CAS-004 Free Practice Test

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Which of the following is MOST likely the root cause?

1. A. The client application is testing PFS.
2. B. The client application is configured to use ECDHE.
3. C. The client application is configured to use RC4.
4. D. The client application is configured to use AES-256 in GCM.

Correct Answer: C

An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items.
Which of the following phases establishes the identification and prioritization of critical systems and functions?

1. A. Review a recent gap analysis.
2. B. Perform a cost-benefit analysis.
3. C. Conduct a business impact analysis.
4. D. Develop an exposure factor matrix.

Correct Answer: C

A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence.
Which of the following techniques would BEST support this?

1. A. Configuring systemd services to run automatically at startup
2. B. Creating a backdoor
3. C. Exploiting an arbitrary code execution exploit
4. D. Moving laterally to a more authoritative server/service

Correct Answer: B

The Chief Information Security Officer of a startup company has asked a security engineer to implement a software security program in an environment that previously had little oversight.
Which of the following testing methods would be BEST for the engineer to utilize in this situation?

1. A. Software composition analysis
2. B. Code obfuscation
3. C. Static analysis
4. D. Dynamic analysis

Correct Answer: C

A security analyst observes the following while looking through network traffic in a company's cloud log:

Which of the following steps should the security analyst take FIRST?

1. A. Quarantine 10.0.5.52 and run a malware scan against the host.
2. B. Access 10.0.5.52 via EDR and identify processes that have network connections.
3. C. Isolate 10.0.50.6 via security groups.
4. D. Investigate web logs on 10.0.50.6 to determine if this is normal traffic.

Correct Answer: D