Free Access CompTIA.CAS-004.v2023-08-04.q126 Practice Test (Page 25)

Question 116

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session:

Which of the following BEST explains why secure LDAP is not working? (Select TWO.)

A.The company is using the wrong port. It should be using port 389 for secure LDAP.

B.The clients may not trust Chicago by default.

C.Secure LDAP does not support wildcard certificates.

D.The clients may not trust idapt by default.

E.The secure LDAP service is not started, so no connections can be made.

F.Secure LDAP should be running on UDP rather than TCP.

G.Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.

Question 117

Given the following log snippet from a web server:

Which of the following BEST describes this type of attack?

A.Cross-site request forgery

B.Cross-site scripting

C.SQL injection

D.Brute-force

Question 118

An organization's existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently,
the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.
Which of the following designs would be BEST for the CISO to use?

A.Adding a second redundant layer of alternate vendor VPN concentrators

B.Using Base64 encoding within the existing site-to-site VPN connections

C.Distributing security resources across VPN sites

D.Implementing IDS services with each VPN concentrator

E.Transitioning to a container-based architecture for site-based services

Question 119

A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

Which of the following MOST appropriate corrective action to document for this finding?

A.The product owner should perform a business impact assessment regarding the ability to implement a WAF.

B.The security operations center should develop a custom IDS rule to prevent attacks buffer overflows against this server.

C.The system administrator should evaluate dependencies and perform upgrade as necessary.

D.The application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.

Question 120

A cybersecurity analyst created the following tables to help determine the maximum budget amount the business can justify spending on an improved email filtering system:

Which of the following meets the budget needs of the business?

A.Filter XYZ

B.Filter ABC

C.Filter TUV

D.Filter GHI

Premium Bundle

Newest CAS-004 Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing CAS-004 Exam! BraindumpsPass.com now offer the updated CAS-004 exam dumps, the BraindumpsPass.com CAS-004 exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com CAS-004 pdf dumps with Exam Engine here:

Access CAS-004 Premium Version

(620 Q&As Dumps, 40%OFF Special Discount: Exam-Tests)

Other Version: 1956CompTIA.CAS-004.v2025-12-08.q667; 2314CompTIA.CAS-004.v2025-06-21.q202; 2128CompTIA.CAS-004.v2023-03-06.q93; 1702CompTIA.CAS-004.v2023-02-23.q88; 1427CompTIA.CAS-004.v2023-02-07.q68; 2489CompTIA.CAS-004.v2022-11-07.q113; 3037CompTIA.CAS-004.v2022-06-25.q79; 2007CompTIA.CAS-004.v2022-04-29.q42

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 292Nokia.4A0-113.v2026-05-01.q69; 250EC-COUNCIL.312-49v11.v2026-04-30.q214; 227Microsoft.MB-820.v2026-04-30.q101; 207Salesforce.MC-202.v2026-04-30.q57; 204BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 457EMC.D-AV-DY-23.v2026-04-27.q184; 1109ServiceNow.CSA.v2026-04-27.q483