

B.Implement an XML gateway and monitor for policy violations.

C.Continuously monitor code commits to repositories and generate summary logs.

D.Monitor dependency management tools and report on susceptible third-party libraries.

E.Install an IDS on the development subnet and passively monitor for vulnerable services.

F.Perform static code analysis of committed code and generate summary reports.

Question 68

A company publishes several APIs for customers and is required to use keys to segregate customer data sets.
Which of the following would be BEST to use to store customer keys?

A.A hardware security module

B.A trusted platform module

C.A localized key store

D.A public key infrastructure

Question 69

A security engineer was auditing an organization's current software development practice and discovered that multiple open-source libraries were Integrated into the organization's software. The organization currently performs SAST and DAST on the software it develops.
Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?

A.Implement the SDLC security guidelines.

B.Track the library versions and monitor the CVE website for related vulnerabilities.

C.Perform unit testing of the open-source libraries.

D.Perform additional SAST/DAST on the open-source libraries.

Question 70

A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the company is concerned about HTTPS interception attacks.
Which of the following would be the BEST solution against this type of attack?

A.Cookies

B.Certificate pinning

C.Wildcard certificates

D.HSTS

Other Version: 1097CompTIA.CAS-004.v2025-06-21.q202; 1236CompTIA.CAS-004.v2023-08-04.q126; 1381CompTIA.CAS-004.v2023-03-06.q93; 1211CompTIA.CAS-004.v2023-02-23.q88; 1005CompTIA.CAS-004.v2023-02-07.q68; 1884CompTIA.CAS-004.v2022-11-07.q113; 1617CompTIA.CAS-004.v2022-04-29.q42

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 66

Question 67

Question 68

Question 69

Question 70

Download PDF File