CAS-004 Exam Dumps | A law firm experienced a breach in which access was gained to a secure server. During an investigation

<< Prev Question Next Question >>

Question 321/378

A law firm experienced a breach in which access was gained to a secure server. During an investigation to determine how the breach occurred, an employee admitted to clicking on a spear- phishing link. A security analyst reviewed the event logs and found the following:
- PAM had not been bypassed.
- DLP did not trigger any alerts.
- The antivirus was updated to the most current signatures.
Which of the following MOST likely occurred?

A. Privilege escalation

B. Exfiltration

C. Exploitation

D. Lateral movement

Question List (378q): Question 1: A major broadcasting company that requires continuous availa...; Question 2: A security analyst received a report that a suspicious flash...; Question 3: A partner organization is requesting that a security adminis...; Question 4: A company is migrating its data center to the cloud. Some ho...; Question 5: Which of the following communication protocols is used to cr...; Question 6: An organization's threat team is creating a model based on a...; Question 7: A security engineer is working to secure an organization's V...; Question 8: A company wants to implement a cloud-based security solution...; Question 9: A security architect for a large, multinational manufacturer...; Question 10: The Chief Information Security Officer (CISO) is working wit...; Question 11: A control systems analyst is reviewing the defensive posture...; Question 12: A small company recently developed prototype technology for ...; Question 13: A server in a manufacturing environment is running an end-of...; Question 14: A software developer has been tasked with creating a unique ...; Question 15: Which of the following risks does expanding business into a ...; Question 16: Some end users of an e-commerce website are reporting a dela...; Question 17: A user forwarded a suspicious email to a security analyst fo...; Question 18: A security analyst discovered that the company's WAF was not...; Question 19: During a software assurance assessment, an engineer notices ...; Question 20: A security engineer is troubleshooting an issue in which an ...; Question 21: A cloud security engineer is setting up a cloud-hosted WAF. ...; Question 22: Which of the following industrial protocols is most likely t...; Question 23: Which of the following is record-level encryption commonly u...; Question 24: A global financial firm wants to onboard a new vendor that s...; Question 25: A cybersecurity engineer analyst a system for vulnerabilitie...; Question 26: A financial institution has several that currently employ th...; Question 27: A security manager wants to transition the organization to a...; Question 28: The Chief information Officer (CIO) of a large bank, which u...; Question 29: Ransomware encrypted the entire human resources fileshare fo...; Question 30: A forensics investigator is analyzing an executable file ext...; Question 31: When implementing serverless computing, an organization must...; Question 32: An investigator is attempting to determine if recent data br...; Question 33: The information security manager of an e-commerce company re...; Question 34: A company is looking at sending historical backups containin...; Question 35: A security engineer estimates the company's popular web appl...; Question 36: During a review of events, a security analyst notes that sev...; Question 37: A security analyst and a DevOps engineer are working togethe...; Question 38: An application engineer is using the Swagger framework to le...; Question 39: Ann, a CIRT member, is conducting incident response activiti...; Question 40: A security engineer is trying to identify instances of a vul...; Question 41: A security analyst has noticed a steady increase in the numb...; Question 42: A user from the sales department opened a suspicious file at...; Question 43: A development team created a mobile application that contact...; Question 44: A company purchased Burp Suite licenses this year for each a...; Question 45: A security architect works for a manufacturing organization ...; Question 46: A PaaS provider deployed a new product using a DevOps method...; Question 47: A security architect discovers the following page while test...; Question 48: A security analyst is concerned that a malicious piece of co...; Question 49: Application owners are reporting performance issues with tra...; Question 50: A corporation discovered its internet connection is saturate...; Question 51: During a recent security incident investigation, a security ...; Question 52: A Chief Information Security Officer (CISO) is running a tes...; Question 53: The CI/CD pipeline requires code to have close to zero defec...; Question 54: A local government that is investigating a data exfiltration...; Question 55: A security architect is implementing a SOAR solution in an o...; Question 56: A security analyst is using data provided from a recent pene...; Question 