Month End Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA CASP CAS-004 Reddit Questions

Page: 20 / 43
Total 571 questions

CompTIA SecurityX Certification Exam Questions and Answers

Question 77

A security analyst and a DevOps engineer are working together to address configuration drifts in highly scalable systems that are leading to increased vulnerability findings. Which of the following recommendations would be best to eliminate this issue?

Options:

A.

Using a baseline configuration manager for deployment

B.

Deploying an immutable infrastructure through containers

C.

Eliminating false positives from the vulnerability scans

D.

Performing continuous audits of the patching status

Question 78

A technology company developed an in-house chat application that is used only by developers. An open-source library within the application has been deprecated. The facts below are provided:

•The cost of replacing this system is nominal.

•The system provides no revenue to the business.

•The system is not a critical part of the business.

Which of the following is the best risk mitigation strategy?

Options:

A.

Transfer the risk, since developers prefer using this chat application over alternatives.

B.

Accept the risk, since any system disruption will only impact developers.

C.

Avoid the risk by shutting down this application and migrating to another chat platform.

D.

Mitigate the risk by purchasing an EDR and configuring network ACLs.

Question 79

A common industrial protocol has the following characteristics:

• Provides for no authentication/security

• Is often implemented in a client/server relationship

• Is implemented as either RTU or TCP/IP

Which of the following is being described?

Options:

A.

Profinet

B.

Modbus

C.

Zigbee

D.

Z-Wave

Question 80

Signed applications reduce risks by:

Options:

A.

encrypting the application's data on the device.

B.

requiring the developer to use code-level hardening techniques.

C.

providing assurance that the application is using unmodified source code.

D.

costing the developer money to publish, which reduces the likelihood of malicious intent.

Page: 20 / 43
Total 571 questions