Free Access CompTIA.CAS-004.v2023-08-04.q126 Practice Test (Page 22)

Question 101

A security analyst is reviewing the following output:

Which of the following would BEST mitigate this type of attack?

A.Implementing an IDS

B.Deploying a honeypot

C.Installing a network firewall

D.Placing a WAF inline

Question 102

An application developer is including third-party background security fixes in an application.
The fixes seem to resolve a currently identified security issue.
However, when the application is released to the public, report come In that a previously vulnerability has returned.
Which of the following should the developer integrate into the process to BEST prevent this type of behavior?

A.Dynamic analysis

B.User acceptance

C.Peer review

D.Regression testing

Question 103

A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following:

The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:

Which of the following is an appropriate security control the company should implement?

A.Use server-side processing to avoid XSS vulnerabilities in path input.

B.Restrict directory permission to read-only access.

C.Parameterize a query in the path variable to prevent SQL injection.

D.Separate the items in the system call to prevent command injection.

Question 104

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session:

Which of the following BEST explains why secure LDAP is not working? (Select TWO.)

A.Secure LDAP should be running on UDP rather than TCP.

B.The clients may not trust idapt by default.

C.Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.

D.The secure LDAP service is not started, so no connections can be made.

E.The clients may not trust Chicago by default.

F.Secure LDAP does not support wildcard certificates.

G.The company is using the wrong port. It should be using port 389 for secure LDAP.

Question 105

An administrator at a software development company would like to protect the integrity Of the company's applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however,
is working properly on the website, is valid, and is issued by a trusted CA. Which of the following is MOST likely the cause of the signature failing?

A.The CA has included the certificate in its CRL_

B.Each application is missing a SAN or wildcard entry on the certificate.

C.The NTP server is set incorrectly for the developers.

D.The certificate is set for the wrong key usage.

Premium Bundle

Newest CAS-004 Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing CAS-004 Exam! BraindumpsPass.com now offer the updated CAS-004 exam dumps, the BraindumpsPass.com CAS-004 exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com CAS-004 pdf dumps with Exam Engine here:

Access CAS-004 Premium Version

(620 Q&As Dumps, 40%OFF Special Discount: Exam-Tests)

Other Version: 1956CompTIA.CAS-004.v2025-12-08.q667; 2314CompTIA.CAS-004.v2025-06-21.q202; 2128CompTIA.CAS-004.v2023-03-06.q93; 1702CompTIA.CAS-004.v2023-02-23.q88; 1427CompTIA.CAS-004.v2023-02-07.q68; 2489CompTIA.CAS-004.v2022-11-07.q113; 3037CompTIA.CAS-004.v2022-06-25.q79; 2007CompTIA.CAS-004.v2022-04-29.q42

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 292Nokia.4A0-113.v2026-05-01.q69; 250EC-COUNCIL.312-49v11.v2026-04-30.q214; 227Microsoft.MB-820.v2026-04-30.q101; 207Salesforce.MC-202.v2026-04-30.q57; 204BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 457EMC.D-AV-DY-23.v2026-04-27.q184; 1109ServiceNow.CSA.v2026-04-27.q483