Enjoy 15% Discount With Coupon 15off

CompTIA CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam Online Training

CompTIA CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam Online Training

CompTIA CAS-004 Online Training

The questions for CAS-004 were last updated at Jan 28,2025.
  • Exam Code: CAS-004
  • Exam Name: CompTIA Advanced Security Practitioner (CASP+) Exam
  • Certification Provider: CompTIA
  • Latest update: Jan 28,2025
Question #31

A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure.

The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:

Only users with corporate-owned devices can directly access servers hosted by the cloud provider.

The company can control what SaaS applications each individual user can access.

User browser activity can be monitored.

Which of the following solutions would BEST meet these requirements?

  • A . IAM gateway, MDM, and reverse proxy
  • B . VPN, CASB, and secure web gateway
  • C . SSL tunnel, DLP, and host-based firewall
  • D . API gateway, UEM, and forward proxy

Reveal Solution Hide Solution

Question #32

During a system penetration test, a security engineer successfully gained access to a shell on a Linux host as a standard user and wants to elevate the privilege levels.

Which of the following is a valid Linux post-exploitation method to use to accomplish this goal?

  • A . Spawn a shell using sudo and an escape string such as sudo vim -c ‘!sh’.
  • B . Perform ASIC password cracking on the host.
  • C . Read the /etc/passwd file to extract the usernames.
  • D . Initiate unquoted service path exploits.
  • E . Use the UNION operator to extract the database schema.

Reveal Solution Hide Solution

Question #33

A systems administrator is in the process of hardening the host systems before connecting to the network. The administrator wants to add protection to the boot loader to ensure the hosts are secure before the OS fully boots.

Which of the following would provide the BEST boot loader protection?

  • A . TPM
  • B . HSM
  • C . PKI
  • D . UEFI/BIOS

Reveal Solution Hide Solution

Question #34

A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the

company is concerned about HTTPS interception attacks.

Which of the following would be the BEST solution against this type of attack?

  • A . Cookies
  • B . Wildcard certificates
  • C . HSTS
  • D . Certificate pinning

Reveal Solution Hide Solution

Question #35

DRAG DROP

An organization is planning for disaster recovery and continuity of operations.

INSTRUCTIONS

Review the following scenarios and instructions. Match each relevant finding to the affected host. After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding.

Each finding may be used more than once.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Reveal Solution Hide Solution

Question #36

A threat hunting team receives a report about possible APT activity in the network.

Which of the following threat management frameworks should the team implement?

  • A . NIST SP 800-53
  • B . MITRE ATT&CK
  • C . The Cyber Kill Chain
  • D . The Diamond Model of Intrusion Analysis

Reveal Solution Hide Solution

Question #37

Device event logs sources from MDM software as follows:

Which of the following security concerns and response actions would BEST address the risks posed by the device in the logs?

  • A . Malicious installation of an application; change the MDM configuration to remove application ID 1220.
  • B . Resource leak; recover the device for analysis and clean up the local storage.
  • C . Impossible travel; disable the device’s account and access while investigating.
  • D . Falsified status reporting; remotely wipe the device.

Reveal Solution Hide Solution

Question #38

An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports.

Which of the following historian server locations will allow the business to get the required reports in an ОТ and IT environment?

  • A . In the ОТ environment, use a VPN from the IT environment into the ОТ environment.
  • B . In the ОТ environment, allow IT traffic into the ОТ environment.
  • C . In the IT environment, allow PLCs to send data from the ОТ environment to the IT environment.
  • D . Use a screened subnet between the ОТ and IT environments.

Reveal Solution Hide Solution

Question #39

Which of the following is a benefit of using steganalysis techniques in forensic response?

  • A . Breaking a symmetric cipher used in secure voice communications
  • B . Determining the frequency of unique attacks against DRM-protected media
  • C . Maintaining chain of custody for acquired evidence
  • D . Identifying least significant bit encoding of data in a .wav file

Reveal Solution Hide Solution

Question #40

A new web server must comply with new secure-by-design principles and PCI DSS. This includes mitigating the risk of an on-path attack.

A security analyst is reviewing the following web server configuration:

Which of the following ciphers should the security analyst remove to support the business requirements?

  • A . TLS_AES_128_CCM_8_SHA256
  • B . TLS_DHE_DSS_WITH_RC4_128_SHA
  • C . TLS_CHACHA20_POLY1305_SHA256
  • D . TLS_AES_128_GCM_SHA256

Reveal Solution Hide Solution

Previous Questions Next Questions
Latest CAS-004 Dumps Valid Version with 128 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CAS-004 PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

13Oct

CompTIA PK0-004 CompTIA Project + Online Training

Question #1 A project manager is attempting to establish the proper sequencing and duration of project activities. Which of the following... read more

13Sep

CompTIA FC0-U61 CompTIA IT Fundamentals+ Certification Exam Online Training

Question #1 Which of the following is primarily a confidentiality concern? A . EavesdroppingB . ImpersonatingC . DestructingD . Altering read more

23Aug

CompTIA SY0-601 CompTIA Security+ Exam Online Training

Question #1 A company has discovered unauthorized devices are using its WIFI network, and it wants to harden the access point... read more

30Aug

CompTIA CV0-004 CompTIA Cloud+ (2024) Online Training

Question #1 An engineer made a change to an application and needs to select a deployment strategy that meets the following... read more

11Oct

CompTIA CV0-001 CompTIA Cloud+ Certification Exam Online Training

Question #1 Which of the following is a subcomponent of a virtual machine? A . Virtual switchB . Virtual HBAC . Virtual... read more

04Sep

CompTIA N10-008 CompTIA Network+Exam Online Training

Question #1 A systems administrator needs to improve WiFi performance in a densely populated office tower and use the latest standard.... read more

04Oct

CompTIA 220-1002 CompTIA A+ Certification Exam: Core 2 Online Training

Question #1 Which of the following is a reason to use WEP over WPA? A . Device compatibilityB . Increased securityC .... read more

16Oct

CompTIA CLO-001 CompTIA Cloud Essentials Exam Online Training

Question #1 Digital identities for logging onto SaaS solutions should be issued by all the following EXCEPT: A . A third-party identity... read more

14Aug

CompTIA PK0-005 CompTIA Project+Certification Online Training

Question #1 A PM has identified all the resources involved in a project. The next step is to identify which resources... read more

19Nov

CompTIA CV0-003 CompTIA Cloud+ Certification Exam Online Training

Question #1 A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to... read more