An analyst received a list of IOCs from a government agency. The attack has the following characteristics:
1. The attack starts with bulk phishing.
2. If a user clicks on the link, a dropper is downloaded to the computer.
3. Each of the malware samples has unique hashes tied to the user.
The analyst needs to identify whether existing endpoint controls are effective. Which of the following risk mitigation techniques should the analyst use?
A. Blocklist the executable.
B. Update the incident response plan.
C. Deploy a honeypot onto the laptops.
D. Detonate in a sandbox.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
A security engineer needs to recommend a solution that will meet the following requirements:
Identify sensitive data in the provider's network
Maintain compliance with company and regulatory guidelines
Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements?
A. WAF
B. DLP
C. CASB
D. SWG
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
A network administrator who manages a Linux web server notices the following traffic:
http://corr.ptia.org/.../.../.../... /etc./shadow
Which of the following Is the BEST action for the network administrator to take to defend against this type of web attack?
A. Validate the server certificate and trust chain.
B. Validate the server input and append the input to the base directory path.
C. Validate that the server is not deployed with default account credentials.
D. Validate that multifactor authentication is enabled on the server for all user accounts.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
A developer needs to implement PKI in an autonomous vehicle's software in the most efficient and labor-effective way possible. Which of the following will the developer MOST likely implement?
A. Root CA
B. OCSP
C. Certificate chain
D. Certificate pinning
E. CRL
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Signed applications reduce risks by:
A. requiring the developer to use code-level hardening techniques.
B. encrypting the application's data on the device.
C. costing the developer money to publish, which reduces the likelihood of malicious intent.
D. providing assurance that the application is using unmodified source code.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user's workstation:
graphic.linux_randomization.prg
Which of the following technologies would mitigate the manipulation of memory segments?
A. HSM
B. DEP
C. ASLR
D. NX bit
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
Shibuya -
Pass4TestのCAS-004は素晴らしいです。勉強時間が少なくて、CAS-004の問題集は助けになりました。大変ありがとうございました。