- Home
- CompTIA
- CompTIA Advanced Security Practitioner (CASP+) Exam
- CompTIA.CAS-004.v2025-03-03.q219
- Question 65
Valid CAS-004 Dumps shared by ExamDiscuss.com for Helping Passing CAS-004 Exam! ExamDiscuss.com now offer the newest CAS-004 exam dumps, the ExamDiscuss.com CAS-004 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-004 dumps with Test Engine here:
Access CAS-004 Dumps Premium Version
(620 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 65/219
A network security engineer is designing a three-tier web architecture that will allow a third-party vendor to perform the following audit functions within the organization's cloud environment
* Review communication between all infrastructure endpoints
* Identify unauthorized and malicious data patterns
* Perform automated, risk-mitigating configuration changes
Which of the following should the network security engineer include in the design to address these requirements?
* Review communication between all infrastructure endpoints
* Identify unauthorized and malicious data patterns
* Perform automated, risk-mitigating configuration changes
Which of the following should the network security engineer include in the design to address these requirements?
Correct Answer: C
Traffic mirroring, also known as port mirroring or SPAN (Switched Port Analyzer), involves creating a copy of the actual network traffic for independent analysis. This would allow the third-party vendor to review communications between infrastructure endpoints, identify unauthorized and malicious data patterns, and perform automated, risk-mitigating configuration changes without impacting the live environment. This is used in network intrusion detection systems (NIDS) and for traffic analysis purposes.
- Question List (219q)
- Question 1: Which of the following is the MOST important security object...
- Question 2: A senior security analyst is helping the development team im...
- Question 3: A university issues badges through a homegrown identity mana...
- Question 4: A security engineer needs to implement a cost-effective auth...
- Question 5: A vulnerability scanner detected an obsolete version of an o...
- Question 6: A security analyst has been provided the following partial S...
- Question 7: A company security engineer arrives at work to face the foll...
- Question 8: A managed security provider (MSP) is engaging with a custome...
- Question 9: After a cybersecurity incident, a judge found that a company...
- Question 10: A SaaS startup is maturing its DevSecOps program and wants t...
- Question 11: An organization is assessing the security posture of a new S...
- Question 12: An organization does not have visibility into when company-o...
- Question 13: Which of the following is a security concern for DNP3?...
- Question 14: An energy company is required to report the average pressure...
- Question 15: A security architect Is analyzing an old application that is...
- Question 16: To bring digital evidence in a court of law the evidence mus...
- Question 17: The Chief information Officer (CIO) wants to implement enter...
- Question 18: The goal of a Chief information Security Officer (CISO) prov...
- Question 19: A security engineer needs to implement a solution to increas...
- Question 20: A large telecommunications equipment manufacturer needs to e...
- Question 21: A business stores personal client data of individuals residi...
- Question 22: A security analyst is trying to identify the source of a rec...
- Question 23: A systems administrator is in the process of hardening the h...
- Question 24: An organization recently started processing, transmitting, a...
- Question 25: A network administrator receives a ticket regarding an error...
- Question 26: A security consultant has been asked to identify a simple, s...
- Question 27: A company wants to protect its intellectual property from th...
- Question 28: An application server was recently upgraded to prefer TLS 1....
- Question 29: A cyberanalyst for a government agency is concerned about ho...
- Question 30: Due to budget constraints, an organization created a policy ...
- Question 31: A security analyst has been tasked with providing key inform...
- Question 32: The principal security analyst for a global manufacturer is ...
- Question 33: An organization's finance system was recently attacked. A fo...
- Question 34: A threat analyst notices the following URL while going throu...
- Question 35: A company suspects a web server may have been infiltrated by...
- Question 36: A company wants to refactor a monolithic application to take...
- Question 37: A major broadcasting company that requires continuous availa...
- Question 38: A security architect is working with a new customer to find ...
- Question 39: An organization is running its e-commerce site in the cloud....
- Question 40: An loT device implements an encryption module built within i...
- Question 41: A security administrator needs to recommend an encryption pr...
- Question 42: A company hired a third party to develop software as part of...
- Question 43: Leveraging cryptographic solutions to protect data that is i...
- Question 44: A financial services company wants to migrate its email serv...
- Question 45: A company has decided to purchase a license for software tha...
- Question 46: A small company needs to reduce its operating costs. vendors...
- Question 47: Users are claiming that a web server is not accessible. A se...
- Question 48: An engineering team is developing and deploying a fleet of m...
- Question 49: An attack team performed a penetration test on a new smart c...
- Question 50: In preparation for the holiday season, a company redesigned ...
- Question 51: During a system penetration test, a security engineer succes...
- Question 52: An enterprise is undergoing an audit to review change manage...
- Question 53: A cloud security engineer is setting up a cloud-hosted WAF. ...
- Question 54: A security analyst observes the following while looking thro...
- Question 55: A shipping company that is trying to eliminate entire classe...
- Question 56: A security administrator wants to enable a feature that woul...
- Question 57: A company wants to improve the security of its web applicati...
