CAS-004 Exam Dumps | A security analyst detected a malicious PowerShell attack on a single server. The malware used the Invoke-Expression

<< Prev Question Next Question >>

Question 311/378

A security analyst detected a malicious PowerShell attack on a single server. The malware used the Invoke-Expression function to execute an external malicious script. The security analyst scanned the disk with an antivirus application and did not find any IOCs. The security analyst now needs to deploy a protection solution against this type of malware.
Which of the following BEST describes the type of malware the solution should protect against?

A. Worm

B. Logic bomb

C. Fileless

D. Rootkit

Question List (378q): Question 1: A major broadcasting company that requires continuous availa...; Question 2: A security analyst received a report that a suspicious flash...; Question 3: A partner organization is requesting that a security adminis...; Question 4: A company is migrating its data center to the cloud. Some ho...; Question 5: Which of the following communication protocols is used to cr...; Question 6: An organization's threat team is creating a model based on a...; Question 7: A security engineer is working to secure an organization's V...; Question 8: A company wants to implement a cloud-based security solution...; Question 9: A security architect for a large, multinational manufacturer...; Question 10: The Chief Information Security Officer (CISO) is working wit...; Question 11: A control systems analyst is reviewing the defensive posture...; Question 12: A small company recently developed prototype technology for ...; Question 13: A server in a manufacturing environment is running an end-of...; Question 14: A software developer has been tasked with creating a unique ...; Question 15: Which of the following risks does expanding business into a ...; Question 16: Some end users of an e-commerce website are reporting a dela...; Question 17: A user forwarded a suspicious email to a security analyst fo...; Question 18: A security analyst discovered that the company's WAF was not...; Question 19: During a software assurance assessment, an engineer notices ...; Question 20: A security engineer is troubleshooting an issue in which an ...; Question 21: A cloud security engineer is setting up a cloud-hosted WAF. ...; Question 22: Which of the following industrial protocols is most likely t...; Question 23: Which of the following is record-level encryption commonly u...; Question 24: A global financial firm wants to onboard a new vendor that s...; Question 25: A cybersecurity engineer analyst a system for vulnerabilitie...; Question 26: A financial institution has several that currently employ th...; Question 27: A security manager wants to transition the organization to a...; Question 28: The Chief information Officer (CIO) of a large bank, which u...; Question 29: Ransomware encrypted the entire human resources fileshare fo...; Question 30: A forensics investigator is analyzing an executable file ext...; Question 31: When implementing serverless computing, an organization must...; Question 32: An investigator is attempting to determine if recent data br...; Question 33: The information security manager of an e-commerce company re...; Question 34: A company is looking at sending historical backups containin...; Question 35: A security engineer estimates the company's popular web appl...; Question 36: During a review of events, a security analyst notes that sev...; Question 37: A security analyst and a DevOps engineer are working togethe...; Question 38: An application engineer is using the Swagger framework to le...; Question 39: Ann, a CIRT member, is conducting incident response activiti...; Question 40: A security engineer is trying to identify instances of a vul...; Question 41: A security analyst has noticed a steady increase in the numb...; Question 42: A user from the sales department opened a suspicious file at...; Question 43: A development team created a mobile application that contact...; Question 44: A company purchased Burp Suite licenses this year for each a...; Question 45: A security architect works for a manufacturing organization ...; Question 46: A PaaS provider deployed a new product using a DevOps method...; Question 47: A security architect discovers the following page while test...; Question 48: A security analyst is concerned that a malicious piece of co...; Question 49: Application owners are reporting performance issues with tra...; Question 50: A corporation discovered its internet connection is saturate...; Question 51: During a recent security incident investigation, a security ...; Question 52: A Chief Information Security Officer (CISO) is running a tes...; Question 53: The CI/CD pipeline requires code to have close to zero defec...; Question 54: A local government that is investigating a data exfiltration...; Question 55: A security architect is implementing a SOAR solution in an o...; Question 56: A security analyst is using data provided from a recent pene...; Question 57: