Free Access CompTIA.CAS-004.v2022-11-07.q113 Practice Test (Page 16)

Question 71

A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage.
Which of the following is a security concern that will MOST likely need to be addressed during migration?

A.Latency

B.Data loss

C.Data dispersion

D.Data exposure

Question 72

A customer reports being unable to connect to a website at www.test.com to consume services. The customer notices the web application has the following published cipher suite:

Which of the following is the MOST likely cause of the customer's inability to connect?

A.The default should be on port 80.

B.The public key should be using ECDSA.

C.The server name should be test.com.

D.Weak ciphers are being used.

Question 73

A security analyst notices a number of SIEM events that show the following activity:

Which of the following response actions should the analyst take FIRST?

A.Disable powershell.exe on all Microsoft Windows endpoints.

B.Restart Microsoft Windows Defender.

C.Configure the forward proxy to block 40.90.23.154.

D.Disable local administrator privileges on the endpoints.

Question 74

Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.
Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

A.Implement geoblocking on the WAF.

B.Implement OAuth 2.0 on the API.

C.Implement input validation on the API.

D.Implement rate limiting on the API.

Question 75

A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:
Unauthorized insertions into application development environments
Authorized insiders making unauthorized changes to environment configurations Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)

A.Monitor dependency management tools and report on susceptible third-party libraries.

B.Install an IDS on the development subnet and passively monitor for vulnerable services.

C.Implement an XML gateway and monitor for policy violations.

D.Perform static code analysis of committed code and generate summary reports.

E.Model user behavior and monitor for deviations from normal.

F.Continuously monitor code commits to repositories and generate summary logs.

Premium Bundle

Newest CAS-004 Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing CAS-004 Exam! BraindumpsPass.com now offer the updated CAS-004 exam dumps, the BraindumpsPass.com CAS-004 exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com CAS-004 pdf dumps with Exam Engine here:

Access CAS-004 Premium Version

(620 Q&As Dumps, 40%OFF Special Discount: Exam-Tests)

Other Version: 1097CompTIA.CAS-004.v2025-06-21.q202; 1236CompTIA.CAS-004.v2023-08-04.q126; 1383CompTIA.CAS-004.v2023-03-06.q93; 1211CompTIA.CAS-004.v2023-02-23.q88; 1007CompTIA.CAS-004.v2023-02-07.q68; 2446CompTIA.CAS-004.v2022-06-25.q79; 1617CompTIA.CAS-004.v2022-04-29.q42

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50