CAS-004 Free Practice Test

A security analyst is reading the results of a successful exploit that was recently conducted by third-party penetration testers. The testers reverse engineered a privileged executable. In the report, the planning and execution of the exploit is detailed using logs and outputs from the test However, the attack vector of the exploit is missing, making it harder to recommend remediation’s. Given the following output:

The penetration testers MOST likely took advantage of:

1. A. A TOC/TOU vulnerability
2. B. A plain-text password disclosure
3. C. An integer overflow vulnerability
4. D. A buffer overflow vulnerability

Correct Answer: A

An organization mat provides a SaaS solution recently experienced an incident involving customer data loss. The system has a level of sell-healing that includes monitoring performance and available resources. When me system detects an issue, the self-healing process is supposed to restart pans of me software.
During the incident, when me self-healing system attempted to restart the services, available disk space on the data drive to restart all the services was inadequate. The self-healing system did not detect that some services did not fully restart and declared me system as fully operational. Which of the following BEST describes me reason why the silent failure occurred?

1. A. The system logs rotated prematurely.
2. B. The disk utilization alarms are higher than what me service restarts require.
3. C. The number of nodes in me self-healing cluster was healthy,
4. D. Conditional checks prior to the service restart succeeded.

Correct Answer: D

An organization wants to perform a scan of all its systems against best practice security configurations. Which of the following SCAP standards, when combined, will enable the organization to view each of the
configuration checks in a machine-readable checklist format for fill automation? (Choose two.)

1. A. ARF
2. B. XCCDF
3. C. CPE
4. D. CVE
5. E. CVSS
6. F. OVAL

Correct Answer: BF

An organization is developing a disaster recovery plan that requires data to be backed up and available at a moment’s notice.
Which of the following should the organization consider FIRST to address this requirement?

1. A. Implement a change management plan to ensure systems are using the appropriate versions.
2. B. Hire additional on-call staff to be deployed if an event occurs.
3. C. Design an appropriate warm site for business continuity.
4. D. Identify critical business processes and determine associated software and hardware requirements.

Correct Answer: D

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Which of the following is MOST likely the root cause?

1. A. The client application is testing PFS.
2. B. The client application is configured to use ECDHE.
3. C. The client application is configured to use RC4.
4. D. The client application is configured to use AES-256 in GCM.

Correct Answer: C