A company's software developers have indicated that the secu...; Question 58: An IoT device implements an encryption module built within i...; Question 59: A DNS forward lookup zone named comptia.org must: - Ensure t...; Question 60: A vulnerability analyst identified a zero-day vulnerability ...; Question 61: An organization wants to perform a scan of all its systems a...; Question 62: A SIEM generated an alert after a third-party database admin...; Question 63: A company is implementing a new secure identity application,...; Question 64: As part of the asset management life cycle, a company engage...; Question 65: A security administrator has been provided with three separa...; Question 66: A company based in the United States holds insurance details...; Question 67: A financial services company has proprietary trading algorit...; Question 68: An organization collects personal data from its global custo...; Question 69: A security engineer is concerned about the threat of side-ch...; Question 70: A security analyst has been tasked with assessing a new API....; Question 71: A small business requires a low-cost approach to theft detec...; Question 72: In a shared responsibility model for PaaS, which of the foll...; Question 73: A new corporate policy requires that all employees have acce...; Question 74: Company A is establishing a contractual with Company B. The ...; Question 75: A business wants to migrate its workloads from an exclusivel...; Question 76: A company has a BYOD policy and has configured remote-wiping...; Question 77: An executive has decided to move a company's customer-facing...; Question 78: SIMULATION During the course of normal SOC operations, three...; Question 79: A company wants to prevent a partner company from denying ag...; Question 80: Which of the following represents the MOST significant benef...; Question 81: A security administrator needs to recommend an encryption pr...; Question 82: A recent batch of bug bounty findings indicates a systematic...; Question 83: An organization's existing infrastructure includes site-to-s...; Question 84: A security architect needs to implement a CASB solution for ...; Question 85: An analyst is evaluating the security of a web application t...; Question 86: A company publishes several APIs for customers and is requir...; Question 87: A large telecommunications equipment manufacturer needs to e...; Question 88: A DevOps team has deployed databases, event-driven services,...; Question 89: A security engineer needs to ensure production containers ar...; Question 90: A security analyst is investigating a possible buffer overfl...; Question 91: A security administrator is opening connectivity on a firewa...; Question 92: The general counsel at an organization has received written ...; Question 93: A technology company developed an in-house chat application ...; Question 94: A Chief information Security Officer (CISO) is developing co...; Question 95: An enterprise is deploying APIs that utilize a private key a...; Question 96: A Chief Information Officer is considering migrating all com...; Question 97: A regulated company is in the process of refreshing its enti...; Question 98: A smart switch has the ability to monitor electrical levels ...; Question 99: A social media company wants to change encryption ciphers af...; Question 100: A development team releases updates to an application regula...; Question 101: A company wants to implement a new website that will be acce...; Question 102: A security administrator at a global organization wants to u...; Question 103: An IT department is currently working to implement an enterp...; Question 104: A Chief Information Officer (CIO) wants to implement a cloud...; Question 105: A software house is developing a new application. The applic...; Question 106: A network security engineer is designing a three-tier web ar...; Question 107: After an employee was terminated, the company discovered the...; Question 108: A software development company makes Its software version av...; Question 109: A company is rewriting a vulnerable application and adding t...; Question 110: A mobile device hardware manufacturer receives the following...; Question 111: A company would like to move its payment card data to a clou...; Question 112: Company A acquired Company B. During an audit, a security en...; Question 113: A security engineer is reviewing metrics for a series of bug...; Question 114: To bring digital evidence in a court of law, the evidence mu...; Question 115: A software assurance analyst reviews an SSH daemon's source ...; Question 116: A Chief Information Security Officer (CISO) reviewed data fr...; Question 117: A small company recently developed prototype technology for ...; Question 118: A firewall administrator needs to ensure all traffic across ...; Question 119: A client is adding scope to a project. Which of the followin...; Question 120: A new, online file hosting service is being offered. The ser...; Question 121: A security architect is reviewing the following organization...; Question 