Free CAS-004 Exam Braindumps

A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence.
Which of the following techniques would BEST support this?

1. A. Configuring systemd services to run automatically at startup
2. B. Creating a backdoor
3. C. Exploiting an arbitrary code execution exploit
4. D. Moving laterally to a more authoritative server/service

Correct Answer: B

A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident.
Which of the following would be BEST to proceed with the transformation?

1. A. An on-premises solution as a backup
2. B. A load balancer with a round-robin configuration
3. C. A multicloud provider solution
4. D. An active-active solution within the same tenant

Correct Answer: C
An active-active cluster does nothing if the cloud provider goes down. One of the main features of multi-cloud is redundancy. https://www.cloudflare.com/learning/cloud/what-is-multicloud/

An HVAC contractor requested network connectivity permission to remotely support/troubleshoot equipment issues at a company location. Currently, the company does not have a process that allows vendors remote access to the corporate network Which of the following solutions represents the BEST course of action to allow the contractor access?

1. A. Add the vendor's equipment to the existing network Give the vendor access through the standard corporate VPN
2. B. Give the vendor a standard desktop PC to attach the equipment to Give the vendor access through the standard corporate VPN
3. C. Establish a certification process for the vendor Allow certified vendors access to the VDI to monitor and maintain the HVAC equipment
4. D. Create a dedicated segment with no access to the corporate network Implement dedicated VPN hardware for vendor access

Correct Answer: D

A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One Of the requirements for
the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which
of the following would BEST achieve this objective?

1. A. Deploy endpoint agents that monitor local web traffic to enforce DLP and encryption policies.
2. B. Implement cloud infrastructure to proxy all user web traffic to enforce DI-P and encryption policies.
3. C. Implement cloud infrastructure to proxy all user web traffic and control access according to centralized policy.
4. D. Deploy endpoint agents that monitor local web traffic and control access according to centralized policy.

Correct Answer: C