- Question 58: A software development company makes Its software version av...
- Question 59: A security is assisting the marketing department with ensuri...
- Question 60: An attacker infiltrated the code base of a hardware manufact...
- Question 61: A security engineer is creating a single CSR for the followi...
- Question 62: A help desk technician just informed the security department...
- Question 63: A university issues badges through a homegrown identity mana...
- Question 64: Which of the following processes involves searching and coll...
- Question 65: A network security engineer is designing a three-tier web ar...
- Question 66: A security engineer is assessing a legacy server and needs t...
- Question 67: A hospital has fallen behind with patching known vulnerabili...
- Question 68: The Chief information Officer (CIO) wants to establish a non...
- Question 69: An auditor needs to scan documents at rest for sensitive tex...
- Question 70: A host on a company's network has been infected by a worm th...
- Question 71: Which of the following allows computation and analysis of da...
- Question 72: A security researcher detonated some malware in a lab enviro...
- Question 73: A home automation company just purchased and installed tools...
- Question 74: An analyst execute a vulnerability scan against an internet-...
- Question 75: An e-commerce company is running a web server on premises, a...
- Question 76: A software developer created an application for a large, mul...
- Question 77: A company is moving most of its customer-facing production s...
- Question 78: A security analyst is reviewing SIEM events and is uncertain...
- Question 79: A municipal department receives telemetry data from a third-...
- Question 80: A bank is working with a security architect to find the BEST...
- Question 81: A security analyst notices a number of SIEM events that show...
- Question 82: The Chief Security Officer (CSO) requested the security team...
- Question 83: A company has moved its sensitive workloads lo the cloud and...
- Question 84: Signed applications reduce risks by:...
- Question 85: Which of the following is the BEST disaster recovery solutio...
- Question 86: A security architect is designing a solution for a new custo...
- Question 87: An organization is assessing the security posture of a new S...
- Question 88: An engineering team has deployed a new VPN service that requ...
- Question 89: A large number of emails have been reported, and a security ...
- Question 90: A security analyst for a managed service provider wants to i...
- Question 91: A security analyst is reviewing network connectivity on a Li...
- Question 92: An organization is implementing a new identity and access ma...
- Question 93: A customer reports being unable to connect to a website at w...
- Question 94: A SOC analyst is reviewing malicious activity on an external...
- Question 95: A vulnerability analyst identified a zero-day vulnerability ...
- Question 96: A company requires a task to be carried by more than one per...
- Question 97: A software development company is building a new mobile appl...
- Question 98: A company recently deployed a SIEM and began importing logs ...
- Question 99: A software company is developing an application in which dat...
- Question 100: A developer wants to maintain integrity to each module of a ...
- Question 101: Which of the following BEST describes a common use case for ...
- Question 102: A company underwent an audit in which the following issues w...
- Question 103: A security team received a regulatory notice asking for info...
- Question 104: Ransomware encrypted the entire human resources fileshare fo...
- Question 105: Which of the following is the MOST important cloud-specific ...
- Question 106: Which of the following protocols is a low power, low data ra...
- Question 107: The general counsel at an organization has received written ...
- Question 108: A developer is creating a new mobile application for a compa...
- Question 109: Due to internal resource constraints, the management team ha...
- Question 110: In order to authenticate employees who, call in remotely, a ...
- Question 111: A security architect works for a manufacturing organization ...
- Question 112: A security analyst is investigating a possible buffer overfl...
- Question 113: Which of the following should be established when configurin...
- Question 114: A business wants to migrate its workloads from an exclusivel...
- Question 115: (Exhibit) An organization is planning for disaster recovery ...
- Question 116: An internal security assessor identified large gaps in a com...
- Question 117: A mobile administrator is reviewing the following mobile dev...
- Question 118: A security operations center analyst is investigating anomal...
- Question 119: A security architect is tasked with scoping a penetration te...
- Question 120: A security engineer has been informed by the firewall team t...
- Question 121: A company wants to use a process to embed a sign of ownershi...
- Question 122: A system administrator at a medical imaging company discover...
- Question 123: The Chief information Officer (CIO) of a large bank, which u...
- Question 124: The Chief Information Security Officer of a startup company ...
- Question 125: A security analyst wants to keep track of alt outbound web c...
- Question 126: A software development company is building a new mobile appl...
- Question 127: Users are reporting intermittent access issues with a new cl...
- Question 128: A security architect is reviewing the following proposed cor...
- Question 129: Which of the following best describes what happens if chain ...
- Question 130: A large organization is planning to migrate from on premises...
- Question 131: An organization is establishing a new software assurance pro...
- Question 132: A technician is reviewing the logs and notices a large numbe...
- Question 133: A security analyst is concerned that a malicious piece of co...
- Question 134: A security analyst is validating the MAC policy on a set of ...
- Question 135: During a network defense engagement, a red team is able to e...
- Question 136: A satellite communications ISP frequently experiences outage...
- Question 137: An architectural firm is working with its security team to e...
- Question 138: A company has retained the services of a consultant to perfo...