122: A health company has reached the physical and computing capa...; Question 123: A company is migrating from company-owned phones to a BYOD s...; Question 124: The Chief Information Security Officer (CISO) has outlined a...; Question 125: A system administrator at a medical imaging company discover...; Question 126: An analyst has prepared several possible solutions to a succ...; Question 127: Given the following log snippet from a web server: (Exhibit)...; Question 128: An employee decides to log into an authorized system. The sy...; Question 129: A security consultant needs to set up wireless security for ...; Question 130: A junior security researcher has identified a buffer overflo...; Question 131: A company is developing a new service product offering that ...; Question 132: A security review of the architecture for an application mig...; Question 133: A penetration tester is conducting an assessment on Comptia....; Question 134: A technician uses an old SSL server due to budget constraint...; Question 135: An administrator at a software development company would lik...; Question 136: A company underwent an audit in which the following issues w...; Question 137: A new web server must comply with new secure-by-design princ...; Question 138: A development team needs terminal access to preproduction se...; Question 139: An organization is implementing a new identity and access ma...; Question 140: An analyst reviews the following output collected during the...; Question 141: A security engineer is reviewing Apache web server logs and ...; Question 142: The Chief information Officer (CIO) wants to establish a non...; Question 143: Which of the following is the best reason for obtaining file...; Question 144: A company's user community is being adversely affected by va...; Question 145: An organization offers SaaS services through a public email ...; Question 146: The principal security analyst for a global manufacturer is ...; Question 147: A software development firm wants to validate the use of sta...; Question 148: A security architect is designing a solution for a new custo...; Question 149: After installing an unapproved application on a personal dev...; Question 150: The Chief Executive Officer (CEO) of a small wholesaler with...; Question 151: A company implements the following access control methodolog...; Question 152: A MSSP has taken on a large client that has government compl...; Question 153: Which of the following should an organization implement to p...; Question 154: An ASIC manufacturer wishing to best reduce downstream suppl...; Question 155: A bank has multiple subsidiaries that have independent infra...; Question 156: A security analyst is investigating unapproved cloud service...; Question 157: An organization's hunt team thinks a persistent threats exis...; Question 158: An engineer wants to assess the OS security configurations o...; Question 159: A security engineer is performing a threat modeling procedur...; Question 160: A cyberanalyst has been tasked with recovering PDF files fro...; Question 161: The management team at a company with a large, aging server ...; Question 162: A city government's IT director was notified by the city cou...; Question 163: An organization recently started processing, transmitting, a...; Question 164: A software development company wants to ensure that users ca...; Question 165: An organization is concerned that its hosted web servers are...; Question 166: A small bank is evaluating different methods to address and ...; Question 167: A security analyst is researching containerization concepts ...; Question 168: The audit team was only provided the physical and logical ad...; Question 169: A company's Chief Information Officer wants to implement IDS...; Question 170: Due to locality and budget constraints, an organization's sa...; Question 171: A security analyst is assessing a new application written in...; Question 172: A security analyst is reviewing the following vulnerability ...; Question 173: Which of the following is required for an organization to me...; Question 174: During a recent breach, an attacker was able to get a user's...; Question 175: A security analyst has been assigned incident response dutie...; Question 176: A security engineer investigates an incident and determines ...; Question 177: A security architect updated the security policy to require ...; Question 178: A company is outsourcing to an MSSP that performs managed de...; Question 179: An internal security audit determines that Telnet is current...; Question 180: Which of the following are the MOST likely vectors for the u...; Question 181: A security officer is requiring all personnel working on a s...; Question 182: A security administrator is setting up a virtualization solu...; Question 183: A company has integrated source code from a subcontractor in...; Question 184: A video-game developer has received reports of players who a...; Question 185: A company has data it would like to aggregate from its PLCs ...; Question 186: An attacker exploited