1. Home
  2. CompTIA
  3. CAS-004

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :743 Q&As
  • Last Updated
    :Apr 15, 2025

CompTIA CompTIA Certifications CAS-004 Questions & Answers

  • Question 301:

    An organization thinks that its network has active, malicious activity on it. Which of the following capabilities would BEST help to expose the adversary?

    A. Installing a honeypot and other decoys

    B. Expanding SOC functions to include hunting

    C. Enumerating asset configurations

    D. Performing a penetration test

  • Question 302:

    A software developer was just informed by the security team that the company's product has several vulnerabilities. Most of these vulnerabilities were traced to code the developer did not write. The developer does not recognize some of the code, as it was in the software before the developer started on the program and is not tracked for licensing purposes. Which of the following would the developer MOST likely do to mitigate the risks and prevent further issues like these from occurring?

    A. Perform supply chain analysis and require third-party suppliers to implement vulnerability management programs.

    B. Perform software composition analysis and remediate vulnerabilities found in the software.

    C. Perform reverse engineering on the code and rewrite the code in a more secure manner.

    D. Perform fuzz testing and implement DAST in the code repositories to find vulnerabilities prior to deployment.

  • Question 303:

    A security engineer has been informed by the firewall team that a specific Windows workstation is part of a command-and-control network. The only information the security engineer is receiving is that the traffic is occurring on a non-standard port (TCP 40322). Which of the following commands should the security engineer use FIRST to find the malicious process?

    A. tcpdump

    B. netstat

    C. tasklist

    D. traceroute

    E. ipconfig

  • Question 304:

    Which of the following processes involves searching and collecting evidence during an investigation or lawsuit?

    A. E-discovery

    B. Review analysis

    C. Information governance

    D. Chain of custody

  • Question 305:

    An organization had been leveraging RC4 to protect the confidentiality of a continuous, high-throughput 4K video stream but must upgrade to a more modern cipher. The new cipher must maximize speed, particularly on endpoints without crypto instruction sets or coprocessors. Which of the following is MOST likely to meet the organization's requirements?

    A. ChaCha20

    B. ECDSA

    C. Blowfish

    D. AES-GCM

    E. AES-CBC

  • Question 306:

    When managing and mitigating SaaS cloud vendor risk, which of the following responsibilities belongs to the client?

    A. Data

    B. Storage

    C. Physical security

    D. Network

  • Question 307:

    A security engineer based in Iceland works in an environment requiring an on-premises and cloud-based storage solution. The solution should take into consideration the following:

    1.

    The company has sensitive data.

    2.

    The company has proprietary data.

    3.

    The company has its headquarters in Iceland, and the data must always reside in that country.

    Which cloud deployment model should be used?

    A. Hybrid cloud

    B. Community cloud

    C. Public cloud

    D. Private cloud

  • Question 308:

    An organization is in frequent litigation and has a large number of legal holds. Which of the following types of functionality should the organization's new email system provide?

    A. DLP

    B. Encryption

    C. E-discovery

    D. Privacy-level agreements

  • Question 309:

    A security analyst has been tasked with providing key information in the risk register. Which of the following outputs or results would be used to BEST provide the information needed to determine the security posture for a risk decision? (Choose two.)

    A. Password cracker

    B. SCAP scanner

    C. Network traffic analyzer

    D. Vulnerability scanner

    E. Port scanner

    F. Protocol analyzer

  • Question 310:

    An organization does not have visibility into when company-owned assets are off network or not connected via a VPN. The lack of visibility prevents the organization from meeting security and operational objectives. Which of the following

    cloud-hosted solutions should the organization implement to help mitigate the risk?

    A. Antivirus

    B. UEBA

    C. EDR

    D. HIDS

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.