57: A company's software developers have indicated that the secu...; Question 58: An IoT device implements an encryption module built within i...; Question 59: A DNS forward lookup zone named comptia.org must: - Ensure t...; Question 60: A vulnerability analyst identified a zero-day vulnerability ...; Question 61: An organization wants to perform a scan of all its systems a...; Question 62: A SIEM generated an alert after a third-party database admin...; Question 63: A company is implementing a new secure identity application,...; Question 64: As part of the asset management life cycle, a company engage...; Question 65: A security administrator has been provided with three separa...; Question 66: A company based in the United States holds insurance details...; Question 67: A financial services company has proprietary trading algorit...; Question 68: An organization collects personal data from its global custo...; Question 69: A security engineer is concerned about the threat of side-ch...; Question 70: A security analyst has been tasked with assessing a new API....; Question 71: A small business requires a low-cost approach to theft detec...; Question 72: In a shared responsibility model for PaaS, which of the foll...; Question 73: A new corporate policy requires that all employees have acce...; Question 74: Company A is establishing a contractual with Company B. The ...; Question 75: A business wants to migrate its workloads from an exclusivel...; Question 76: A company has a BYOD policy and has configured remote-wiping...; Question 77: An executive has decided to move a company's customer-facing...; Question 78: SIMULATION During the course of normal SOC operations, three...; Question 79: A company wants to prevent a partner company from denying ag...; Question 80: Which of the following represents the MOST significant benef...; Question 81: A security administrator needs to recommend an encryption pr...; Question 82: A recent batch of bug bounty findings indicates a systematic...; Question 83: An organization's existing infrastructure includes site-to-s...; Question 84: A security architect needs to implement a CASB solution for ...; Question 85: An analyst is evaluating the security of a web application t...; Question 86: A company publishes several APIs for customers and is requir...; Question 87: A large telecommunications equipment manufacturer needs to e...; Question 88: A DevOps team has deployed databases, event-driven services,...; Question 89: A security engineer needs to ensure production containers ar...; Question 90: A security analyst is investigating a possible buffer overfl...; Question 91: A security administrator is opening connectivity on a firewa...; Question 92: The general counsel at an organization has received written ...; Question 93: A technology company developed an in-house chat application ...; Question 94: A Chief information Security Officer (CISO) is developing co...; Question 95: An enterprise is deploying APIs that utilize a private key a...; Question 96: A Chief Information Officer is considering migrating all com...; Question 97: A regulated company is in the process of refreshing its enti...; Question 98: A smart switch has the ability to monitor electrical levels ...; Question 99: A social media company wants to change encryption ciphers af...; Question 100: A development team releases updates to an application regula...; Question 101: A company wants to implement a new website that will be acce...; Question 102: A security administrator at a global organization wants to u...; Question 103: An IT department is currently working to implement an enterp...; Question 104: A Chief Information Officer (CIO) wants to implement a cloud...; Question 105: A software house is developing a new application. The applic...; Question 106: A network security engineer is designing a three-tier web ar...; Question 107: After an employee was terminated, the company discovered the...; Question 108: A software development company makes Its software version av...; Question 109: A company is rewriting a vulnerable application and adding t...; Question 110: A mobile device hardware manufacturer receives the following...; Question 111: A company would like to move its payment card data to a clou...; Question 112: Company A acquired Company B. During an audit, a security en...; Question 113: A security engineer is reviewing metrics for a series of bug...; Question 114: To bring digital evidence in a court of law, the evidence mu...; Question 115: A software assurance analyst reviews an SSH daemon's source ...; Question 116: A Chief Information Security Officer (CISO) reviewed data fr...; Question 117: A small company recently developed prototype technology for ...; Question 118: A firewall administrator needs to ensure all traffic across ...; Question 119: A client is adding scope to a project. Which of the followin...; Question 120: A new, online file hosting service is being offered. The ser...; Question 121: A security architect is reviewing the following organization...; Question 