an unpatched vulnerability in a web fr...; Question 187: A company requires a task to be carried by more than one per...; Question 188: A company recently deployed new servers to create an additio...; Question 189: A security analyst is trying to identify the source of a rec...; Question 190: An organization's finance system was recently attacked. A fo...; Question 191: A security engineer is implementing a server-side TLS config...; Question 192: PKI can be used to support security requirements in the chan...; Question 193: Following a complete outage of the electronic medical record...; Question 194: A security engineer wants to introduce key stretching techni...; Question 195: A software developer needs to add an authentication method t...; Question 196: A company makes consumer health devices and needs to maintai...; Question 197: A domestic, publicly traded, online retailer that sells make...; Question 198: A company is experiencing a large number of attempted networ...; Question 199: Which of the following technologies would benefit the most f...; Question 200: During a recent incident, sensitive data was disclosed and s...; Question 201: A security compliance requirement states that specific envir...; Question 202: A software developer must choose encryption algorithms to se...; Question 203: A common industrial protocol has the following characteristi...; Question 204: An engineer is evaluating the control profile to assign to a...; Question 205: Which of the following should be established when configurin...; Question 206: An attacker has been compromising banking institution target...; Question 207: A security manager has written an incident response play boo...; Question 208: A developer implement the following code snippet. catch (Exc...; Question 209: A security auditor needs to review the manner in which an en...; Question 210: A cybersecurity analyst discovered a private key that could ...; Question 211: A security architect was asked to modify an existing interna...; Question 212: A security consultant has been asked to identify a simple, s...; Question 213: A security engineer needs to implement a CASB to secure empl...; Question 214: A systems administrator at a web-hosting provider has been t...; Question 215: A security engineer was auditing an organization's current s...; Question 216: Law enforcement officials informed an organization that an i...; Question 217: Which of the following security features do email signatures...; Question 218: A company created an external application for its customers....; Question 219: A recent security assessment generated a recommendation to t...; Question 220: A security analyst notices a number of SIEM events that show...; Question 221: A digital forensics expert has obtained an ARM binary suspec...; Question 222: A company's human resources department recently had its own ...; Question 223: A security analyst discovers a new device on the company's d...; Question 224: A security architect is working with a new customer to find ...; Question 225: A security engineer performed an assessment on a recently de...; Question 226: All staff at a company have started working remotely due to ...; Question 227: A company is concerned about disgruntled employees transferr...; Question 228: A company's BIA indicates that any loss of more than one hou...; Question 229: A company hosts a large amount of data in blob storage for i...; Question 230: A security manager is determining the best DLP solution for ...; Question 231: A company has moved its sensitive workloads to the cloud and...; Question 232: Based on PCI DSS v3.4, One Particular database field can sto...; Question 233: After a security incident, a network security engineer disco...; Question 234: A company would like to obfuscate PII data accessed by an ap...; Question 235: A security assessor identified an internet-facing web servic...; Question 236: The OS on several servers crashed around the same time for a...; Question 237: Which of the following allows computation and analysis of da...; Question 238: An electric car company hires an IT consulting company to im...; Question 239: A company has instituted a new policy in which all outbound ...; Question 240: Joe an application security engineer is performing an audit ...; Question 241: A security administrator needs to implement an X.509 solutio...; Question 242: A security engineer needs to select the architecture for a c...; Question 243: A remote user reports the inability to authenticate to the V...; Question 244: A security analyst is evaluating all third-party software an...; Question 245: A security administrator needs to implement a security solut...; Question 246: A company has been the target of LDAP injections, as well as...; Question 247: Which of the following terms refers to the delivery of encry...; Question 248: Following a Log4j outbreak, several network appliances were ...; Question 249: A company wants to use a process to embed a sign of ownershi...; Question 250: A company wants to improve Its active protection