DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest CompTIA CAS-004 Practice Tests and Exam Dumps 2024, CompTIA CASP+ Certification | SPOTO

Prepare for success in your CompTIA CASP+ certification exam with our latest practice tests and exam dumps for 2024. Our comprehensive resources provide thorough coverage of the CAS-004 exam topics, including risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security. Access our free test samples to assess your knowledge and readiness. Dive into our exam dumps for detailed explanations and insights into key concepts. Practice with our mock exams and online exam questions to simulate real testing conditions and boost your confidence. With SPOTO, you'll have access to top-quality exam materials and expert guidance to help you excel in your CASP+ certification journey.
Take other online exams

Question #1
An organization is assessing the security posture of a new SaaS CRM system that handles sensitive Pll and identity information, such as passport numbers. The SaaS CRM system does not meet the organization's current security standards. The assessment identifies the following: * 1- There will be a $20,000 per day revenue loss for each day the system is delayed going into production. * 2- The inherent risk is high. * 3- The residual risk is low. * 4- There will be a staged deployment to the solution rollout to
A. Apply for a security exemption, as the risk is too high to accept
B. Transfer the risk to the SaaS CRM vendor, as the organization is using a cloud service
C. Accept the risk, as compensating controls have been implemented to manage the risk
D. Avoid the risk by accepting the shared responsibility model with the SaaS CRM provider
View answer
Correct Answer: D
Question #2
An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports. Which of the following historian server locations will allow the business to get the required reports in an and IT environment?
A. In the environment, use a VPN from the IT environment into the environment
B. In the environment, allow IT traffic into the environment
C. In the IT environment, allow PLCs to send data from the environment to the IT environment
D. Use a screened subnet between the and IT environments
View answer
Correct Answer: D
Question #3
A security analyst is trying to identify the source of a recent data loss incident. The analyst has reviewed all the for the time surrounding the identified all the assets on the network at the time of the data loss. The analyst suspects the key to finding the source was obfuscated in an application. Which of the following tools should the analyst use NEXT?
A. Software Decomplier
B. Network enurrerator
C. Log reduction and analysis tool
D. Static code analysis
View answer
Correct Answer: B
Question #4
A security architect is reviewing the following proposed corporate firewall architecture and configuration: Both firewalls are stateful and provide Layer 7 filtering and routing. The company has the following requirements: Web servers must receive all updates via HTTP/S from the corporate network. Web servers should not initiate communication with the Internet. Web servers should only connect to preapproved corporate database servers. Employees’ computing devices should only connect to web services over por
A. Add the following to Firewall_A: 15 PERMIT FROM 10
B. Add the following to Firewall_A: 15 PERMIT FROM 192
C. Add the following to Firewall_A: 15 PERMIT FROM 10
D. Add the following to Firewall_B: 15 PERMIT FROM 0
E. Add the following to Firewall_B: 15 PERMIT FROM 10
F. Add the following to Firewall_B: 15 PERMIT FROM 192
View answer
Correct Answer: A
Question #5
A security architect needs to implement a CASB solution for an organization with a highly distributed remote workforce. One Of the requirements for the implementation includes the capability to discover SaaS applications and block access to those that are unapproved or identified as risky. Which of the following would BEST achieve this objective?
A. Deploy endpoint agents that monitor local web traffic to enforce DLP and encryption policies
B. Implement cloud infrastructure to proxy all user web traffic to enforce DI-P and encryption policies
C. Implement cloud infrastructure to proxy all user web traffic and control access according to centralized policy
D. Deploy endpoint agents that monitor local web traffic and control access according to centralized policy
View answer
Correct Answer: C
Question #6
A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident. Which of the following would be BEST to proceed with the transformation?
A. An on-premises solution as a backup
B. A load balancer with a round-robin configuration
C. A multicloud provider solution
D. An active-active solution within the same tenant
View answer
Correct Answer: B
Question #7
A company just released a new video card. Due to limited supply and high demand, attackers are employing automated systems to purchase the device through the company's web store so they can resell it on the secondary market. The company's intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems. Which of the following now describes the level of risk?
A. Inherent
B. Low
C. Mitigated
D. Residual
E. Transferred
View answer
Correct Answer: C
Question #8
The Chief information Security Officer (CISO) of a small locate bank has a compliance requirement that a third-party penetration test of the core banking application must be conducted annually. Which of the following services would fulfill the compliance requirement with the LOWEST resource usage?
A. Black-box testing
B. Gray-box testing
C. Red-team hunting
D. White-box testing
E. Blue-learn exercises
View answer
Correct Answer: A
Question #9
A company is looking at sending historical backups containing customer PII to a cloud service provider to save on storage costs. Which of the following is the MOST important consideration before making this decision?
A. Availability
B. Data sovereignty
C. Geography
D. Vendor lock-in
View answer
Correct Answer: D
Question #10
A company's finance department acquired a new payment system that exports data to an unencrypted file on the system. The company implemented controls on the file so only appropriate personnel are allowed access. Which of the following risk techniques did the department use in this situation?
A. Accept
B. Avoid
C. Transfer
D. Mitigate
View answer
Correct Answer: E
Question #11
A company is migrating from company-owned phones to a BYOD strategy for mobile devices. The pilot program will start with the executive management team and be rolled out to the rest of the staff in phases. The company’s Chief Financial Officer loses a phone multiple times a year. Which of the following will MOST likely secure the data on the lost device?
A. Require a VPN to be active to access company data
B. Set up different profiles based on the person’s risk
C. Remotely wipe the device
D. Require MFA to access company applications
View answer
Correct Answer: C
Question #12
A security analyst sees that a hacker has discovered some keys and they are being made available on a public website. The security analyst is then able to successfully decrypt the data using the keys from the website. Which of the following should the security analyst recommend to protect the affected data?