122: A health company has reached the physical and computing capa...; Question 123: A company is migrating from company-owned phones to a BYOD s...; Question 124: The Chief Information Security Officer (CISO) has outlined a...; Question 125: A system administrator at a medical imaging company discover...; Question 126: An analyst has prepared several possible solutions to a succ...; Question 127: Given the following log snippet from a web server: (Exhibit)...; Question 128: An employee decides to log into an authorized system. The sy...; Question 129: A security consultant needs to set up wireless security for ...; Question 130: A junior security researcher has identified a buffer overflo...; Question 131: A company is developing a new service product offering that ...; Question 132: A security review of the architecture for an application mig...; Question 133: A penetration tester is conducting an assessment on Comptia....; Question 134: A technician uses an old SSL server due to budget constraint...; Question 135: An administrator at a software development company would lik...; Question 136: A company underwent an audit in which the following issues w...; Question 137: A new web server must comply with new secure-by-design princ...; Question 138: A development team needs terminal access to preproduction se...; Question 139: An organization is implementing a new identity and access ma...; Question 140: An analyst reviews the following output collected during the...; Question 141: A security engineer is reviewing Apache web server logs and ...; Question 142: The Chief information Officer (CIO) wants to establish a non...; Question 143: Which of the following is the best reason for obtaining file...; Question 144: A company's user community is being adversely affected by va...; Question 145: An organization offers SaaS services through a public email ...; Question 146: The principal security analyst for a global manufacturer is ...; Question 147: A software development firm wants to validate the use of sta...; Question 148: A security architect is designing a solution for a new custo...; Question 149: After installing an unapproved application on a personal dev...; Question 150: The Chief Executive Officer (CEO) of a small wholesaler with...; Question 151: A company implements the following access control methodolog...; Question 152: A MSSP has taken on a large client that has government compl...; Question 153: Which of the following should an organization implement to p...; Question 154: An ASIC manufacturer wishing to best reduce downstream suppl...; Question 155: A bank has multiple subsidiaries that have independent infra...; Question 156: A security analyst is investigating unapproved cloud service...; Question 157: An organization's hunt team thinks a persistent threats exis...; Question 158: An engineer wants to assess the OS security configurations o...; Question 159: A security engineer is performing a threat modeling procedur...; Question 160: A cyberanalyst has been tasked with recovering PDF files fro...; Question 161: The management team at a company with a large, aging server ...; Question 162: A city government's IT director was notified by the city cou...; Question 163: An organization recently started processing, transmitting, a...; Question 164: A software development company wants to ensure that users ca...; Question 165: An organization is concerned that its hosted web servers are...; Question 166: A small bank is evaluating different methods to address and ...; Question 167: A security analyst is researching containerization concepts ...; Question 168: The audit team was only provided the physical and logical ad...; Question 169: A company's Chief Information Officer wants to implement IDS...; Question 170: Due to locality and budget constraints, an organization's sa...; Question 171: A security analyst is assessing a new application written in...; Question 172: A security analyst is reviewing the following vulnerability ...; Question 173: Which of the following is required for an organization to me...; Question 174: During a recent breach, an attacker was able to get a user's...; Question 175: A security analyst has been assigned incident response dutie...; Question 176: A security engineer investigates an incident and determines ...; Question 177: A security architect updated the security policy to require ...; Question 178: A company is outsourcing to an MSSP that performs managed de...; Question 179: An internal security audit determines that Telnet is current...; Question 180: Which of the following are the MOST likely vectors for the u...; Question 181: A security officer is requiring all personnel working on a s...; Question 182: A security administrator is setting up a virtualization solu...; Question 183: A company has integrated source code from a subcontractor in...; Question 184: A video-game developer has received reports of players who a...; Question 185: A company has data it would like to aggregate from its PLCs ...; Question 186: An attacker exploited