All CAS-004 Test Inside CompTIA Questions

An after-action report is a document that summarizes the performance of a team during a cybersecurity incident. It is used to review all aspects of the incident response plan, including what was done correctly, what needs improvement, and how the team responded to the incident.The CISO's review of data from a cyber exercise would typically result in an after-action report, which helps in improving future responses to incidents.

HTTP Strict Transport Security (HSTS) is a web security policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should only interact with it using secure HTTPS connections, and never via the insecure HTTP protocol. Enabling HSTS would prevent attackers from redirecting users from a secure site to an unsecure or malicious one.

Static Application Security Testing (SAST) is the best method for validating code as it is written. SAST analyzes the source code or binaries of an application for vulnerabilities before the code is executed, allowing developers to identify and fix security flaws early in the development process. This method integrates into the development environment and provides real-time feedback, which is critical for ensuring secure coding practices from the start. CASP+ highlights the importance of SAST in secure software development lifecycles (SDLCs) as a proactive measure to prevent security issues before the code is deployed.

Segmentation isolates the vulnerable server into a separate network segment, reducing its exposure to potential attackers. By implementing firewalls or virtual LANs (VLANs), segmentation minimizes the risk of lateral movement and external exploitation, aligning with CASP+ objective 1.3, which emphasizes implementing appropriate compensating controls to address vulnerabilities.

________________________________________