- Home
- CompTIA
- CompTIA Advanced Security Practitioner (CASP+) Exam
- CompTIA.CAS-004.v2024-05-11.q176
- Question 116
Valid CAS-004 Dumps shared by ExamDiscuss.com for Helping Passing CAS-004 Exam! ExamDiscuss.com now offer the newest CAS-004 exam dumps, the ExamDiscuss.com CAS-004 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-004 dumps with Test Engine here:
Access CAS-004 Dumps Premium Version
(620 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 116/176
A mobile application developer is creating a global, highly scalable, secure chat application. The developer would like to ensure the application is not susceptible to on-path attacks while the user is traveling in potentially hostile regions. Which of the following would BEST achieve that goal?
Correct Answer: C
Certificate pinning is a technique that embeds one or more trusted certificates or public keys inside an application, and verifies that any certificate presented by a server matches one of those certificates or public keys. Certificate pinning can prevent on-path attacks, such as man-in-the-middle (MITM) attacks, which intercept and modify the communication between a client and a server.
Configuring certificate pinning inside the application would allow the mobile application developer to create a global, highly scalable, secure chat application that is not susceptible to on-path attacks while the user is traveling in potentially hostile regions, because it would:
Ensure that only trusted servers can communicate with the application, by rejecting any server certificate that does not match one of the pinned certificates or public keys.
Protect the confidentiality, integrity, and authenticity of the chat messages, by preventing any attacker from intercepting, modifying, or impersonating them.
Enhance the security of the application by reducing its reliance on external factors, such as certificate authorities (CAs), certificate revocation lists (CRLs), or online certificate status protocol (OCSP).
Configuring certificate pinning inside the application would allow the mobile application developer to create a global, highly scalable, secure chat application that is not susceptible to on-path attacks while the user is traveling in potentially hostile regions, because it would:
Ensure that only trusted servers can communicate with the application, by rejecting any server certificate that does not match one of the pinned certificates or public keys.
Protect the confidentiality, integrity, and authenticity of the chat messages, by preventing any attacker from intercepting, modifying, or impersonating them.
Enhance the security of the application by reducing its reliance on external factors, such as certificate authorities (CAs), certificate revocation lists (CRLs), or online certificate status protocol (OCSP).
- Question List (176q)
- Question 1: A software development company is building a new mobile appl...
- Question 2: A networking team asked a security administrator to enable F...
- Question 3: A bank is working with a security architect to find the BEST...
- Question 4: Which of the following should be established when configurin...
- Question 5: A security analyst for a managed service provider wants to i...
- Question 6: A satellite communications ISP frequently experiences outage...
- Question 7: A junior developer is informed about the impact of new malwa...
- Question 8: In a shared responsibility model for PaaS, which of the foll...
- Question 9: A security engineer is working for a service provider and an...
- Question 10: A user from the sales department opened a suspicious file at...
- Question 11: An multinational organization was hacked, and the incident r...
- Question 12: An analyst execute a vulnerability scan against an internet-...
- Question 13: A security auditor needs to review the manner in which an en...
- Question 14: Which of the following is record-level encryption commonly u...
- Question 15: A help desk technician just informed the security department...
- Question 16: A security engineer is hardening a company's multihomed SFTP...
- Question 17: A security engineer at a company is designing a system to mi...
- Question 18: An e-commerce company is running a web server on premises, a...
- Question 19: A security analyst observes the following while looking thro...
- Question 20: An organization is researching the automation capabilities f...
- Question 21: A security administrator wants to enable a feature that woul...
- Question 22: A cybersecurity engineer analyst a system for vulnerabilitie...
- Question 23: A customer reports being unable to connect to a website at w...
- Question 24: A forensic investigator would use the foremost command for:...
- Question 25: A security analyst at a global financial firm was reviewing ...
- Question 26: The general counsel at an organization has received written ...
- Question 27: An organization is implementing a new identity and access ma...
- Question 28: A security engineer has been informed by the firewall team t...
- Question 29: A security analyst sees that a hacker has discovered some ke...
- Question 30: Which of the following indicates when a company might not be...
- Question 31: The information security manager at a 24-hour manufacturing ...
- Question 32: A local university that has a global footprint is undertakin...
- Question 33: A security solution uses a sandbox environment to execute ze...
- Question 34: A security engineer has been asked to close all non-secure c...
- Question 35: An organization wants to perform a scan of all its systems a...
