DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

CompTIA CAS-004 Exam Success: Mock Tests & Study Resources, CompTIA CASP+ Certification | SPOTO

Achieve success in your CompTIA CASP+ certification exam with our comprehensive mock tests and study resources. Our materials are meticulously designed to cover all exam topics in detail, ensuring thorough preparation in risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security. Access our free test samples to evaluate your knowledge and readiness. Explore our exam dumps for in-depth explanations and insights into key concepts. Practice with our mock exams and online exam questions to simulate real testing conditions and boost your confidence. With SPOTO, you'll have access to top-notch exam materials and expert guidance to excel in your CASP+ certification journey.
Take other online exams

Question #1
A security analyst is reviewing the following output: Which of the following would BEST mitigate this type of attack?
A. Installing a network firewall
B. Placing a WAF inline C
View answer
Correct Answer: D

View The Updated CAS-004 Exam Questions

SPOTO Provides 100% Real CAS-004 Exam Questions for You to Pass Your CAS-004 Exam!

Question #2
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services. Each user will have a unique allow list defined for access. The system will construct one-to-one subject/object access paths dynamically. Which of the following architectural designs should the organization use to meet these requirements?
A. Peer-to-peer secure communications enabled by mobile applications
B. Proxied application data connections enabled by API gateways C
View answer
Correct Answer: C
Question #3
A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization. Which of the following should be the analyst’s FIRST action?
A. Create a full inventory of information and data assets
B. Ascertain the impact of an attack on the availability of crucial resources
View answer
Correct Answer: B
Question #4
A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization. Which of the following actions would BEST resolve the issue? (Choose two.)
A. Conduct input sanitization
E. Deploy a WAF
F. Deploy a reverse proxy G
View answer
Correct Answer: A
Question #5
A security engineer has been asked to close all non-secure connections from the corporate network. The engineer is attempting to understand why the corporate UTM will not allow users to download email via IMAPS. The engineer formulates a theory and begins testing by creating the firewall ID 58, and users are able to download emails correctly by using IMAP instead. The network comprises three VLANs: The security engineer looks at the UTM firewall rules and finds the following: Which of the following should t
A. Contact the email service provider and ask if the company IP is blocked
B. Confirm the email server certificate is installed on the corporate computers
View answer
Correct Answer: A
Question #6
A security engineer needs to recommend a solution that will meet the following requirements: Identify sensitive data in the provider’s network Maintain compliance with company and regulatory guidelines Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements? A.WAF B.CASB C.SWG D.DLP
A security engineer needs to recommend a solution that will meet the following requirements: Identify sensitive data in the provider’s network Maintain compliance with company and regulatory guidelines Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements? A. AF B
View answer
Correct Answer: C
Question #7
A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field and leaves the institution vulnerable. Which of the following should the security team recommend FIRST?
A. Investigating a potential threat identified in logs related to the identity management system
B. Updating the identity management system to use discretionary access control C
View answer
Correct Answer: D
Question #8
An organization is preparing to migrate its production environment systems from an on-premises environment to a cloud service. The lead security architect is concerned that the organization's current methods for addressing risk may not be possible in the cloud environment. Which of the following BEST describes the reason why traditional methods of addressing risk may not be possible in the cloud?
A. Migrating operations assumes the acceptance of all risk
B. Cloud providers are unable to avoid risk
View answer
Correct Answer: BD
Question #9
Which of the following allows computation and analysis of data within a ciphertext without knowledge of the plaintext?
A. Lattice-based cryptography
B. Quantum computing C
View answer
Correct Answer: B
Question #10
Which of the following is a benefit of using steganalysis techniques in forensic response?
A. Breaking a symmetric cipher used in secure voice communications
B. Determining the frequency of unique attacks against DRM-protected media C
View answer
Correct Answer: A
Question #11
All staff at a company have started working remotely due to a global pandemic. To transition to remote work, the company has migrated to SaaS collaboration tools. The human resources department wants to use these tools to process sensitive information but is concerned the data could be: Leaked to the media via printing of the documents Sent to a personal email address Accessed and viewed by systems administrators Uploaded to a file storage site Which of the following would mitigate the department’s concerns
All staff at a company have started working remotely due to a global pandemic. To transition to remote work, the company has migrated to SaaS collaboration tools
View answer
Correct Answer: C
Question #12
A developer wants to maintain integrity to each module of a program and ensure the code cannot be altered by malicious users. Which of the following would be BEST for the developer to perform? (Choose two.)
A. Utilize code signing by a trusted third party
B. Implement certificate-based authentication
F. Make the DACL read-only
View answer
Correct Answer: B
Question #13
An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following: ERR_SSL_VERSION_OR_CIPHER_MISMATCH Which of the following is MOST likely the root cause?
A. The client application is testing PFS
B. The client application is configured to use ECDHE
View answer
Correct Answer: B
Question #14
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user’s workstation: graphic.linux_randomization.prg Which of the following technologies would mitigate the manipulation of memory segments? A.NX bit B.ASLR C.DEP D.HSM
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user’s workstation: graphic
View answer
Correct Answer: D
Question #15
After a security incident, a network security engineer discovers that a portion of the company’s sensitive external traffic has been redirected through a secondary ISP that is not normally used. Which of the following would BEST secure the routes while allowing the network to function in the event of a single provider failure?
A. Disable BGP and implement a single static route for each internal network
B. Implement a BGP route reflector
