CAS-004 Exam Question 116
A Chief Information Security Officer (CISO) is running a test to evaluate the security of the corporate network and attached devices.
Which of the following components should be executed by an outside vendor?
Which of the following components should be executed by an outside vendor?
CAS-004 Exam Question 117
A technician uses an old SSL server due to budget constraints and discovers performance degrades dramatically after enabling PFS.
The technician cannot determine why performance degraded so dramatically.
A newer version of the SSL server does not suffer the same performance degradation.
Performance rather than security is the main priority for the technician The system specifications and configuration of each system are listed below:
Which of the following is MOST likely the cause of the degradation in performance and should be changed?
The technician cannot determine why performance degraded so dramatically.
A newer version of the SSL server does not suffer the same performance degradation.
Performance rather than security is the main priority for the technician The system specifications and configuration of each system are listed below:
Which of the following is MOST likely the cause of the degradation in performance and should be changed?
CAS-004 Exam Question 118
A systems administrator is in the process of hardening the host systems before connecting to the network. The administrator wants to add protection to the boot loader to ensure the hosts are secure before the OS fully boots.
Which of the following would provide the BEST boot loader protection?
Which of the following would provide the BEST boot loader protection?
CAS-004 Exam Question 119
A security auditor needs to review the manner in which an entertainment device operates. The auditor is analyzing the output of a port scanning tool to determine the next steps in the security review. Given the following log output.
The best option for the auditor to use NEXT is:
The best option for the auditor to use NEXT is:
CAS-004 Exam Question 120
A security consultant is designing an infrastructure security solution for a client company that has provided the following requirements:
* Access to critical web services at the edge must be redundant and highly available.
* Secure access services must be resilient to a proprietary zero-day vulnerability in a single component.
* Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff.
Which of the following solutions BEST meets these requirements?
* Access to critical web services at the edge must be redundant and highly available.
* Secure access services must be resilient to a proprietary zero-day vulnerability in a single component.
* Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff.
Which of the following solutions BEST meets these requirements?