CAS-004 Exam Results

A network traffic analyzer (also known as a packet sniffer) is the best tool to identify credentials being transmitted in plaintext, such as those used in Telnet sessions. Since Telnet transmits data without encryption, a network traffic analyzer can capture the traffic between the client and the network switches, revealing sensitive information, including login credentials, in clear text. This tool helps identify insecure protocols and enables remediation by switching to encrypted alternatives like SSH. CASP+ highlights the importance of using secure protocols and tools like traffic analyzers to identify vulnerabilities in network communications.

References:

CASP+ CAS-004 Exam Objectives: Domain 2.0 – Enterprise Security Operations (Network Traffic Analysis and Insecure Protocols)

CompTIA CASP+ Study Guide: Monitoring Network Traffic for Plaintext Credentials

Hardening the engineering workstations using a consistent strategy would have the greatest impact on reducing the attack surface. The workstations are running outdated and unsupported operating systems, with no security controls, and inconsistent software installations, which significantly increases the risk of exploitation. Hardening involves applying patches, reducing unnecessary software, disabling unused services, and ensuring uniform security controls across all systems. By addressing these vulnerabilities and inconsistencies, the overall security posture improves significantly, which aligns with CASP+ best practices on reducing attack surfaces by standardizing and securing endpoint configurations.

References:

CASP+ CAS-004 Exam Objectives: Domain 1.0 – Risk Management (Vulnerability Management, System Hardening)

CompTIA CASP+ Study Guide: Hardening Techniques and Attack Surface Reduction

The company should use an additional layer of encryption to secure the data from theft when moving to a CSP. Encryption is a process of transforming data into an unreadable format using a secret key. Encryption can protect the data from unauthorized access or modification during transit and at rest. Encryption can be applied at different levels, such as disk, file, or application. An additional layer of encryption can provide an extra security measure on top of the encryption provided by the CSP. Verified References:

Rules of engagement are legal documents that should be signed by all parties involved in an assessment to ensure they understand their roles and responsibilities. Rules of engagement define the scope, objectives, methods, deliverables, limitations, and expectations of an assessment project. They also specify the legal and ethical boundaries, communication channels, escalation procedures, and reporting formats for the assessment. Rules of engagement help to avoid misunderstandings, conflicts, or liabilities during or after an assessment.

References: [CompTIA CASP+ Study Guide, Second Edition, page 34]