CertsTopics Logo

Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA CASP CAS-004 Syllabus Exam Questions Answers

Page: 26 / 46
Total 619 questions
Get CAS-004 Full Access Download CAS-004 PDF

CompTIA SecurityX Certification Exam Questions and Answers

Question 101

The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties. Which of the following should be implemented to BEST manage the risk?

Options:

A.

Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier’s post-contract renewal with a dedicated risk management team.

B.

Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference.

C.

Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management.

D.

Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier’s rating. Report finding units that rely on the suppliers and the various risk teams.

Question 102

Leveraging cryptographic solutions to protect data that is in use ensures the data is encrypted:

Options:

A.

when it is passed across a local network.

B.

in memory during processing

C.

when it is written to a system’s solid-state drive.

D.

by an enterprise hardware security module.

Question 103

A company wants to improve Its active protection capabilities against unknown and zero-day malware. Which of the following Is the MOST secure solution?

Options:

A.

NIDS

B.

Application allow list

C.

Sandbox detonation

D.

Endpoint log collection

E.

HIDS

Question 104

A healthcare system recently suffered from a ransomware incident As a result the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits and had openRDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would BEST solve these challenges? (Select THREE).

Options:

A.

SD-WAN

B.

PAM

C.

Remote access VPN

D.

MFA

E.

Network segmentation

F.

BGP

G.

NAC

Page: 26 / 46
Total 619 questions
Get CAS-004 Full Access Download CAS-004 PDF