an unpatched vulnerability in a web fr...; Question 187: A company requires a task to be carried by more than one per...; Question 188: A company recently deployed new servers to create an additio...; Question 189: A security analyst is trying to identify the source of a rec...; Question 190: An organization's finance system was recently attacked. A fo...; Question 191: A security engineer is implementing a server-side TLS config...; Question 192: PKI can be used to support security requirements in the chan...; Question 193: Following a complete outage of the electronic medical record...; Question 194: A security engineer wants to introduce key stretching techni...; Question 195: A software developer needs to add an authentication method t...; Question 196: A company makes consumer health devices and needs to maintai...; Question 197: A domestic, publicly traded, online retailer that sells make...; Question 198: A company is experiencing a large number of attempted networ...; Question 199: Which of the following technologies would benefit the most f...; Question 200: During a recent incident, sensitive data was disclosed and s...; Question 201: A security compliance requirement states that specific envir...; Question 202: A software developer must choose encryption algorithms to se...; Question 203: A common industrial protocol has the following characteristi...; Question 204: An engineer is evaluating the control profile to assign to a...; Question 205: Which of the following should be established when configurin...; Question 206: An attacker has been compromising banking institution target...; Question 207: A security manager has written an incident response play boo...; Question 208: A developer implement the following code snippet. catch (Exc...; Question 209: A security auditor needs to review the manner in which an en...; Question 210: A cybersecurity analyst discovered a private key that could ...; Question 211: A security architect was asked to modify an existing interna...; Question 212: A security consultant has been asked to identify a simple, s...; Question 213: A security engineer needs to implement a CASB to secure empl...; Question 214: A systems administrator at a web-hosting provider has been t...; Question 215: A security engineer was auditing an organization's current s...; Question 216: Law enforcement officials informed an organization that an i...; Question 217: Which of the following security features do email signatures...; Question 218: A company created an external application for its customers....; Question 219: A recent security assessment generated a recommendation to t...; Question 220: A security analyst notices a number of SIEM events that show...; Question 221: A digital forensics expert has obtained an ARM binary suspec...; Question 222: A company's human resources department recently had its own ...; Question 223: A security analyst discovers a new device on the company's d...; Question 224: A security architect is working with a new customer to find ...; Question 225: A security engineer performed an assessment on a recently de...; Question 226: All staff at a company have started working remotely due to ...; Question 227: A company is concerned about disgruntled employees transferr...; Question 228: A company's BIA indicates that any loss of more than one hou...; Question 229: A company hosts a large amount of data in blob storage for i...; Question 230: A security manager is determining the best DLP solution for ...; Question 231: A company has moved its sensitive workloads to the cloud and...; Question 232: Based on PCI DSS v3.4, One Particular database field can sto...; Question 233: After a security incident, a network security engineer disco...; Question 234: A company would like to obfuscate PII data accessed by an ap...; Question 235: A security assessor identified an internet-facing web servic...; Question 236: The OS on several servers crashed around the same time for a...; Question 237: Which of the following allows computation and analysis of da...; Question 238: An electric car company hires an IT consulting company to im...; Question 239: A company has instituted a new policy in which all outbound ...; Question 240: Joe an application security engineer is performing an audit ...; Question 241: A security administrator needs to implement an X.509 solutio...; Question 242: A security engineer needs to select the architecture for a c...; Question 243: A remote user reports the inability to authenticate to the V...; Question 244: A security analyst is evaluating all third-party software an...; Question 245: A security administrator needs to implement a security solut...; Question 246: A company has been the target of LDAP injections, as well as...; Question 247: Which of the following terms refers to the delivery of encry...; Question 248: Following a Log4j outbreak, several network appliances were ...; Question 249: A company wants to use a process to embed a sign of ownershi...; Question 250: A company wants to improve Its active protection