- Question 139: The Chief Information Security Officer is concerned about th...
- Question 140: A company publishes several APIs for customers and is requir...
- Question 141: Which of the following indicates when a company might not be...
- Question 142: A company is deploying multiple VPNs to support supplier con...
- Question 143: An organization established an agreement with a partner comp...
- Question 144: A small business requires a low-cost approach to theft detec...
- Question 145: A cloud security architect has been tasked with finding a so...
- Question 146: A security engineer needs to review the configurations of se...
- Question 147: A company wants to improve Its active protection capabilitie...
- Question 148: A company provides guest WiFi access to the internet and phy...
- Question 149: An organization is referencing NIST best practices for BCP c...
- Question 150: As part of the customer registration process to access a new...
- Question 151: A systems administrator was given the following IOC to detec...
- Question 152: A security analyst is performing a vulnerability assessment ...
- Question 153: Which of the following processes involves searching and coll...
- Question 154: Due to internal resource constraints, the management team ha...
- Question 155: An organization has an operational requirement with a specif...
- Question 156: A company created an external application for its customers....
- Question 157: Over the last 90 days, many storage services has been expose...
- Question 158: A company hosts a large amount of data in blob storage for i...
- Question 159: A disaster recovery team learned of several mistakes that we...
- Question 160: An analyst has prepared several possible solutions to a succ...
- Question 161: A security analyst runs a vulnerability scan on a network ad...
- Question 162: An IPSec solution is being deployed. The configuration files...
- Question 163: A security consultant is designing an infrastructure securit...
- Question 164: A vulnerability assessment endpoint generated a report of th...
- Question 165: After a server was compromised an incident responder looks a...
- Question 166: A client is adding scope to a project. Which of the followin...
- Question 167: An organization is preparing to migrate its production envir...
- Question 168: A network administrator for a completely air-gapped and clos...
- Question 169: Which of the following testing plans is used to discuss disa...
- Question 170: The CI/CD pipeline requires code to have close to zero defec...
- Question 171: A security architect must mitigate the risks from what is su...
- Question 172: An organization decided to begin issuing corporate mobile de...
- Question 173: In order to save money, a company has moved its data to the ...
- Question 174: A security engineer needs to select the architecture for a c...
- Question 175: A Chief information Security Officer (CISO) has launched to ...
- Question 176: A global organization's Chief Information Security Officer (...
- Question 177: An IT administrator is reviewing all the servers in an organ...
- Question 178: In a shared responsibility model for PaaS, which of the foll...
- Question 179: Company A acquired Company . During an audit, a security eng...
- Question 180: A security analyst discovered that the company's WAF was not...
- Question 181: Application owners are reporting performance issues with tra...
- Question 182: A networking team was asked to provide secure remote access ...
- Question 183: Which of the following is record-level encryption commonly u...
- Question 184: An administrator at a software development company would lik...
- Question 185: A security analyst needs to recommend a remediation to the f...
- Question 186: After a security incident, a network security engineer disco...
- Question 187: A company is looking for a solution to hide data stored in d...
- Question 188: A security analyst discovered that the company's WAF was not...
- Question 189: A security engineer is implementing a server-side TLS config...
- Question 190: A company is looking to fortify its cybersecurity defenses a...
- Question 191: A junior developer is informed about the impact of new malwa...
- Question 192: After installing an unapproved application on a personal dev...
- Question 193: in a situation where the cost of anti-malware exceeds the po...
- Question 194: An investigator is attempting to determine if recent data br...
- Question 195: A security architect updated the security policy to require ...
- Question 196: A security consultant needs to set up wireless security for ...
- Question 197: An ISP is receiving reports from a portion of its customers ...
- Question 198: A security analyst is reviewing a new IOC in which data is i...
- Question 199: A security architect was asked to modify an existing interna...
- Question 200: A high-severity vulnerability was found on a web application...
- Question 201: An organization requires a contractual document that include...
- Question 202: A company is looking at sending historical backups containin...
- Question 203: During a review of events, a security analyst notes that sev...
- Question 204: A local university that has a global footprint is undertakin...
- Question 205: An organization performed a risk assessment and discovered t...
- Question 206: During a phishing exercise, a few privileged users ranked hi...
- Question 207: An organization recently experienced a ransomware attack. Th...
- Question 208: Which of the following technologies allows CSPs to add encry...
- Question 209: A cloud security architect has been tasked with selecting th...
- Question 210: A cybersecurity analyst created the following tables to help...
- Question 211: A company with only U S -based customers wants to allow deve...
- Question 212: A company is experiencing a large number of attempted networ...
- Question 213: A security analyst discovered that a database administrator'...
- Question 214: An organization recently recovered from an attack that featu...
- Question 215: Based on PCI DSS v3.4, One Particular database field can sto...
- Question 216: A new web server must comply with new secure-by-design princ...
- Question 217: A security architect for a large, multinational manufacturer...
- Question 218: A small business would like to provide guests who are using ...
- Question 219: A security analyst is investigating a series of suspicious e...
