Free Access CompTIA.CAS-004.v2023-02-23.q88 Practice Test (Page 2)

Question 1

A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer's laptop was impacted while working from home. The goal is to prevent further endpoint disruption. The edge network is protected by a web proxy.
Which of the following solutions should the security architect recommend?

A.Remove the web proxy and install a UTM appliance.

B.Implement a deny list feature on the endpoints.

C.Replace the current antivirus with an EDR solution.

D.Add a firewall module on the current antivirus solution.

Question 2

A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security.
Which of the following encryption methods should the cloud security engineer select during the implementation phase?

A.Instance-based

B.Storage-based

C.Proxy-based

D.Array controller-based

Question 3

A company wants to improve Its active protection capabilities against unknown and zero-day malware. Which of the following Is the MOST secure solution?

A.Endpoint log collection

B.HIDS

C.Sandbox detonation

D.Application allow list

E.NIDS

Question 4

The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties. Which of the following should be implemented to BEST manage the risk?

A.Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management.

B.Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier's rating. Report finding units that rely on the suppliers and the various risk teams.

C.Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference.

D.Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier's post-contract renewal with a dedicated risk management team.

Question 5

Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours.
Based on RPO requirements, which of the following recommendations should the management team make?

A.Leave the current backup schedule intact and make the human resources fileshare read-only.

B.Decrease the frequency of backups and pay the ransom to decrypt the data.

C.Leave the current backup schedule intact and pay the ransom to decrypt the data.

D.Increase the frequency of backups and create SIEM alerts for IOCs.

Other Version: 1097CompTIA.CAS-004.v2025-06-21.q202; 1236CompTIA.CAS-004.v2023-08-04.q126; 1371CompTIA.CAS-004.v2023-03-06.q93; 995CompTIA.CAS-004.v2023-02-07.q68; 1868CompTIA.CAS-004.v2022-11-07.q113; 2431CompTIA.CAS-004.v2022-06-25.q79; 1608CompTIA.CAS-004.v2022-04-29.q42

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 140Adobe.AD0-E605.v2025-09-05.q50

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File