1. Home
  2. CompTIA
  3. CAS-004

CompTIA Advanced Security Practitioner (CASP+)

Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :743 Q&As
  • Last Updated
    :Apr 15, 2025

CompTIA CompTIA Certifications CAS-004 Questions & Answers

  • Question 561:

    A cybersecurity analyst discovered a private key that could have been exposed.

    Which of the following is the BEST way for the analyst to determine if the key has been compromised?

    A. HSTS

    B. CRL

    C. CSRs

    D. OCSP

  • Question 562:

    A security administrator configured the account policies per security implementation guidelines. However, the accounts still appear to be susceptible to brute-force attacks. The following settings meet the existing compliance guidelines:

    1.

    Must have a minimum of 15 characters

    2.

    Must use one number

    3.

    Must use one capital letter

    4.

    Must not be one of the last 12 passwords used

    Which of the following policies should be added to provide additional security?

    A. Shared accounts

    B. Password complexity

    C. Account lockout

    D. Password history

    E. Time-based logins

  • Question 563:

    A security architect for a large, multinational manufacturer needs to design and implement a security solution to monitor traffic.

    When designing the solution, which of the following threats should the security architect focus on to prevent attacks against the network?

    A. Packets that are the wrong size or length

    B. Use of any non-DNP3 communication on a DNP3 port

    C. Multiple solicited responses over time

    D. Application of an unsupported encryption algorithm

  • Question 564:

    A penetration tester obtained root access on a Windows server and, according to the rules of engagement, is permitted to perform post-exploitation for persistence. Which of the following techniques would BEST support this?

    A. Configuring systemd services to run automatically at startup

    B. Creating a backdoor

    C. Exploiting an arbitrary code execution exploit

    D. Moving laterally to a more authoritative server/service

  • Question 565:

    Technicians have determined that the current server hardware is outdated, so they have decided to throw it out. Prior to disposal, which of the following is the BEST method to use to ensure no data remnants can be recovered?

    A. Drive wiping

    B. Degaussing

    C. Purging

    D. Physical destruction

  • Question 566:

    A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence. Which of the following offers an authoritative decision about whether the evidence was obtained legally?

    A. Lawyers

    B. Court

    C. Upper management team

    D. Police

  • Question 567:

    A company is looking for a solution to hide data stored in databases. The solution must meet the following requirements:

    1.

    Be efficient at protecting the production environment

    2.

    Not require any change to the application

    3.

    Act at the presentation layer

    Which of the following techniques should be used?

    A. Masking

    B. Tokenization

    C. Algorithmic

    D. Random substitution

  • Question 568:

    A software house is developing a new application. The application has the following requirements:

    1.

    Reduce the number of credential requests as much as possible

    2.

    Integrate with social networks

    3.

    Authenticate users

    Which of the following is the BEST federation method to use for the application?

    A. WS-Federation

    B. OpenID

    C. OAuth

    D. SAML

  • Question 569:

    A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization. The legal department provided the security team with a list of search terms to investigate.

    This is an example of:

    A. due intelligence

    B. e-discovery.

    C. due care.

    D. legal hold.

  • Question 570:

    A company's Chief Information Security Officer is concerned that the company's proposed move to the cloud could lead to a lack of visibility into network traffic flow logs within the VPC. Which of the following compensating controls would be BEST to implement in this situation?

    A. EDR

    B. SIEM

    C. HIDS

    D. UEBA

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.