Valid CAS-004 Dumps shared by ExamDiscuss.com for Helping Passing CAS-004 Exam! ExamDiscuss.com now offer the newest CAS-004 exam dumps, the ExamDiscuss.com CAS-004 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-004 dumps with Test Engine here:

Access CAS-004 Dumps Premium Version
(620 Q&As Dumps, 35%OFF Special Discount Code: freecram)

<< Prev Question Next Question >>

Question 98/378

A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge or other fault situation. The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application. The security administrator isolated the switch on a separate VLAN and set up a patching routine. Which of the following steps should also be taken to harden the smart switch?

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (378q)
Question 1: A major broadcasting company that requires continuous availa...
Question 2: A security analyst received a report that a suspicious flash...
Question 3: A partner organization is requesting that a security adminis...
Question 4: A company is migrating its data center to the cloud. Some ho...
Question 5: Which of the following communication protocols is used to cr...
Question 6: An organization's threat team is creating a model based on a...
Question 7: A security engineer is working to secure an organization's V...
Question 8: A company wants to implement a cloud-based security solution...
Question 9: A security architect for a large, multinational manufacturer...
Question 10: The Chief Information Security Officer (CISO) is working wit...
Question 11: A control systems analyst is reviewing the defensive posture...
Question 12: A small company recently developed prototype technology for ...
Question 13: A server in a manufacturing environment is running an end-of...
Question 14: A software developer has been tasked with creating a unique ...
Question 15: Which of the following risks does expanding business into a ...
Question 16: Some end users of an e-commerce website are reporting a dela...
Question 17: A user forwarded a suspicious email to a security analyst fo...
Question 18: A security analyst discovered that the company's WAF was not...
Question 19: During a software assurance assessment, an engineer notices ...
Question 20: A security engineer is troubleshooting an issue in which an ...
Question 21: A cloud security engineer is setting up a cloud-hosted WAF. ...
Question 22: Which of the following industrial protocols is most likely t...
Question 23: Which of the following is record-level encryption commonly u...
Question 24: A global financial firm wants to onboard a new vendor that s...
Question 25: A cybersecurity engineer analyst a system for vulnerabilitie...
Question 26: A financial institution has several that currently employ th...
Question 27: A security manager wants to transition the organization to a...
Question 28: The Chief information Officer (CIO) of a large bank, which u...
Question 29: Ransomware encrypted the entire human resources fileshare fo...
Question 30: A forensics investigator is analyzing an executable file ext...
Question 31: When implementing serverless computing, an organization must...
Question 32: An investigator is attempting to determine if recent data br...
Question 33: The information security manager of an e-commerce company re...
Question 34: A company is looking at sending historical backups containin...
Question 35: A security engineer estimates the company's popular web appl...
Question 36: During a review of events, a security analyst notes that sev...
Question 37: A security analyst and a DevOps engineer are working togethe...
Question 38: An application engineer is using the Swagger framework to le...
Question 39: Ann, a CIRT member, is conducting incident response activiti...
Question 40: A security engineer is trying to identify instances of a vul...
Question 41: A security analyst has noticed a steady increase in the numb...
Question 42: A user from the sales department opened a suspicious file at...
Question 43: A development team created a mobile application that contact...
Question 44: A company purchased Burp Suite licenses this year for each a...
Question 45: A security architect works for a manufacturing organization ...
Question 46: A PaaS provider deployed a new product using a DevOps method...
Question 47: A security architect discovers the following page while test...
Question 48: A security analyst is concerned that a malicious piece of co...
Question 49: Application owners are reporting performance issues with tra...
Question 50: A corporation discovered its internet connection is saturate...
Question 51: During a recent security incident investigation, a security ...
Question 52: A Chief Information Security Officer (CISO) is running a tes...
Question 53: The CI/CD pipeline requires code to have close to zero defec...
Question 54: A local government that is investigating a data exfiltration...