capabilitie...; Question 251: Legal authorities notify a company that its network has been...; Question 252: A security architect is advising the application team to imp...; Question 253: A forensic expert working on a fraud investigation for a US-...; Question 254: An online video shows a company's Chief Executive Officer (C...; Question 255: An engineering team has deployed a new VPN service that requ...; Question 256: A security architect has designated that a server segment of...; Question 257: A security architect is tasked with scoping a penetration te...; Question 258: An enterprise is configuring an SSL client-based VPN for cer...; Question 259: Users are reporting intermittent access issues with a new cl...; Question 260: Ann, a security manager, is reviewing a threat feed that pro...; Question 261: In comparison to other types of alternative processing sites...; Question 262: A small business would like to provide guests who are using ...; Question 263: A security analyst runs a vulnerability scan on a network ad...; Question 264: An accounting team member received a voicemail message from ...; Question 265: Leveraging cryptographic solutions to protect data that is i...; Question 266: A security analyst is examining a former employee's laptop f...; Question 267: A company wants to quantify and communicate the effectivenes...; Question 268: A security engineer has implemented an internal user access ...; Question 269: A software developer created an application for a large, mul...; Question 270: A networking team asked a security administrator to enable F...; Question 271: A company's SOC has received threat intelligence about an ac...; Question 272: In support of disaster recovery objectives, a third party ag...; Question 273: A customer requires secure communication of subscribed web s...; Question 274: An engineer has had scaling issues with a web application ho...; Question 275: A new requirement for legislators has forced a government se...; Question 276: A company with multiple locations has taken a cloud-only app...; Question 277: A penetration tester is given an assignment lo gain physical...; Question 278: A company uses an enterprise desktop imaging solution to man...; Question 279: An enterprise's Chief Technology Officer (CTO) and Chief Inf...; Question 280: A security analyst has been tasked with providing key inform...; Question 281: An organization is assessing the security posture of a new S...; Question 282: A hospitality company experienced a data breach that include...; Question 283: A security analyst at a global financial firm was reviewing ...; Question 284: A threat hunting team receives a report about possible APT a...; Question 285: The Chief information Security Officer (CISO) of a small loc...; Question 286: A company has retained the services of a consultant to perfo...; Question 287: A security analyst for a bank received an anonymous tip on t...; Question 288: An organization had been leveraging RC4 to protect the confi...; Question 289: A security administrator wants to allow external organizatio...; Question 290: A security analyst discovered that a database administrator'...; Question 291: An organization wants to implement an access control system ...; Question 292: Which of the following is the MOST important security object...; Question 293: A manufacturing company's security engineer is concerned a r...; Question 294: An employee's device was missing for 96 hours before being r...; Question 295: A Chief Information Security Officer (CISO) needs to create ...; Question 296: Users have reported that an internally developed web applica...; Question 297: A security engineer is implementing DLP. Which of the follow...; Question 298: A forensic investigator started the process of gathering evi...; Question 299: A penetration tester obtained root access on a Windows serve...; Question 300: An organization developed a containerized application. The o...; Question 301: Ann, a retiring employee, cleaned out her desk. The next day...; Question 302: A company wants to protect its intellectual property from th...; Question 303: A security architect recommends replacing the company's mono...; Question 304: company management elects to cancel production. Which of the...; Question 305: A company wants to improve the security of its web applicati...; Question 306: A company has identified a number of vulnerable, end-of-supp...; Question 307: A recent data breach revealed that a company has a number of...; Question 308: The Chief information Officer (CIO) asks the system administ...; Question 309: A cybersecurity analyst discovered a private key that could ...; Question 310: Drag and Drop Question An organization is planning for disas...; Question 311: A security analyst detected a malicious PowerShell attack on...; Question 312: Which of the following attacks can be mitigated by proper da...; Question 313: A pharmaceutical company uses a cloud provider to host thous...; Question 314: A network administrator for a completely air-gapped and clos...; Question 315: A company recently implemented a CI/CD pipeline and is now c...; Question 316: An organization must implement controls that are aligned wit...; Question 317: The Chief Executive Officer )CEO) of a small company decides...; Question 318: A product manager is concerned about the unintentional shari...; Question 319: A risk assessment determined that company data was leaked to...; Question 320: A security solution uses a sandbox environment to execute ze...; Question 321: A law firm experienced a breach in which access was gained t...; Question 322: A company is looking for a solution to hide data stored in d...; Question 323: A company is moving all of its web applications to an SSO co...; Question 324: An administrator completed remediation for all the findings ...; Question 325: A security engineer needs to implement a cost-effective auth...; Question 326: A security analyst has concerns about malware on an endpoint...; Question 327: A software development company is implementing a SaaS-based ...; Question 328: An organization is running its e-commerce site in the cloud....; Question 329: A company undergoing digital transformation is reviewing the...; Question 330: A systems administrator was given the following IOC to detec...; Question 331: Which of the following is the BEST disaster recovery solutio...; Question 332: A security engineer has learned that terminated employees' a...; Question 333: A security analyst has been provided the following partial S...; Question 334: A web application server is running a legacy operating syste...; Question 335: An organization that provides a SaaS solution recently exper...; Question 336: Which of the following is a security concern for DNP3?...; Question 337: A host on a company's network has been infected by a worm th...; Question 338: A developer wants to develop a secure external-facing web ap...; Question 339: A company wants to securely manage the APIs that were develo...; Question 340: Which of the following may indicate a configuration item has...; Question 341: When implementing a penetration testing program, the Chief I...; Question 342: A cybersecurity analyst receives a ticket that indicates a p...; Question 343: A security analyst is evaluating the security of an online c...; Question 344: A security administrator adding a NAC requirement for all VP...; Question 345: A startup software company recently updated its development ...; Question 346: In order to authenticate employees who, call in remotely, a ...; Question 347: A security analyst is monitoring an organization's IDS and D...; Question 348: SIMULATION You are a security analyst tasked with interpreti...; Question 349: Immediately following the report of a potential breach, a se...; Question 350: A company has hired a security architect to address several ...; Question 351: A company is deploying multiple VPNs to support supplier con...; Question 352: A company recently experienced a security incident in which ...; Question 353: During a network defense engagement, a red team is able to e...; Question 354: A company has a website with a huge database. The company wa...; Question 355: A company recently migrated all its workloads to the cloud a...; Question 356: An e-commerce company that provides payment gateways is conc...; Question 357: A web service provider has just taken on a very large contra...; Question 358: A security researcher detonated some malware in a lab enviro...; Question 359: The Chief information Officer (CIO) wants to implement enter...; Question 360: During an incident, an employee's web traffic was redirected...; Question 361: A penetration tester is testing a company's login form for a...; Question 362: Company A is merging with Company B. Company A is a small, l...; Question 363: An HVAC contractor requested network connectivity permission...; Question 364: A security analyst needs to recommend a remediation to the f...; Question 365: The following messages are displayed when a VPN client is at...; Question 366: Over the last 90 days, many storage services has been expose...; Question 367: An auditor Is reviewing the logs from a web application to d...; Question 368: Which of the following is MOST commonly found in a network S...; Question 369: Which of the following BEST sets expectation between the sec...; Question 370: A company is deploying a DIP solution and scanning workstati...; Question 371: A security technician is trying to connect a remote site to ...; Question 372: A software developer was just informed by the security team ...; Question 373: A security analyst is reviewing the following output from a ...; Question 374: A security architect is analyzing an old application that is...; Question 375: A company processes sensitive cardholder information that is...; Question 376: An organization is prioritizing efforts to remediate or miti...; Question 377: A security engineer has recently become aware of a Java appl...; Question 378: The Chief Executive Officer (CEO) of a fast-growing company ...

Question 321/378

LEAVE A REPLY

Download PDF File