Free CAS-004 Exam Braindumps

An administrator at a software development company would like to protect the integrity Of the company's applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however, is working properly on the website, is valid, and is issued by a trusted CA. Which of the following is MOST likely the cause of the signature failing?

1. A. The NTP server is set incorrectly for the developers.
2. B. The CA has included the certificate in its CRL_
3. C. The certificate is set for the wrong key usage.
4. D. Each application is missing a SAN or wildcard entry on the certificate.

Correct Answer: C

A security analyst sees that a hacker has discovered some keys and they are being made available on a public website. The security analyst is then able to successfully decrypt the data using the keys from the website. Which of the following should the security analyst recommend to protect the affected data?

1. A. Key rotation
2. B. Key revocation
3. C. Key escrow
4. D. Zeroization
5. E. Cryptographic obfuscation

Correct Answer: E

A forensic investigator would use the foremost command for:

1. A. cloning disks.
2. B. analyzing network-captured packets.
3. C. recovering lost files.
4. D. extracting features such as email addresses

Correct Answer: C

A company’s product site recently had failed API calls, resulting in customers being unable to check out and purchase products. This type of failure could lead to the loss of customers and damage to the company’s reputation in the market.
Which of the following should the company implement to address the risk of system unavailability?

1. A. User and entity behavior analytics
2. B. Redundant reporting systems
3. C. A self-healing system
4. D. Application controls

Correct Answer: D

A software development company makes Its software version available to customers from a web portal. On several occasions, hackers were able to access the software repository to change the package that is automatically published on the website. Which of the following would be the BEST technique to ensure the software the users download is the official software released by the company?

1. A. Distribute the software via a third-party repository.
2. B. Close the web repository and deliver the software via email.
3. C. Email the software link to all customers.
4. D. Display the SHA checksum on the website.

Correct Answer: D