exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam

Exam CAS-004 topic 1 question 397 discussion

Actual exam question from CompTIA's CAS-004
Question #: 397
Topic #: 1
[All CAS-004 Questions]

A company’s Chief Information Security Officer wants to prevent the company from being the target of ransomware. The company’s IT assets need to be protected. Which of the following are the MOST secure options to address these concerns? (Choose three.)

  • A. Antivirus
  • B. EDR
  • C. Sandboxing
  • D. Application control
  • E. Host-based firewall
  • F. IDS
  • G. NGFW
  • H. Strong authentication
Show Suggested Answer Hide Answer
Suggested Answer: BCD 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Steel16
1 week, 3 days ago
Selected Answer: ABE
o A. Antivirus: This is a foundational security measure that detects and removes malicious software, including ransomware, which is often the initial vector for attacks. o B. EDR (Endpoint Detection and Response): Beyond simply detecting threats, EDR actively monitors endpoints for suspicious activity and can quickly respond to potential infections, limiting the spread of ransomware. o E. Host-based firewall: This firewall sits on individual devices and controls incoming and outgoing network traffic, preventing malicious connections that could deliver ransomware.
upvoted 1 times
Steel16
1 week, 1 day ago
o Sandboxing: While useful for testing potentially unsafe applications, it's not a primary defense against ransomware attacks. o Application control: This restricts which applications users can run, but it may not be enough to stop ransomware from exploiting vulnerabilities in allowed applications. o IDS (Intrusion Detection System): IDS primarily detects network intrusions, not necessarily malware on individual systems, making it less effective against ransomware. o NGFW (Next Generation Firewall): While important for network security, NGFWs primarily focus on network-level threats and might not offer the same level of protection against endpoint-based ransomware attacks. o Strong authentication: While important for overall security, strong authentication does not directly prevent ransomware infections but can help limit the damage by preventing unauthorized access to systems and data
upvoted 1 times
...
...
Bright07
5 months, 4 weeks ago
Correct Ans is B, C, D.
upvoted 1 times
...
23169fd
8 months ago
Selected Answer: BDH
B. EDR (Endpoint Detection and Response): EDR solutions provide real-time monitoring and analysis of endpoint activities. They can detect, investigate, and respond to suspicious activities, including ransomware, before it can cause significant damage. D. Application control: Application control ensures that only whitelisted applications can run on the network. This prevents unauthorized or malicious software, including ransomware, from executing, thereby reducing the risk of infection. H. Strong authentication: Strong authentication, such as multi-factor authentication (MFA), prevents unauthorized access to systems and data. This reduces the likelihood of ransomware spreading through compromised credentials.
upvoted 1 times
...
23169fd
8 months ago
Selected Answer: BCD
B. EDR (Endpoint Detection and Response): EDR solutions provide comprehensive visibility and response capabilities for endpoints. They can detect and respond to ransomware attacks in real-time, preventing the spread and mitigating damage. C. Sandboxing: Sandboxing can analyze suspicious files and executables in a controlled environment. This helps in detecting and blocking ransomware before it can execute on the network. D. Application control: Application control can prevent unauthorized applications, including ransomware, from executing. By allowing only whitelisted applications to run, it significantly reduces the risk of ransomware infections.
upvoted 2 times
...
armid
8 months, 1 week ago
Selected Answer: BCD
EDR - you have to have something on the endpoint. EDR > AV Sandboxing - to check executables for zero days, this would be implemented on your NGFW or UTM Application control - this one is actually most secure but most pain to manage. Allow only apps that are approved the other options Antivirus < EDR Host based firewall will prevent less than the options above IDS - HIDS would help but less than the options above NGFW - unless paired with sandboxing might not be able to detect zero days Authentication can be bypassed by priv escalations or exploits
upvoted 2 times
...
shinda
9 months ago
Selected Answer: BDH
D. Application control: This restricts what applications are allowed to run on the system, making it harder for unauthorized or malicious software, including ransomware, to execute. H. Strong authentication: This adds an extra layer of security beyond just a password, making it more difficult for attackers to gain access to systems even if they breach initial defenses. B. EDR (Endpoint Detection and Response): This goes beyond traditional antivirus by continuously monitoring endpoints for suspicious activity, allowing for faster detection and response to potential ransomware attacks.
upvoted 2 times
...
041ba31
9 months, 3 weeks ago
Selected Answer: BCD
The most secure options to address concerns about ransomware are: B. EDR (Endpoint Detection and Response): EDR provides advanced threat detection and response capabilities, helping to identify and mitigate ransomware attacks in real-time. C. Sandboxing: Sandboxing isolates potentially malicious files and applications in a controlled environment, preventing them from affecting the rest of the system if they are ransomware. D. Application control: Application control prevents unauthorized applications from running, reducing the risk of ransomware being executed on the company's IT assets.
upvoted 3 times
...
pego99
10 months ago
Selected Answer: BDG
The most secure options to address these concerns are: B. EDR (Endpoint Detection and Response): EDR solutions provide continuous monitoring and real-time response capabilities to detect and mitigate ransomware and other threats at the endpoint level. D. Application control: Application control helps prevent unauthorized applications, including ransomware, from executing on endpoints by allowing only approved applications to run. G. NGFW (Next-Generation Firewall): NGFWs offer advanced threat detection and prevention capabilities, including the ability to identify and block ransomware traffic based on behavior and signatures.
upvoted 2 times
...
chinomjff
10 months, 2 weeks ago
correction B,D,G
upvoted 2 times
...
chinomjff
10 months, 2 weeks ago
correct answer is B,D,C
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago