Free CAS-004 Exam Braindumps

A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the company is concerned about HTTPS interception attacks.
Which of the following would be the BEST solution against this type of attack?

1. A. Cookies
2. B. Wildcard certificates
3. C. HSTS
4. D. Certificate pinning

Correct Answer: D

An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to change the server configuration to avoid this kind of performance issue.
Which of the following is the MOST cost-effective solution?

1. A. Move the server to a cloud provider.
2. B. Change the operating system.
3. C. Buy a new server and create an active-active cluster.
4. D. Upgrade the server with a new one.

Correct Answer: A

An organization decided to begin issuing corporate mobile device users microSD HSMs that must be installed in the mobile devices in order to access corporate resources remotely. Which of the following features of these devices MOST likely led to this decision? (Select TWO.)

1. A. Software-backed keystore
2. B. Embedded cryptoprocessor
3. C. Hardware-backed public key storage
4. D. Support for stream ciphers
5. E. Decentralized key management
6. F. TPM 2.0 attestation services

Correct Answer: BC

A company’s claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee’s laptop when was opened.

1. A. Impalement application whitelisting and add only the email client to the whitelist for laptop in the claims processing department.
2. B. Required all laptops to connect to the VPN before accessing email.
3. C. Implement cloud-based content filtering with sandboxing capabilities.
4. D. Install a mail gateway to scan incoming messages and strip attachments before they reach the mailbox.

Correct Answer: C

A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line.
Which of the following commands would be the BEST to run to view only active Internet connections?

1. A. sudo netstat -antu | grep “LISTEN” | awk ‘{print$5}’
2. B. sudo netstat -nlt -p | grep “ESTABLISHED”
3. C. sudo netstat -plntu | grep -v “Foreign Address”
4. D. sudo netstat -pnut -w | column -t -s $’\w’
5. E. sudo netstat -pnut | grep -P ^tcp

Correct Answer: E