Free Access CompTIA.CAS-004.v2022-06-25.q79 Practice Test (Page 16)

Question 71

A security engineer needs to recommend a solution that will meet the following requirements:
Identify sensitive data in the provider's network
Maintain compliance with company and regulatory guidelines
Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements?

A.DLP

B.SWG

C.WAF

D.CASB

Question 72

A company's Chief Information Security Officer is concerned that the company's proposed move to the cloud could lead to a lack of visibility into network traffic flow logs within the VPC.
Which of the following compensating controls would be BEST to implement in this situation?

A.HIDS

B.UEBA

C.EDR

D.SIEM

Question 73

Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?

A.Key distribution

B.Key escrow

C.Key sharing

D.Key recovery

Question 74

A security engineer is hardening a company's multihomed SFTP server. When scanning a public-facing network interface, the engineer finds the following ports are open:
22
25
110
137
138
139
445
Internal Windows clients are used to transferring files to the server to stage them for customer download as part of the company's distribution process.
Which of the following would be the BEST solution to harden the system?

A.Close ports 110, 138, and 139. Bind ports 22, 25, and 137 to only the internal interface.

B.Close ports 22 and 139. Bind ports 137, 138, and 445 to only the internal interface.

C.Close ports 25 and 110. Bind ports 137, 138, 139, and 445 to only the internal interface.

D.Close ports 22, 137, and 138. Bind ports 110 and 445 to only the internal interface.

Question 75

A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

Which of the following MOST appropriate corrective action to document for this finding?

A.The application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.

B.The product owner should perform a business impact assessment regarding the ability to implement a WAF.

C.The system administrator should evaluate dependencies and perform upgrade as necessary.

D.The security operations center should develop a custom IDS rule to prevent attacks buffer overflows against this server.

Premium Bundle

Newest CAS-004 Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing CAS-004 Exam! BraindumpsPass.com now offer the updated CAS-004 exam dumps, the BraindumpsPass.com CAS-004 exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com CAS-004 pdf dumps with Exam Engine here:

Access CAS-004 Premium Version

(620 Q&As Dumps, 40%OFF Special Discount: Exam-Tests)

Other Version: 1097CompTIA.CAS-004.v2025-06-21.q202; 1236CompTIA.CAS-004.v2023-08-04.q126; 1381CompTIA.CAS-004.v2023-03-06.q93; 1211CompTIA.CAS-004.v2023-02-23.q88; 1005CompTIA.CAS-004.v2023-02-07.q68; 1884CompTIA.CAS-004.v2022-11-07.q113; 1617CompTIA.CAS-004.v2022-04-29.q42

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50