- Question 36: Which of the following agreements includes no penalties and ...
- Question 37: A development team created a mobile application that contact...
- Question 38: A company wants to quantify and communicate the effectivenes...
- Question 39: Which of the following BEST sets expectation between the sec...
- Question 40: A Chief Information Security Officer (CISO) is concerned tha...
- Question 41: Which of the following describes the system responsible for ...
- Question 42: An organization mat provides a SaaS solution recently experi...
- Question 43: The Chief Security Officer (CSO) requested the security team...
- Question 44: An loT device implements an encryption module built within i...
- Question 45: A vulnerability scanner detected an obsolete version of an o...
- Question 46: in a situation where the cost of anti-malware exceeds the po...
- Question 47: A developer wants to develop a secure external-facing web ap...
- Question 48: During a review of events, a security analyst notes that sev...
- Question 49: Which of the following is the MOST important cloud-specific ...
- Question 50: A penetration tester inputs the following command: (Exhibit)...
- Question 51: A security analyst discovered that a database administrator'...
- Question 52: A third-party organization has implemented a system that all...
- Question 53: All staff at a company have started working remotely due to ...
- Question 54: After a server was compromised an incident responder looks a...
- Question 55: A security administrator configured the account policies per...
- Question 56: During a recent security incident investigation, a security ...
- Question 57: A security analyst is reviewing a new IOC in which data is i...
- Question 58: An analyst received a list of IOCs from a government agency....
- Question 59: A developer is creating a new mobile application for a compa...
- Question 60: A security architect for a large, multinational manufacturer...
- Question 61: A Chief Information Officer is considering migrating all com...
- Question 62: A company created an external application for its customers....
- Question 63: An organization is deploying a new, online digital bank and ...
- Question 64: A user in the finance department uses a laptop to store a sp...
- Question 65: After the latest risk assessment, the Chief Information Secu...
- Question 66: A developer wants to maintain integrity to each module of a ...
- Question 67: A cybersecurity analyst created the following tables to help...
- Question 68: A security engineer is concerned about the threat of side-ch...
- Question 69: A security engineer needs to review the configurations of se...
- Question 70: Law enforcement officials informed an organization that an i...
- Question 71: An engineering team has deployed a new VPN service that requ...
- Question 72: A disaster recovery team learned of several mistakes that we...
- Question 73: An organization's finance system was recently attacked. A fo...
- Question 74: A security analyst is reviewing network connectivity on a Li...
- Question 75: A company's claims processed department has a mobile workfor...
- Question 76: A security architect is reviewing the following proposed cor...
- Question 77: A security administrator needs to recommend an encryption pr...
- Question 78: A company Is adopting a new artificial-intelligence-based an...
- Question 79: A security consultant has been asked to identify a simple, s...
- Question 80: An organization is assessing the security posture of a new S...
- Question 81: After a security incident, a network security engineer disco...
- Question 82: Which of the following terms refers to the delivery of encry...
- Question 83: A small business requires a low-cost approach to theft detec...
- Question 84: In order to save money, a company has moved its data to the ...
- Question 85: A company that all mobile devices be encrypted, commensurate...
- Question 86: A new web server must comply with new secure-by-design princ...
- Question 87: An HVAC contractor requested network connectivity permission...
- Question 88: A small company recently developed prototype technology for ...
- Question 89: Which of the following is the BEST disaster recovery solutio...
- Question 90: A software development company is building a new mobile appl...
- Question 91: An analyst has prepared several possible solutions to a succ...
- Question 92: Which of the following are risks associated with vendor lock...
- Question 93: A client is adding scope to a project. Which of the followin...
- Question 94: During a system penetration test, a security engineer succes...
- Question 95: Ann, a CIRT member, is conducting incident response activiti...
- Question 96: A security architect works for a manufacturing organization ...
- Question 97: An organization's assessment of a third-party, non-critical ...
- Question 98: A new requirement for legislators has forced a government se...
- Question 99: A security architect is designing a solution for a new custo...
- Question 100: A cloud security architect has been tasked with selecting th...
- Question 101: A security architect updated the security policy to require ...
- Question 102: A software development company is building a new mobile appl...
- Question 103: A developer implement the following code snippet. (Exhibit) ...
- Question 104: Which of the following processes involves searching and coll...
- Question 105: Company A acquired Company B. During an audit, a security en...
- Question 106: Which of the following best describes what happens if chain ...
