CAS-004無料問題集「CompTIA Advanced Security Practitioner (CASP+)」

質問 1

Leveraging cryptographic solutions to protect data that is in use ensures the data is encrypted:

（A）in memory during processing

（B）when it is passed across a local network.

（C）by an enterprise hardware security module.

（D）when it is written to a system's solid-state drive.

質問 2

A common industrial protocol has the following characteristics:
* Provides for no authentication/security
* Is often implemented in a client/server relationship
* Is implemented as either RTU or TCP/IP
Which of the following is being described?

（A）Profinet

（B）Zigbee

（C）Z-Wave

（D）Modbus

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

An multinational organization was hacked, and the incident response team's timely action prevented a major disaster Following the event, the team created an after action report. Which of the following is the primary goal of an after action review?

（A）To determine the identity of the attacker

（B）To gather evidence for subsequent legal action

（C）To create a plan of action and milestones

（D）To identify ways to improve the response process

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A developer wants to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users.
Which of the following would be BEST for the developer to perform? (Choose two.)

（A）Encrypt with 3DES.

（B）Verify MD5 hashes.

（C）Implement certificate-based authentication.

（D）Make the DACL read-only.

（E）Compress the program with a password.

（F）Utilize code signing by a trusted third party.

正解：D、F 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

A security architect must mitigate the risks from what is suspected to be an exposed, private cryptographic key. Which of the following is the best step to take?

（A）Contact the company's Chief Information Security Officer.

（B）Alert the root CA.

（C）Disable the website using the suspected certificate.

（D）Inform all the users of the certificate.

（E）Revoke the certificate.

正解：E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Which of the following is the reason why security engineers often cannot upgrade the security of embedded facility automation systems?

（A）They lack X86-64 processors.

（B）They are not logic-bearing devices.

（C）They lack EEPROM.

（D）They are constrained by available compute.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A Chief information Security Officer (CISO) has launched to create a rebuts BCP/DR plan for the entire company. As part of the initiative , the security team must gather data supporting s operational importance for the applications used by the business and determine the order in which the application must be back online. Which of the following be the FIRST step taken by the team?

（A）Perform a review of all policies an procedures related to BGP a and DR and created an educated educational module that can be assigned to at employees to provide training on BCP/DR events.

（B）Have each business unit conduct a BIA and categories the application according to the cumulative data gathered.

（C）Implement replication of all servers and application data to back up detacenters that are geographically from the central datacenter and release an upload BPA to all clients.

（D）Create an SLA for each application that states when the application will come back online and distribute this information to the business units.

正解：B 解答を投票する

質問 8

During a remodel, a company's computer equipment was moved to a secure storage room with cameras positioned on both sides of the door. The door is locked using a card reader issued by the security team, and only the security team and department managers have access to the room. The company wants to be able to identify any unauthorized individuals who enter the storage room by following an authorized employee.
Which of the following processes would BEST satisfy this requirement?

（A）Issue new entry badges on a weekly basis.

（B）Require department managers to review denied-access requests.

（C）Monitor camera footage corresponding to a valid access request.

（D）Require both security and management to open the door.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

A software development company makes Its software version available to customers from a web portal. On several occasions, hackers were able to access the software repository to change the package that is automatically published on the website. Which of the following would be the BEST technique to ensure the software the users download is the official software released by the company?

（A）Distribute the software via a third-party repository.

（B）Close the web repository and deliver the software via email.

（C）Email the software link to all customers.

（D）Display the SHA checksum on the website.

正解：D 解答を投票する

質問 10

An organization's assessment of a third-party, non-critical vendor reveals that the vendor does not have cybersecurity insurance and IT staff turnover is high. The organization uses the vendor to move customer office equipment from one service location to another. The vendor acquires customer data and access to the business via an API.
Given this information, which of the following is a noted risk?

（A）The possibility of the vendor's business ceasing operations

（B）Technical impact to the API configuration

（C）Feature delay due to extended software development cycles

（D）Financial liability from a vendor data breach

正解：C 解答を投票する

質問 11

An organization's finance system was recently attacked. A forensic analyst is reviewing the contents of the compromised files for credit card dat a. Which of the following commands should the analyst run to BEST determine whether financial data was lost?

（A）Option D

（B）Option B

（C）Option C

（D）Option A

正解：C 解答を投票する

質問 12

A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One Of the requirements for the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which of the following would BEST achieve this objective?

（A）Deploy endpoint agents that monitor local web traffic to enforce DLP and encryption policies.

（B）Implement cloud infrastructure to proxy all user web traffic and control access according to centralized policy.

（C）Implement cloud infrastructure to proxy all user web traffic to enforce DI-P and encryption policies.

（D）Deploy endpoint agents that monitor local web traffic and control access according to centralized policy.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

A cloud security engineer is setting up a cloud-hosted WAF. The engineer needs to implement a solution to protect the multiple websites the organization hosts. The organization websites are:
* www.mycompany.org
* www.mycompany.com
* campus.mycompany.com
* wiki. mycompany.org
The solution must save costs and be able to protect all websites. Users should be able to notify the cloud security engineer of any on-path attacks. Which of the following is the BEST solution?

（A）Purchase one certificate for each website.

（B）Purchase one wildcard certificate.

（C）Implement self-signed certificates.

（D）Purchase one SAN certificate.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CAS-004 無料問題集「CompTIA Advanced Security Practitioner (CASP+)」

弊社を連絡する

関連リンク

トップ試験