Comptia passcert cas-004 Based On Real Exam Environment by Mabli q50 vce pdf

Page: 32 / 32

CompTIA CAS-004 Exam Overview :

Exam Name:	CompTIA Advanced Security Practitioner (CASP+) Exam
Exam Code:	CAS-004 Dumps
Vendor:	CompTIA	Certification:	CompTIA CASP
Questions:	439 Q&A's	Shared By:	mabli

Question 128

A threat hunting team receives a report about possible APT activity in the network.

Which of the following threat management frameworks should the team implement?

Options:

NIST SP 800-53

MITRE ATT&CK

The Cyber Kill Chain

The Diamond Model of Intrusion Analysis

Discussion

Question 129

A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were transferred via TLS-protected HTTP sessions from systems that do not send traffic to those sites.

The technician will define this threat as:

Options:

a decrypting RSA using obsolete and weakened encryption attack.

a zero-day attack.

an advanced persistent threat.

an on-path attack.

Discussion

Question 130

A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server. To further investigate, the analyst pulls the event logs directly from /var/log/auth.log: graphic.ssh_auth_log.

Which of the following actions would BEST address the potential risks by the activity in the logs?

Options:

Alerting the misconfigured service account password

Modifying the AllowUsers configuration directive

Restricting external port 22 access

Implementing host-key preferences

Discussion

Yusra

I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.

Alisha (not set)

I recently used their dumps for the certification exam I took and I have to say, I was really impressed.

Carson

Yeah, definitely. I would definitely recommend Cramkey Dumps to anyone who is preparing for an exam.

Rufus (not set)

Me too. They're a lifesaver!

Rosalie

I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.

Maja (not set)

That sounds great. I'll definitely check them out. Thanks for the suggestion!

Alaia

These Dumps are amazing! I used them to study for my recent exam and I passed with flying colors. The information in the dumps is so valid and up-to-date. Thanks a lot!!!

Zofia (not set)

That's great to hear! I've been struggling to find good study material for my exam. I will ty it for sure.

Inaya

Passed the exam. questions are valid. The customer support is top-notch. They were quick to respond to any questions I had and provided me with all the information I needed.

Cillian (not set)

That's a big plus. I've used other dump providers in the past and the customer support was often lacking.

Question 131

A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident.

Which of the following would be BEST to proceed with the transformation?

Options:

An on-premises solution as a backup

A load balancer with a round-robin configuration

A multicloud provider solution

An active-active solution within the same tenant