CAS004: Set 2

An organization is running its e-commerce site in the cloud. The capacity is sufficient to meet the organization's needs throughout most of the year, except during the holidays when the organization plans to introduce a new line of products and expects an increase in traffic. The organization is not sure how well its products will be received. To address this issue, the organization needs to ensure that: * System capacity is optimized. * Cost is reduced. Which of the following should be implemented to address these requirements? (Select TWO).

The Chief Security Officer (CSO) requested the security team implement technical controls that meet the following requirements: * Monitors traffic to and from both local NAS and cloud-based file repositories * Prevents on-site staff who are accessing sensitive customer Pll documents on file repositories from accidentally or deliberately sharing sensitive documents on personal Saa$S solutions * Uses document attributes to reduce false positives * Is agentless and not installed on staff desktops or laptops Which of the following when installed and configured would BEST meet the CSO's requirements? (Select TWO).

A company is deploying multiple VPNs to support supplier connections into its extranet applications. The network security standard requires: * All remote devices to have up-to-date antivirus * An up-to-date and patched OS Which of the following technologies should the company deploy to meet its security objectives? (Select TWO)

A security researcher detonated some malware in a lab environment and identified the following commands running from the EDR tool: With which of the following MITRE ATT&CK TTPs is the command associated? (Select TWO).

A software development company is building a new mobile application for its social media platform. The company wants to gain its users' trust by reducing the risk of on-path attacks between the mobile client and its servers and by implementing stronger digital trust. To support users' trust, the company has released the following internal guidelines: * Mobile clients should verify the identity of all social media servers locally. * Social media servers should improve TLS performance of their certificate status * Social media servers should inform the client to only use HTTPS. Given the above requirements, which of the following should the company implement? (Select TWO).

A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process's memory location. Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?

Which of the following indicates when a company might not be viable after a disaster?