CAS-004 Practice Test

A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized  endpoints. The requirement also states that a DLP solution within the environment must be
used to control the data from leaving the environment.
Which of the following should be implemented for privileged users so they can support the
environment from their workstations while remaining compliant?

A.

NAC to control authorized endpoints

B.

FIM on the servers storing the data

C.

A jump box in the screened subnet

D.

A general VPN solution to the primary network

An organization recently experienced a ransomware attack. The security team leader is
concerned about the attack reoccurring. However, no further security measures have been
implemented.
Which of the following processes can be used to identify potential prevention
recommendations?

A.

Detection

B.

Remediation

C.

Preparation

D.

Recovery

A financial services company wants to migrate its email services from on-premises servers
to a cloud-based email solution. The Chief information Security Officer (CISO) must brief
board of directors on the potential security concerns related to this migration. The board is
concerned about the following.
* Transactions being required by unauthorized individual
* Complete discretion regarding client names, account numbers, and investment
information.
* Malicious attacker using email to distribute malware and ransom ware.
* Exfiltration of sensitivity company information.
The cloud-based email solution will provide an6-malware, reputation-based scanning,
signature-based scanning, and sandboxing. Which of the following is the BEST option to
resolve the board’s concerns for this email migration?

A.

Data loss prevention

B.

Endpoint detection response

C.

SSL VPN

D.

Application whitelisting

The Chief information Officer (CIO) wants to establish a non-banding agreement with a
third party that outlines the objectives of the mutual arrangement dealing with data
transfers between both organizations before establishing a format partnership. Which of the
follow would MOST likely be used?

A.

MOU

B.

OLA

C.

NDA

D.

SLA

An organization developed a social media application that is used by customers in multiple
remote geographic locations around the world. The organization’s headquarters and only
datacenter are located in New York City. The Chief Information Security Officer wants to
ensure the following requirements are met for the social media application:
Low latency for all mobile users to improve the users’ experience
SSL offloading to improve web server performance
Protection against DoS and DDoS attacks
High availability

A.

A cache server farm in its datacenter

B.

A load-balanced group of reverse proxy servers with SSL acceleration

C.

A CDN with the origin set to its datacenter

D.

Dual gigabit-speed Internet connections with managed DDoS prevention