Question 55: A security architect is implementing a SOAR solution in an o...
Question 56: A security analyst is using data provided from a recent pene...
Question 57: A company's software developers have indicated that the secu...
Question 58: An IoT device implements an encryption module built within i...
Question 59: A DNS forward lookup zone named comptia.org must: - Ensure t...
Question 60: A vulnerability analyst identified a zero-day vulnerability ...
Question 61: An organization wants to perform a scan of all its systems a...
Question 62: A SIEM generated an alert after a third-party database admin...
Question 63: A company is implementing a new secure identity application,...
Question 64: As part of the asset management life cycle, a company engage...
Question 65: A security administrator has been provided with three separa...
Question 66: A company based in the United States holds insurance details...
Question 67: A financial services company has proprietary trading algorit...
Question 68: An organization collects personal data from its global custo...
Question 69: A security engineer is concerned about the threat of side-ch...
Question 70: A security analyst has been tasked with assessing a new API....
Question 71: A small business requires a low-cost approach to theft detec...
Question 72: In a shared responsibility model for PaaS, which of the foll...
Question 73: A new corporate policy requires that all employees have acce...
Question 74: Company A is establishing a contractual with Company B. The ...
Question 75: A business wants to migrate its workloads from an exclusivel...
Question 76: A company has a BYOD policy and has configured remote-wiping...
Question 77: An executive has decided to move a company's customer-facing...
Question 78: SIMULATION During the course of normal SOC operations, three...
Question 79: A company wants to prevent a partner company from denying ag...
Question 80: Which of the following represents the MOST significant benef...
Question 81: A security administrator needs to recommend an encryption pr...
Question 82: A recent batch of bug bounty findings indicates a systematic...
Question 83: An organization's existing infrastructure includes site-to-s...
Question 84: A security architect needs to implement a CASB solution for ...
Question 85: An analyst is evaluating the security of a web application t...
Question 86: A company publishes several APIs for customers and is requir...
Question 87: A large telecommunications equipment manufacturer needs to e...
Question 88: A DevOps team has deployed databases, event-driven services,...
Question 89: A security engineer needs to ensure production containers ar...
Question 90: A security analyst is investigating a possible buffer overfl...
Question 91: A security administrator is opening connectivity on a firewa...
Question 92: The general counsel at an organization has received written ...
Question 93: A technology company developed an in-house chat application ...
Question 94: A Chief information Security Officer (CISO) is developing co...
Question 95: An enterprise is deploying APIs that utilize a private key a...
Question 96: A Chief Information Officer is considering migrating all com...
Question 97: A regulated company is in the process of refreshing its enti...
Question 98: A smart switch has the ability to monitor electrical levels ...
Question 99: A social media company wants to change encryption ciphers af...
Question 100: A development team releases updates to an application regula...
Question 101: A company wants to implement a new website that will be acce...
Question 102: A security administrator at a global organization wants to u...
Question 103: An IT department is currently working to implement an enterp...
Question 104: A Chief Information Officer (CIO) wants to implement a cloud...
Question 105: A software house is developing a new application. The applic...
Question 106: A network security engineer is designing a three-tier web ar...
Question 107: After an employee was terminated, the company discovered the...
Question 108: A software development company makes Its software version av...
Question 109: A company is rewriting a vulnerable application and adding t...
Question 110: A mobile device hardware manufacturer receives the following...
Question 111: A company would like to move its payment card data to a clou...
Question 112: Company A acquired Company B. During an audit, a security en...
Question 113: A security engineer is reviewing metrics for a series of bug...
Question 114: To bring digital evidence in a court of law, the evidence mu...
Question 115: A software assurance analyst reviews an SSH daemon's source ...
Question 116: A Chief Information Security Officer (CISO) reviewed data fr...
Question 117: A small company recently developed prototype technology for ...
Question 118: A firewall administrator needs to ensure all traffic across ...
