Free Access CompTIA.CAS-004.v2025-06-21.q202 Practice Test (Page 7)

Question 26

A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process memory location.
Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?

A.Execute never

B.No-execute

C.Total memory encryption

D.Virtual memory encryption

Question 27

A developer implement the following code snippet.

Which of the following vulnerabilities does the code snippet resolve?

A.SQL inject

B.Buffer overflow

C.Missing session limit

D.Information leakage

Question 28

A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security.
Which of the following encryption methods should the cloud security engineer select during the implementation phase?

A.Instance-based

B.Storage-based

C.Proxy-based

D.Array controller-based

Question 29

A DevOps team wants to move production data into the QA environment for testing.
This data contains credit card numbers and expiration dates that are not tied to any individuals.
The security analyst wants to reduce risk.
Which of the following will lower the risk before moving the data?

A.Hashing the card numbers

B.Redacting all but the last four numbers of the cards

C.Encrypting card and expiration numbers

D.Scrambling card and expiration data

Question 30

A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away.
Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

A.Scan the code with a static code analyzer, change privileged user passwords, and provide security training.

B.Implement MFA, review the application logs, and deploy a WAF.

C.Change privileged usernames, review the OS logs, and deploy hardware tokens.

D.Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.

Other Version: 1956CompTIA.CAS-004.v2025-12-08.q667; 1948CompTIA.CAS-004.v2023-08-04.q126; 2126CompTIA.CAS-004.v2023-03-06.q93; 1702CompTIA.CAS-004.v2023-02-23.q88; 1427CompTIA.CAS-004.v2023-02-07.q68; 2489CompTIA.CAS-004.v2022-11-07.q113; 3034CompTIA.CAS-004.v2022-06-25.q79; 2007CompTIA.CAS-004.v2022-04-29.q42

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 290Nokia.4A0-113.v2026-05-01.q69; 244EC-COUNCIL.312-49v11.v2026-04-30.q214; 226Microsoft.MB-820.v2026-04-30.q101; 204Salesforce.MC-202.v2026-04-30.q57; 203BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 453EMC.D-AV-DY-23.v2026-04-27.q184; 1107ServiceNow.CSA.v2026-04-27.q483

Question 26

Question 27

Question 28

Question 29

Question 30

Download PDF File