CertsTopics Logo

Month End Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA CAS-004 Based on Real Exam Environment

Page: 38 / 43
Total 571 questions
Get CAS-004 Full Access Download CAS-004 PDF

CompTIA SecurityX Certification Exam Questions and Answers

Question 149

A developer implement the following code snippet.

Which of the following vulnerabilities does the code snippet resolve?

Options:

A.

SQL inject

B.

Buffer overflow

C.

Missing session limit

D.

Information leakage

Question 150

An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors. Which of the following categories BEST describes this type of vendor risk?

Options:

A.

SDLC attack

B.

Side-load attack

C.

Remote code signing

D.

Supply chain attack

Question 151

A security analyst needs to recommend a remediation to the following threat:

Which of the following actions should the security analyst propose to prevent this successful exploitation?

Options:

A.

Patch the system.

B.

Update the antivirus.

C.

Install a host-based firewall.

D.

Enable TLS 1.2.

Question 152

An attack team performed a penetration test on a new smart card system. The team demonstrated that by subjecting the smart card to high temperatures, the secret key could be revealed.

Which of the following side-channel attacks did the team use?

Options:

A.

Differential power analysis

B.

Differential fault analysis

C.

Differential temperature analysis

D.

Differential timing analysis

Page: 38 / 43
Total 571 questions
Get CAS-004 Full Access Download CAS-004 PDF