CAS-004 Exam Question 86
The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?
CAS-004 Exam Question 87
A software house is developing a new application. The application has the following requirements:
Reduce the number of credential requests as much as possible
Integrate with social networks
Authenticate users
Which of the following is the BEST federation method to use for the application?
Reduce the number of credential requests as much as possible
Integrate with social networks
Authenticate users
Which of the following is the BEST federation method to use for the application?
CAS-004 Exam Question 88
A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were transferred via TLS-protected HTTP sessions from systems that do not send traffic to those sites.
The technician will define this threat as:
The technician will define this threat as:
CAS-004 Exam Question 89
A security analyst discovered that the company's WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests:
Which of the following would BEST mitigate this vulnerability?
Which of the following would BEST mitigate this vulnerability?
CAS-004 Exam Question 90
The Chief Information Security Officer (CISO) is working with a new company and needs a legal "document to ensure all parties understand their roles during an assessment. Which of the following should the CISO have each party sign?