- Question 107: Due to internal resource constraints, the management team ha...
- Question 108: A large number of emails have been reported, and a security ...
- Question 109: A host on a company's network has been infected by a worm th...
- Question 110: A security manager wants to transition the organization to a...
- Question 111: A security architect was asked to modify an existing interna...
- Question 112: As part of the customer registration process to access a new...
- Question 113: A significant weather event caused all systems to fail over ...
- Question 114: After a cybersecurity incident, a judge found that a company...
- Question 115: A forensics investigator is analyzing an executable file ext...
- Question 116: A mobile application developer is creating a global, highly ...
- Question 117: Company A acquired Company B. During an initial assessment, ...
- Question 118: Which of the following protocols is a low power, low data ra...
- Question 119: A company recently acquired a SaaS provider and needs to int...
- Question 120: An IPSec solution is being deployed. The configuration files...
- Question 121: Due to budget constraints, an organization created a policy ...
- Question 122: A company is deploying multiple VPNs to support supplier con...
- Question 123: Which of the following is required for an organization to me...
- Question 124: A systems engineer needs to develop a solution that uses dig...
- Question 125: A home automation company just purchased and installed tools...
- Question 126: A company has decided to purchase a license for software tha...
- Question 127: Which of the following technologies would benefit the most f...
- Question 128: An attacker infiltrated an electricity-generation site and d...
- Question 129: A company requires a task to be carried by more than one per...
- Question 130: A bank hired a security architect to improve its security me...
- Question 131: Ransomware encrypted the entire human resources fileshare fo...
- Question 132: A security architect Is analyzing an old application that is...
- Question 133: Which of the following objectives BEST supports leveraging t...
- Question 134: An engineering team is developing and deploying a fleet of m...
- Question 135: An IT administrator is reviewing all the servers in an organ...
- Question 136: A company wants to use a process to embed a sign of ownershi...
- Question 137: A security analyst is investigating a possible buffer overfl...
- Question 138: A recent data breach revealed that a company has a number of...
- Question 139: The Chief information Officer (CIO) of a large bank, which u...
- Question 140: A company in the financial sector receives a substantial num...
- Question 141: A company has hired a security architect to address several ...
- Question 142: A web service provider has just taken on a very large contra...
- Question 143: A security administrator needs to implement a security solut...
- Question 144: A cloud security engineer is setting up a cloud-hosted WAF. ...
- Question 145: A technician is reviewing the logs and notices a large numbe...
- Question 146: A company is looking at sending historical backups containin...
- Question 147: Which of the following is a security concern for DNP3?...
- Question 148: A security engineer is assessing the security controls of lo...
- Question 149: The Chief information Officer (CIO) asks the system administ...
- Question 150: A company's finance department acquired a new payment system...
- Question 151: A security engineer performed an assessment on a recently de...
- Question 152: A security architect is implementing a web application that ...
- Question 153: Based on PCI DSS v3.4, One Particular database field can sto...
- Question 154: Given the following log snippet from a web server: (Exhibit)...
- Question 155: An architectural firm is working with its security team to e...
- Question 156: SIMULATION You are a security analyst tasked with interpreti...
- Question 157: A hospital has fallen behind with patching known vulnerabili...
- Question 158: Which of the following is a benefit of using steganalysis te...
- Question 159: A networking team was asked to provide secure remote access ...
- Question 160: An application server was recently upgraded to prefer TLS 1....
- Question 161: A university issues badges through a homegrown identity mana...
- Question 162: An organization requires a contractual document that include...
- Question 163: An organization is referencing NIST best practices for BCP c...
- Question 164: The principal security analyst for a global manufacturer is ...
- Question 165: Company A is establishing a contractual with Company B. The ...
- Question 166: A university issues badges through a homegrown identity mana...
- Question 167: A security review of the architecture for an application mig...
- Question 168: A company underwent an audit in which the following issues w...
- Question 169: An employee's device was missing for 96 hours before being r...
- Question 170: A company recently deployed a SIEM and began importing logs ...
- Question 171: A company Invested a total of $10 million lor a new storage ...
- Question 172: A company is migrating from company-owned phones to a BYOD s...
- Question 173: A security analyst is reviewing the following output: (Exhib...
- Question 174: A security engineer investigates an incident and determines ...
- Question 175: An organization recently started processing, transmitting, a...
- Question 176: A security operations center analyst is investigating anomal...