Question 119: A client is adding scope to a project. Which of the followin...
Question 120: A new, online file hosting service is being offered. The ser...
Question 121: A security architect is reviewing the following organization...
Question 122: A health company has reached the physical and computing capa...
Question 123: A company is migrating from company-owned phones to a BYOD s...
Question 124: The Chief Information Security Officer (CISO) has outlined a...
Question 125: A system administrator at a medical imaging company discover...
Question 126: An analyst has prepared several possible solutions to a succ...
Question 127: Given the following log snippet from a web server: (Exhibit)...
Question 128: An employee decides to log into an authorized system. The sy...
Question 129: A security consultant needs to set up wireless security for ...
Question 130: A junior security researcher has identified a buffer overflo...
Question 131: A company is developing a new service product offering that ...
Question 132: A security review of the architecture for an application mig...
Question 133: A penetration tester is conducting an assessment on Comptia....
Question 134: A technician uses an old SSL server due to budget constraint...
Question 135: An administrator at a software development company would lik...
Question 136: A company underwent an audit in which the following issues w...
Question 137: A new web server must comply with new secure-by-design princ...
Question 138: A development team needs terminal access to preproduction se...
Question 139: An organization is implementing a new identity and access ma...
Question 140: An analyst reviews the following output collected during the...
Question 141: A security engineer is reviewing Apache web server logs and ...
Question 142: The Chief information Officer (CIO) wants to establish a non...
Question 143: Which of the following is the best reason for obtaining file...
Question 144: A company's user community is being adversely affected by va...
Question 145: An organization offers SaaS services through a public email ...
Question 146: The principal security analyst for a global manufacturer is ...
Question 147: A software development firm wants to validate the use of sta...
Question 148: A security architect is designing a solution for a new custo...
Question 149: After installing an unapproved application on a personal dev...
Question 150: The Chief Executive Officer (CEO) of a small wholesaler with...
Question 151: A company implements the following access control methodolog...
Question 152: A MSSP has taken on a large client that has government compl...
Question 153: Which of the following should an organization implement to p...
Question 154: An ASIC manufacturer wishing to best reduce downstream suppl...
Question 155: A bank has multiple subsidiaries that have independent infra...
Question 156: A security analyst is investigating unapproved cloud service...
Question 157: An organization's hunt team thinks a persistent threats exis...
Question 158: An engineer wants to assess the OS security configurations o...
Question 159: A security engineer is performing a threat modeling procedur...
Question 160: A cyberanalyst has been tasked with recovering PDF files fro...
Question 161: The management team at a company with a large, aging server ...
Question 162: A city government's IT director was notified by the city cou...
Question 163: An organization recently started processing, transmitting, a...
Question 164: A software development company wants to ensure that users ca...
Question 165: An organization is concerned that its hosted web servers are...
Question 166: A small bank is evaluating different methods to address and ...
Question 167: A security analyst is researching containerization concepts ...
Question 168: The audit team was only provided the physical and logical ad...
Question 169: A company's Chief Information Officer wants to implement IDS...
Question 170: Due to locality and budget constraints, an organization's sa...
Question 171: A security analyst is assessing a new application written in...
Question 172: A security analyst is reviewing the following vulnerability ...
Question 173: Which of the following is required for an organization to me...
Question 174: During a recent breach, an attacker was able to get a user's...
Question 175: A security analyst has been assigned incident response dutie...
Question 176: A security engineer investigates an incident and determines ...
Question 177: A security architect updated the security policy to require ...
Question 178: A company is outsourcing to an MSSP that performs managed de...
Question 179: An internal security audit determines that Telnet is current...
Question 180: Which of the following are the MOST likely vectors for the u...
Question 181: A security officer is requiring all personnel working on a s...
Question 182: A security administrator is setting up a virtualization solu...
Question 183: A company has integrated source code from a subcontractor in...
Question 184: A video-game developer has received reports of players who a...