View answer
Correct Answer: B
Question #16
A company is looking to fortify its cybersecurity defenses and is focusing on its network infrastructure. The solution cannot affect the availability of the company’s services to ensure false positives do not drop legitimate traffic. Which of the following would satisfy the requirement?
A. NIDS B
View answer
Correct Answer: D
Question #17
A small company recently developed prototype technology for a military program. The company’s security engineer is concerned about potential theft of the newly developed, proprietary information. Which of the following should the security engineer do to BEST manage the threats proactively?
A. Join an information-sharing community that is relevant to the company
B. Leverage the MITRE ATT&CK framework to map the TTR
View answer
Correct Answer: C
Question #18
A business stores personal client data of individuals residing in the EU in order to process requests for mortgage loan approvals. Which of the following does the business’s IT manager need to consider?
A. The availability of personal data
B. The right to personal data erasure C
View answer
Correct Answer: C
Question #19
A company publishes several APIs for customers and is required to use keys to segregate customer data sets. Which of the following would be BEST to use to store customer keys?
A. A trusted platform module
B. A hardware security module C
View answer
Correct Answer: A
Question #20
A company is preparing to deploy a global service. Which of the following must the company do to ensure GDPR compliance? (Choose two.)
A. Inform users regarding what data is stored
B. Provide opt-in/out for marketing messages
E. Grant data access to third parties
F. Provide alternative authentication techniques
View answer
Correct Answer: B
Question #21
A security engineer was auditing an organization’s current software development practice and discovered that multiple opensource libraries were Integrated into the organization’s software. The organization currently performs SAST and DAST on the software it develops. Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?
A. Perform additional SAST/DAST on the open-source libraries
B. Implement the SDLC security guidelines
View answer
Correct Answer: B
Question #22
While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware. Which of the following is the NEXT step t
A. Pay the ransom within 48 hours
B. Isolate the servers to prevent the spread
View answer
Correct Answer: B
Question #23
A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer’s laptop was impacted while working from home. The goal is to prevent further endpoint disruption. The edge network is protected by a web proxy. Which of the following solutions should the security architect recommend?
A. Replace the current antivirus with an EDR solution
B. Remove the web proxy and install a UTM appliance
View answer
Correct Answer: A
Question #24
A customer reports being unable to connect to a website at www.test.com to consume services. The customer notices the web application has the following published cipher suite: Which of the following is the MOST likely cause of the customer’s inability to connect?
A. Weak ciphers are being used
B. The public key should be using ECDSA
View answer
Correct Answer: D
Question #25
A security analyst discovered that the company’s WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests: Which of the following would BEST mitigate this vulnerability?
A. CAPTCHA
B. Input validation C
View answer
Correct Answer: D
Question #26
A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line. Which of the following commands would be the BEST to run to view only active Internet connections?
A. sudo netstat -antu | grep “LISTEN” | awk ‘{print$5}’
B. sudo netstat -nlt -p | grep “ESTABLISHED” C
E. sudo netstat -pnut | grep -P ^tcp
View answer
Correct Answer: D
Question #27
A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote location. The main requirements are the following: 1. The network supports core applications that have 99.99% uptime. 2. Configuration updates to the SD-WAN routers
A. Reverse proxy, stateful firewalls, and VPNs at the local sites B
View answer
Correct Answer: B
Question #28
A new web server must comply with new secure-by-design principles and PCI DSS. This includes mitigating the risk of an on-path attack. A security analyst is reviewing the following web server configuration: Which of the following ciphers should the security analyst remove to support the business requirements?
A. TLS_AES_128_CCM_8_SHA256
B. TLS_DHE_DSS_WITH_RC4_128_SHA C
View answer
Correct Answer: AB
Question #29
A company hired a third party to develop software as part of its strategy to be quicker to market. The company’s policy outlines the following requirements: The credentials used to publish production software to the container registry should be stored in a secure location. Access should be restricted to the pipeline service account, without the ability for the third-party developer to read the credentials directly. Which of the following would be the BEST recommendation for storing and monitoring access to
B. Local secure password file C
View answer
Correct Answer: C
Question #30
A company wants to protect its intellectual property from theft. The company has already applied ACLs and DACs. Which of the following should the company use to prevent data theft?
A. Watermarking
B. DRM C
View answer
Correct Answer: D
Question #31
A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements: Only users with corporate-owned devices can directly access servers hosted by the cloud provider. The company can control what SaaS applications each individual user can access. User browser activity can be monitored. Which of the following solutions would BEST meet these requirements?
A. IAM gateway, MDM, and reverse proxy
B. VPN, CASB, and secure web gateway C
View answer
Correct Answer: C
Question #32
An organization wants to perform a scan of all its systems against best practice security configurations. Which of the following SCAP standards, when combined, will enable the organization to view each of the configuration checks in a machine-readable checklist format for fill automation? (Choose two.) A.ARF
B. XCCDF C
F. OVAL
View answer
Correct Answer: A
Question #33
An organization recently experienced a ransomware attack. The security team leader is concerned about the attack reoccurring. However, no further security measures have been implemented. Which of the following processes can be used to identify potential prevention recommendations?
A. Detection
B. Remediation C
View answer
Correct Answer: C
Question #34
An organization’s hunt team thinks a persistent threats exists and already has a foothold in the enterprise network. Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?
A. Deploy a SOAR tool
B. Modify user password history and length requirements
View answer
Correct Answer: C

View The Updated CompTIA Exam Questions

SPOTO Provides 100% Real CompTIA Exam Questions for You to Pass Your CompTIA Exam!

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: