CAS-004 Free Practice Test

A company’s SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign.
Which of the following should the company use to make this determination?

1. A. Threat hunting
2. B. A system penetration test
3. C. Log analysis within the SIEM tool
4. D. The Cyber Kill Chain

Correct Answer: A

Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?

1. A. Key sharing
2. B. Key distribution
3. C. Key recovery
4. D. Key escrow

Correct Answer: D

A company is preparing to deploy a global service.
Which of the following must the company do to ensure GDPR compliance? (Choose two.)

1. A. Inform users regarding what data is stored.
2. B. Provide opt-in/out for marketing messages.
3. C. Provide data deletion capabilities.
4. D. Provide optional data encryption.
5. E. Grant data access to third parties.
6. F. Provide alternative authentication techniques.

Correct Answer: AC
The main rights for individuals under the GDPR are to: allow subject access
have inaccuracies corrected have information erased prevent direct marketing
prevent automated decision-making and profiling allow data portability (as per the paragraph above)
source: https://www.clouddirect.net/11-things-you-must-do-now-for-gdpr-compliance/

A security engineer needs to implement a solution to increase the security posture of user endpoints by providing more visibility and control over local administrator accounts. The endpoint security team is overwhelmed with alerts and wants a solution that has minimal operational burdens. Additionally, the solution must maintain a positive user experience after implementation.
Which of the following is the BEST solution to meet these objectives?

1. A. Implement Privileged Access Management (PAM), keep users in the local administrators group, and enable local administrator account monitoring.
2. B. Implement PAM, remove users from the local administrators group, and prompt users for explicit approval when elevated privileges are required.
3. C. Implement EDR, remove users from the local administrators group, and enable privilege escalation monitoring.
4. D. Implement EDR, keep users in the local administrators group, and enable user behavior analytics.

Correct Answer: B

A Chief information Security Officer (CISO) has launched to create a rebuts BCP/DR plan for the entire company. As part of the initiative , the security team must gather data supporting s operational importance for the applications used by the business and determine the order in which the application must be back online. Which of the following be the FIRST step taken by the team?

1. A. Perform a review of all policies an procedures related to BGP a and DR and created an educated educational module that can be assigned to at employees to provide training on BCP/DR events.
2. B. Create an SLA for each application that states when the application will come back online and distribute this information to the business units.
3. C. Have each business unit conduct a BIA and categories the application according to the cumulative data gathered.
4. D. Implement replication of all servers and application data to back up detacenters that are geographically from the central datacenter and release an upload BPA to all clients.

Correct Answer: C