Question 185: A company has data it would like to aggregate from its PLCs ...
Question 186: An attacker exploited an unpatched vulnerability in a web fr...
Question 187: A company requires a task to be carried by more than one per...
Question 188: A company recently deployed new servers to create an additio...
Question 189: A security analyst is trying to identify the source of a rec...
Question 190: An organization's finance system was recently attacked. A fo...
Question 191: A security engineer is implementing a server-side TLS config...
Question 192: PKI can be used to support security requirements in the chan...
Question 193: Following a complete outage of the electronic medical record...
Question 194: A security engineer wants to introduce key stretching techni...
Question 195: A software developer needs to add an authentication method t...
Question 196: A company makes consumer health devices and needs to maintai...
Question 197: A domestic, publicly traded, online retailer that sells make...
Question 198: A company is experiencing a large number of attempted networ...
Question 199: Which of the following technologies would benefit the most f...
Question 200: During a recent incident, sensitive data was disclosed and s...
Question 201: A security compliance requirement states that specific envir...
Question 202: A software developer must choose encryption algorithms to se...
Question 203: A common industrial protocol has the following characteristi...
Question 204: An engineer is evaluating the control profile to assign to a...
Question 205: Which of the following should be established when configurin...
Question 206: An attacker has been compromising banking institution target...
Question 207: A security manager has written an incident response play boo...
Question 208: A developer implement the following code snippet. catch (Exc...
Question 209: A security auditor needs to review the manner in which an en...
Question 210: A cybersecurity analyst discovered a private key that could ...
Question 211: A security architect was asked to modify an existing interna...
Question 212: A security consultant has been asked to identify a simple, s...
Question 213: A security engineer needs to implement a CASB to secure empl...
Question 214: A systems administrator at a web-hosting provider has been t...
Question 215: A security engineer was auditing an organization's current s...
Question 216: Law enforcement officials informed an organization that an i...
Question 217: Which of the following security features do email signatures...
Question 218: A company created an external application for its customers....
Question 219: A recent security assessment generated a recommendation to t...
Question 220: A security analyst notices a number of SIEM events that show...
Question 221: A digital forensics expert has obtained an ARM binary suspec...
Question 222: A company's human resources department recently had its own ...
Question 223: A security analyst discovers a new device on the company's d...
Question 224: A security architect is working with a new customer to find ...
Question 225: A security engineer performed an assessment on a recently de...
Question 226: All staff at a company have started working remotely due to ...
Question 227: A company is concerned about disgruntled employees transferr...
Question 228: A company's BIA indicates that any loss of more than one hou...
Question 229: A company hosts a large amount of data in blob storage for i...
Question 230: A security manager is determining the best DLP solution for ...
Question 231: A company has moved its sensitive workloads to the cloud and...
Question 232: Based on PCI DSS v3.4, One Particular database field can sto...
Question 233: After a security incident, a network security engineer disco...
Question 234: A company would like to obfuscate PII data accessed by an ap...
Question 235: A security assessor identified an internet-facing web servic...
Question 236: The OS on several servers crashed around the same time for a...
Question 237: Which of the following allows computation and analysis of da...
Question 238: An electric car company hires an IT consulting company to im...
Question 239: A company has instituted a new policy in which all outbound ...
Question 240: Joe an application security engineer is performing an audit ...
Question 241: A security administrator needs to implement an X.509 solutio...
Question 242: A security engineer needs to select the architecture for a c...
Question 243: A remote user reports the inability to authenticate to the V...
Question 244: A security analyst is evaluating all third-party software an...
Question 245: A security administrator needs to implement a security solut...
Question 246: A company has been the target of LDAP injections, as well as...
Question 247: Which of the following terms refers to the delivery of encry...
Question 248: Following a Log4j outbreak, several network appliances were ...
Question 249: A company wants to use a process to embed a sign of ownershi...
Question 250: A company wants to improve Its active protection capabilitie...
Question 251: Legal authorities notify a company that its network has been...
Question 252: A security architect is advising the application team to imp...
Question 253: A forensic expert working on a fraud investigation for a US-...
Question 254: An online video shows a company's Chief Executive Officer (C...
Question 255: An engineering team has deployed a new VPN service that requ...
Question 256: A security architect has designated that a server segment of...
Question 257: A security architect is tasked with scoping a penetration te...
Question 258: An enterprise is configuring an SSL client-based VPN for cer...
Question 259: Users are reporting intermittent access issues with a new cl...
Question 260: Ann, a security manager, is reviewing a threat feed that pro...
Question 261: In comparison to other types of alternative processing sites...
Question 262: A small business would like to provide guests who are using ...
Question 263: A security analyst runs a vulnerability scan on a network ad...
Question 264: An accounting team member received a voicemail message from ...
Question 265: Leveraging cryptographic solutions to protect data that is i...
Question 266: A security analyst is examining a former employee's laptop f...
Question 267: A company wants to quantify and communicate the effectivenes...
Question 268: A security engineer has implemented an internal user access ...
Question 269: A software developer created an application for a large, mul...
Question 270: A networking team asked a security administrator to enable F...
Question 271: A company's SOC has received threat intelligence about an ac...
Question 272: In support of disaster recovery objectives, a third party ag...
Question 273: A customer requires secure communication of subscribed web s...
Question 274: An engineer has had scaling issues with a web application ho...
Question 275: A new requirement for legislators has forced a government se...
Question 276: A company with multiple locations has taken a cloud-only app...
Question 277: A penetration tester is given an assignment lo gain physical...
Question 278: A company uses an enterprise desktop imaging solution to man...
Question 279: An enterprise's Chief Technology Officer (CTO) and Chief Inf...
Question 280: A security analyst has been tasked with providing key inform...
Question 281: An organization is assessing the security posture of a new S...
Question 282: A hospitality company experienced a data breach that include...
Question 283: A security analyst at a global financial firm was reviewing ...
Question 284: A threat hunting team receives a report about possible APT a...
Question 285: The Chief information Security Officer (CISO) of a small loc...
Question 286: A company has retained the services of a consultant to perfo...
Question 287: A security analyst for a bank received an anonymous tip on t...
Question 288: An organization had been leveraging RC4 to protect the confi...
Question 289: A security administrator wants to allow external organizatio...
Question 290: A security analyst discovered that a database administrator'...
Question 291: An organization wants to implement an access control system ...
Question 292: Which of the following is the MOST important security object...
Question 293: A manufacturing company's security engineer is concerned a r...
Question 294: An employee's device was missing for 96 hours before being r...
Question 295: A Chief Information Security Officer (CISO) needs to create ...
Question 296: Users have reported that an internally developed web applica...
Question 297: A security engineer is implementing DLP. Which of the follow...
Question 298: A forensic investigator started the process of gathering evi...
Question 299: A penetration tester obtained root access on a Windows serve...
Question 300: An organization developed a containerized application. The o...
Question 301: Ann, a retiring employee, cleaned out her desk. The next day...
Question 302: A company wants to protect its intellectual property from th...
Question 303: A security architect recommends replacing the company's mono...
Question 304: company management elects to cancel production. Which of the...
Question 305: A company wants to improve the security of its web applicati...
Question 306: A company has identified a number of vulnerable, end-of-supp...
Question 307: A recent data breach revealed that a company has a number of...
Question 308: The Chief information Officer (CIO) asks the system administ...
Question 309: A cybersecurity analyst discovered a private key that could ...
Question 310: Drag and Drop Question An organization is planning for disas...
Question 311: A security analyst detected a malicious PowerShell attack on...
Question 312: Which of the following attacks can be mitigated by proper da...
Question 313: A pharmaceutical company uses a cloud provider to host thous...
Question 314: A network administrator for a completely air-gapped and clos...
Question 315: A company recently implemented a CI/CD pipeline and is now c...
Question 316: An organization must implement controls that are aligned wit...
Question 317: The Chief Executive Officer )CEO) of a small company decides...
Question 318: A product manager is concerned about the unintentional shari...
Question 319: A risk assessment determined that company data was leaked to...
Question 320: A security solution uses a sandbox environment to execute ze...
Question 321: A law firm experienced a breach in which access was gained t...
Question 322: A company is looking for a solution to hide data stored in d...
Question 323: A company is moving all of its web applications to an SSO co...
Question 324: An administrator completed remediation for all the findings ...
Question 325: A security engineer needs to implement a cost-effective auth...
Question 326: A security analyst has concerns about malware on an endpoint...
Question 327: A software development company is implementing a SaaS-based ...
Question 328: An organization is running its e-commerce site in the cloud....
Question 329: A company undergoing digital transformation is reviewing the...
Question 330: A systems administrator was given the following IOC to detec...
Question 331: Which of the following is the BEST disaster recovery solutio...
Question 332: A security engineer has learned that terminated employees' a...
Question 333: A security analyst has been provided the following partial S...
Question 334: A web application server is running a legacy operating syste...
Question 335: An organization that provides a SaaS solution recently exper...
Question 336: Which of the following is a security concern for DNP3?...
Question 337: A host on a company's network has been infected by a worm th...
Question 338: A developer wants to develop a secure external-facing web ap...
Question 339: A company wants to securely manage the APIs that were develo...
Question 340: Which of the following may indicate a configuration item has...
Question 341: When implementing a penetration testing program, the Chief I...
Question 342: A cybersecurity analyst receives a ticket that indicates a p...
Question 343: A security analyst is evaluating the security of an online c...
Question 344: A security administrator adding a NAC requirement for all VP...
Question 345: A startup software company recently updated its development ...
Question 346: In order to authenticate employees who, call in remotely, a ...
Question 347: A security analyst is monitoring an organization's IDS and D...
Question 348: SIMULATION You are a security analyst tasked with interpreti...
Question 349: Immediately following the report of a potential breach, a se...
Question 350: A company has hired a security architect to address several ...
Question 351: A company is deploying multiple VPNs to support supplier con...
Question 352: A company recently experienced a security incident in which ...
Question 353: During a network defense engagement, a red team is able to e...
Question 354: A company has a website with a huge database. The company wa...
Question 355: A company recently migrated all its workloads to the cloud a...
Question 356: An e-commerce company that provides payment gateways is conc...
Question 357: A web service provider has just taken on a very large contra...
Question 358: A security researcher detonated some malware in a lab enviro...
Question 359: The Chief information Officer (CIO) wants to implement enter...
Question 360: During an incident, an employee's web traffic was redirected...
Question 361: A penetration tester is testing a company's login form for a...
Question 362: Company A is merging with Company B. Company A is a small, l...
Question 363: An HVAC contractor requested network connectivity permission...
Question 364: A security analyst needs to recommend a remediation to the f...
Question 365: The following messages are displayed when a VPN client is at...
Question 366: Over the last 90 days, many storage services has been expose...
Question 367: An auditor Is reviewing the logs from a web application to d...
Question 368: Which of the following is MOST commonly found in a network S...
Question 369: Which of the following BEST sets expectation between the sec...
Question 370: A company is deploying a DIP solution and scanning workstati...
Question 371: A security technician is trying to connect a remote site to ...
Question 372: A software developer was just informed by the security team ...
Question 373: A security analyst is reviewing the following output from a ...
Question 374: A security architect is analyzing an old application that is...
Question 375: A company processes sensitive cardholder information that is...
Question 376: An organization is prioritizing efforts to remediate or miti...
Question 377: A security engineer has recently become aware of a Java appl...
Question 378: The Chief Executive Officer (CEO) of a fast-growing company ...