Free Access CompTIA.CAS-004.v2022-11-07.q113 Practice Test (Page 22)

Question 101

Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?

A.Key recovery

B.Key sharing

C.Key distribution

D.Key escrow

Question 102

The Chief information Officer (CIO) asks the system administrator to improve email security at the company based on the following requirements:
* Transaction being requested by unauthorized individuals.
* Complete discretion regarding client names, account numbers, and investment information.
* Malicious attackers using email to malware and ransomeware.
* Exfiltration of sensitive company information.
The cloud-based email solution will provide anti-malware reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the boar's concerns for this email migration?

A.Endpoint detection response

B.SSL VPN

C.Data loss prevention

D.Application whitelisting

Question 103

A security analyst is reading the results of a successful exploit that was recently conducted by third-party penetration testers. The testers reverse engineered a privileged executable. In the report, the planning and execution of the exploit is detailed using logs and outputs from the test However, the attack vector of the exploit is missing, making it harder to recommend remediation's. Given the following output:

The penetration testers MOST likely took advantage of:

A.A plain-text password disclosure

B.An integer overflow vulnerability

C.A TOC/TOU vulnerability

D.A buffer overflow vulnerability

Question 104

A recent data breach revealed that a company has a number of files containing customer data across its storage environment. These files are individualized for each employee and are used in tracking various customer orders, inquiries, and issues. The files are not encrypted and can be accessed by anyone. The senior management team would like to address these issues without interrupting existing processes.
Which of the following should a security architect recommend?

A.A CRM application to consolidate the data and provision access based on the process and need

B.A DLP program to identify which files have customer data and delete them

C.A CMDB to report on systems that are not configured to security baselines

D.An ERP program to identify which processes need to be tracked

Question 105

A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security.
Which of the following encryption methods should the cloud security engineer select during the implementation phase?

A.Instance-based

B.Storage-based

C.Proxy-based

D.Array controller-based

Other Version: 1097CompTIA.CAS-004.v2025-06-21.q202; 1236CompTIA.CAS-004.v2023-08-04.q126; 1381CompTIA.CAS-004.v2023-03-06.q93; 1211CompTIA.CAS-004.v2023-02-23.q88; 1005CompTIA.CAS-004.v2023-02-07.q68; 2441CompTIA.CAS-004.v2022-06-25.q79; 1617CompTIA.CAS-004.v2022-04-29.q42

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 101

Question 102

Question 103

Question 104

Question 105

Download PDF File