Free CAS-004 Exam Braindumps

Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs.
Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?

1. A. Implement rate limiting on the API.
2. B. Implement geoblocking on the WAF.
3. C. Implement OAuth 2.0 on the API.
4. D. Implement input validation on the API.

Correct Answer: A

A company's Chief Information Officer wants to Implement IDS software onto the current system's architecture to provide an additional layer of security. The software must be able to monitor system activity, provide Information on attempted attacks, and provide analysis of malicious activities to determine the processes or users Involved. Which of the following would provide this information?

1. A. HIPS
2. B. UEBA
3. C. HlDS
4. D. NIDS

Correct Answer: B

A security engineer at a company is designing a system to mitigate recent setbacks caused competitors that are beating the company to market with the new products. Several of the products incorporate propriety enhancements developed by the engineer’s company. The network already includes a SEIM and a NIPS and requires 2FA for all user access. Which of the following system should the engineer consider NEXT to mitigate the associated risks?

1. A. DLP
2. B. Mail gateway
3. C. Data flow enforcement
4. D. UTM

Correct Answer: A

A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer’s laptop was impacted while working from home. The goal is to prevent further endpoint disruption. The edge network is protected by a web proxy.
Which of the following solutions should the security architect recommend?

1. A. Replace the current antivirus with an EDR solution.
2. B. Remove the web proxy and install a UTM appliance.
3. C. Implement a deny list feature on the endpoints.
4. D. Add a firewall module on the current antivirus solution.

Correct Answer: A

A security compliance requirement states that specific environments that handle sensitive data must be protected by need-to-know restrictions and can only connect to authorized endpoints. The requirement also states that a DLP solution within the environment must be used to control the data from leaving the environment.
Which of the following should be implemented for privileged users so they can support the environment from their workstations while remaining compliant?

1. A. NAC to control authorized endpoints
2. B. FIM on the servers storing the data
3. C. A jump box in the screened subnet
4. D. A general VPN solution to the primary network

Correct Answer: A
Network Access Control (NAC) is used to bolster the network security by restricting the availability of network resources to managed endpoints that don't satisfy the compliance requirements of the Organization.