capabilitie...; Question 251: Legal authorities notify a company that its network has been...; Question 252: A security architect is advising the application team to imp...; Question 253: A forensic expert working on a fraud investigation for a US-...; Question 254: An online video shows a company's Chief Executive Officer (C...; Question 255: An engineering team has deployed a new VPN service that requ...; Question 256: A security architect has designated that a server segment of...; Question 257: A security architect is tasked with scoping a penetration te...; Question 258: An enterprise is configuring an SSL client-based VPN for cer...; Question 259: Users are reporting intermittent access issues with a new cl...; Question 260: Ann, a security manager, is reviewing a threat feed that pro...; Question 261: In comparison to other types of alternative processing sites...; Question 262: A small business would like to provide guests who are using ...; Question 263: A security analyst runs a vulnerability scan on a network ad...; Question 264: An accounting team member received a voicemail message from ...; Question 265: Leveraging cryptographic solutions to protect data that is i...; Question 266: A security analyst is examining a former employee's laptop f...; Question 267: A company wants to quantify and communicate the effectivenes...; Question 268: A security engineer has implemented an internal user access ...; Question 269: A software developer created an application for a large, mul...; Question 270: A networking team asked a security administrator to enable F...; Question 271: A company's SOC has received threat intelligence about an ac...; Question 272: In support of disaster recovery objectives, a third party ag...; Question 273: A customer requires secure communication of subscribed web s...; Question 274: An engineer has had scaling issues with a web application ho...; Question 275: A new requirement for legislators has forced a government se...; Question 276: A company with multiple locations has taken a cloud-only app...; Question 277: A penetration tester is given an assignment lo gain physical...; Question 278: A company uses an enterprise desktop imaging solution to man...; Question 279: An enterprise's Chief Technology Officer (CTO) and Chief Inf...; Question 280: A security analyst has been tasked with providing key inform...; Question 281: An organization is assessing the security posture of a new S...; Question 282: A hospitality company experienced a data breach that include...; Question 283: A security analyst at a global financial firm was reviewing ...; Question 284: A threat hunting team receives a report about possible APT a...; Question 285: The Chief information Security Officer (CISO) of a small loc...; Question 286: A company has retained the services of a consultant to perfo...; Question 287: A security analyst for a bank received an anonymous tip on t...; Question 288: An organization had been leveraging RC4 to protect the confi...; Question 289: A security administrator wants to allow external organizatio...; Question 290: A security analyst discovered that a database administrator'...; Question 291: An organization wants to implement an access control system ...; Question 292: Which of the following is the MOST important security object...; Question 293: A manufacturing company's security engineer is concerned a r...; Question 294: An employee's device was missing for 96 hours before being r...; Question 295: A Chief Information Security Officer (CISO) needs to create ...; Question 296: Users have reported that an internally developed web applica...; Question 297: A security engineer is implementing DLP. Which of the follow...; Question 298: A forensic investigator started the process of gathering evi...; Question 299: A penetration tester obtained root access on a Windows serve...; Question 300: An organization developed a containerized application. The o...; Question 301: Ann, a retiring employee, cleaned out her desk. The next day...; Question 302: A company wants to protect its intellectual property from th...; Question 303: A security architect recommends replacing the company's mono...; Question 304: company management elects to cancel production. Which of the...; Question 305: A company wants to improve the security of its web applicati...; Question 306: A company has identified a number of vulnerable, end-of-supp...; Question 307: A recent data breach revealed that a company has a number of...; Question 308: The Chief information Officer (CIO) asks the system administ...; Question 309: A cybersecurity analyst discovered a private key that could ...; Question 310: Drag and Drop Question An organization is planning for disas...; Question 311: A security analyst detected a malicious PowerShell attack on...; Question 312: Which of the following attacks can be mitigated by proper da...; Question 313: A pharmaceutical company uses a cloud provider to host thous...; Question 314: A network administrator for a completely air-gapped and clos...; Question 315: A company recently implemented a CI/CD pipeline and is now c...; Question 316: An organization must implement controls that are aligned wit...; Question 317: The Chief Executive Officer )CEO) of a small company decides...; Question 318: A product manager is concerned about the unintentional shari...; Question 319: A risk assessment determined that company data was leaked to...; Question 320: A security solution uses a sandbox environment to execute ze...; Question 321: A law firm experienced a breach in which access was gained t...; Question 322: A company is looking for a solution to hide data stored in d...; Question 323: A company is moving all of its web applications to an SSO co...; Question 324: An administrator completed remediation for all the findings ...; Question 325: A security engineer needs to implement a cost-effective auth...; Question 326: A security analyst has concerns about malware on an endpoint...; Question 327: A software development company is implementing a SaaS-based ...; Question 328: An organization is running its e-commerce site in the cloud....; Question 329: A company undergoing digital transformation is reviewing the...; Question 330: A systems administrator was given the following IOC to detec...; Question 331: Which of the following is the BEST disaster recovery solutio...; Question 332: A security engineer has learned that terminated employees' a...; Question 333: A security analyst has been provided the following partial S...; Question 334: A web application server is running a legacy operating syste...; Question 335: An organization that provides a SaaS solution recently exper...; Question 336: Which of the following is a security concern for DNP3?...; Question 337: A host on a company's network has been infected by a worm th...; Question 338: A developer wants to develop a secure external-facing web ap...; Question 339: A company wants to securely manage the APIs that were develo...; Question 340: Which of the following may indicate a configuration item has...; Question 341: When implementing a penetration testing program, the Chief I...; Question 342: A cybersecurity analyst receives a ticket that indicates a p...; Question 343: A security analyst is evaluating the security of an online c...; Question 344: A security administrator adding a NAC requirement for all VP...; Question 345: A startup software company recently updated its development ...; Question 346: In order to authenticate employees who, call in remotely, a ...; Question 347: A security analyst is monitoring an organization's IDS and D...; Question 348: SIMULATION You are a security analyst tasked with interpreti...; Question 349: Immediately following the report of a potential breach, a se...; Question 350: A company has hired a security architect to address several ...; Question 351: A company is deploying multiple VPNs to support supplier con...; Question 352: A company recently experienced a security incident in which ...; Question 353: During a network defense engagement, a red team is able to e...; Question 354: A company has a website with a huge database. The company wa...; Question 355: A company recently migrated all its workloads to the cloud a...; Question 356: An e-commerce company that provides payment gateways is conc...; Question 357: A web service provider has just taken on a very large contra...; Question 358: A security researcher detonated some malware in a lab enviro...; Question 359: The Chief information Officer (CIO) wants to implement enter...; Question 360: During an incident, an employee's web traffic was redirected...; Question 361: A penetration tester is testing a company's login form for a...; Question 362: Company A is merging with Company B. Company A is a small, l...; Question 363: An HVAC contractor requested network connectivity permission...; Question 364: A security analyst needs to recommend a remediation to the f...; Question 365: The following messages are displayed when a VPN client is at...; Question 366: Over the last 90 days, many storage services has been expose...; Question 367: An auditor Is reviewing the logs from a web application to d...; Question 368: Which of the following is MOST commonly found in a network S...; Question 369: Which of the following BEST sets expectation between the sec...; Question 370: A company is deploying a DIP solution and scanning workstati...; Question 371: A security technician is trying to connect a remote site to ...; Question 372: A software developer was just informed by the security team ...; Question 373: A security analyst is reviewing the following output from a ...; Question 374: A security architect is analyzing an old application that is...; Question 375: A company processes sensitive cardholder information that is...; Question 376: An organization is prioritizing efforts to remediate or miti...; Question 377: A security engineer has recently become aware of a Java appl...; Question 378: The Chief Executive Officer (CEO) of a fast-growing company ...

Question 311/378

LEAVE A REPLY

Download PDF File