1. Home
  2. CompTIA
  3. CAS-004

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :743 Q&As
  • Last Updated
    :Apr 07, 2025

CompTIA CompTIA Certifications CAS-004 Questions & Answers

  • Question 141:

    When implementing serverless computing, an organization must still account for:

    A. the underlying computing network infrastructure.

    B. hardware compatibility.

    C. the security of its data.

    D. patching the service.

  • Question 142:

    A company's Chief Information Security Officer wants to prevent the company from being the target of ransomware. The company's IT assets need to be protected. Which of the following are the MOST secure options to address these concerns? (Choose three.)

    A. Antivirus

    B. EDR

    C. Sandboxing

    D. Application control

    E. Host-based firewall

    F. IDS

    G. NGFW

    H. Strong authentication

  • Question 143:

    An online video shows a company's Chief Executive Officer (CEO) making a company announcement. The CEO, however, did not make the announcement. Which of the following BEST describes this attack?

    A. Identity theft

    B. Deepfake

    C. Website defacement

    D. Social engineering

  • Question 144:

    A security engineer needs to implement a cost-effective authentication scheme for a new web-based application that requires:

    1.

    Rapid authentication

    2.

    Flexible authorization

    3.

    Ease of deployment

    4.

    Low cost but high functionality

    Which of the following approaches best meets these objectives?

    A. Kerberos

    B. EAP

    C. SAML

    D. OAuth

    E. TACACS+

  • Question 145:

    A security administrator is trying to securely provide public access to specific data from a web application. Clients who want to access the application will be required to:

    1.

    Only allow the POST and GET options.

    2.

    Transmit all data secured with TLS 1.2 or greater.

    3.

    Use specific URLs to access each type of data that is requested.

    4.

    Authenticate with a bearer token.

    Which of the following should the security administrator recommend to meet these requirements?

    A. API gateway

    B. Application load balancer

    C. Web application firewall

    D. Reverse proxy

  • Question 146:

    An organization is working to secure its development process to ensure developers cannot deploy artifacts directly into the production environment. Which of the following security practice recommendations would be the best to accomplish this objective?

    A. Implement least privilege access to all systems.

    B. Roll out security awareness training for all users.

    C. Set up policies and systems with separation of duties.

    D. Enforce job rotations for all developers and administrators.

    E. Utilize mandatory vacations for all developers.

    F. Review all access to production systems on a quarterly basis.

  • Question 147:

    An organization handles sensitive information that must be displayed on call center technicians' screens to verify the identities of remote callers. The technicians use three randomly selected fields of information to complete the identity verification process. Some of the fields contain PII that are unique identifiers for the remote callers. Which of the following should be implemented to identify remote callers while also reducing the risk that technicians could improperly use the identification information?

    A. Data masking

    B. Encryption

    C. Tokenization

    D. Scrubbing

    E. Substitution

  • Question 148:

    Which of the following is the best reason for obtaining file hashes from a confiscated laptop?

    A. To prevent metadata tampering on each file

    B. To later validate the integrity of each file

    C. To generate unique identifiers for each file

    D. To preserve the chain of custody of files

  • Question 149:

    During the development process, the team identifies major components that need to be rewritten. As a result, the company hires a security consultant to help address major process issues. Which of the following should the consultant recommend to best prevent these issues from reoccurring in the future?

    A. Implementing a static analysis tool within the CI/CD system

    B. Configuring a dynamic application security testing tool

    C. Performing software composition analysis on all third-party components

    D. Utilizing a risk-based threat modeling approach on new projects

    E. Setting up an interactive application security testing tool

  • Question 150:

    A security manager discovers that a system's log files contain evidence of potential criminal activity. Which of the following actions should be done next?

    A. Power off all systems immediately to block any further actions.

    B. Perform a thorough investigation with law enforcement.

    C. Contact the user who appears in the log files.

    D. Take a system snapshot to preserve any evidence.

    E. Reach out to the human resources department.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.