A. Key rotation
B. Key revocation
C. Key escrow
D. Zeroization
E. Cryptographic obfuscation
View answer
Correct Answer: A
Question #13
A cybersecurity analyst receives a ticket that indicates a potential incident is occurring. There has been a large in log files generated by a generated by a website containing a ‘’Contact US’’ form. The analyst must determine if the increase in website traffic is due to a recent marketing campaign of if this is a potential incident. Which of the following would BEST assist the analyst?
A. Ensuring proper input validation is configured on the ‘’Contact US’’ form
B. Deploy a WAF in front of the public website
C. Checking for new rules from the inbound network IPS vendor
D. Running the website log files through a log reduction and analysis tool
View answer
Correct Answer: B
Question #14
Which of the following technologies allows CSPs to add encryption across multiple data storages?
A. Symmetric encryption
B. Homomorphic encryption
C. Data dispersion
D. Bit splitting
View answer
Correct Answer: D
Question #15
A security engineer is reviewing a record of events after a recent data breach incident that Involved the following: ? A hacker conducted reconnaissance and developed a footprint of the company s Internet-facing web application assets. ? A vulnerability in a third-party horary was exploited by the hacker, resulting in the compromise of a local account. ? The hacker took advantage of the account's excessive privileges to access a data store and exfilltrate the data without detection. Which of the following i
A. Dynamic analysis
B. Secure web gateway
C. Software composition analysis
D. User behavior analysis
E. Web application firewall
View answer
Correct Answer: C
Question #16
An organization requires a contractual document that includes ? An overview of what is covered ? Goals and objectives ? Performance metrics for each party ? A review of how the agreement is managed by all parties Which of the following BEST describes this type of contractual document?
A. SLA
B. BAA
C. NDA
D. ISA
View answer
Correct Answer: A
Question #17
A company’s employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email traveling . Which of the following is the MOST likely explanation:? (Select TWO.)
A. Outdated escalation attack
B. Privilege escalation attack
C. VPN on the mobile device
D. Unrestricted email administrator accounts
E. Chief use of UDP protocols
F. Disabled GPS on mobile devices
View answer
Correct Answer: C
Question #18
Immediately following the report of a potential breach, a security engineer creates a forensic image of the server in question as part of the organization incident response procedure. Which of the must occur to ensure the integrity of the image?
A. The image must be password protected against changes
B. A hash value of the image must be computed
C. The disk containing the image must be placed in a seated container
D. A duplicate copy of the image must be maintained
View answer
Correct Answer: D
Question #19
An administrator at a software development company would like to protect the integrity Of the company's applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however, is working properly on the website, is valid, and is issued by a trusted CA. Which of the following is MOST likely the cause of the signature failing?
A. The NTP server is set incorrectly for the developers
B. The CA has included the certificate in its CRL_
C. The certificate is set for the wrong key usage
D. Each application is missing a SAN or wildcard entry on the certificate
View answer
Correct Answer: D
Question #20
A recent data breach stemmed from unauthorized access to an employee’s company account with a cloud-based productivity suite. The attacker exploited excessive permissions granted to a third-party OAuth application to collect sensitive information. Which of the following BEST mitigates inappropriate access and permissions issues?
A. SIEM
B. CASB
C. WAF
D. SOAR
View answer
Correct Answer: C
Question #21
The Chief information Officer (CIO) wants to implement enterprise mobility throughout the organization. The goal is to allow employees access to company resources. However the CIO wants the ability to enforce configuration settings, manage data, and manage both company-owned and personal devices. Which of the following should the CIO implement to achieve this goal?
A. BYOO
B. CYOD
C. COPE
D. MDM
View answer
Correct Answer: D
Question #22
A security analyst is validating the MAC policy on a set of Android devices. The policy was written to ensure non-critical applications are unable to access certain resources. When reviewing dmesg, the analyst notes many entries such as: Despite the deny message, this action was still permit following is the MOST likely fix for this issue?
A. Add the objects of concern to the default context
B. Set the devices to enforcing
C. Create separate domain and context files for irc
D. Rebuild the policy, reinstall, and test
View answer
Correct Answer: D
Question #23
An enterprise is undergoing an audit to review change management activities when promoting code to production. The audit reveals the following: ? Some developers can directly publish code to the production environment. ? Static code reviews are performed adequately. ? Vulnerability scanning occurs on a regularly scheduled basis per policy. Which of the following should be noted as a recommendation within the audit report?
A. Implement short maintenance windows
B. Perform periodic account reviews
C. Implement job rotation
D. Improve separation of duties
View answer
Correct Answer: B
Question #24
As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents. Which of the following BEST describes this kind of risk response?
A. Risk rejection
B. Risk mitigation
C. Risk transference
D. Risk avoidance
View answer
Correct Answer: C
Question #25
An organization is planning for disaster recovery and continuity of operations. INSTRUCTIONS Review the following scenarios and instructions. Match each relevant finding to the affected host. After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding. Each finding may be used more than once. If at any time you would like to bring back the initial state of the simul-ation, please click the Reset All button.
A. Mastered
B. Not Mastered
View answer
Correct Answer: C
Question #26
A security engineer was auditing an organization’s current software development practice and discovered that multiple open-source libraries were Integrated into the organization’s software. The organization currently performs SAST and DAST on the software it develops. Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?
A. Perform additional SAST/DAST on the open-source libraries
B. Implement the SDLC security guidelines
C. Track the library versions and monitor the CVE website for related vulnerabilities
D. Perform unit testing of the open-source libraries
View answer
Correct Answer: C
Question #27
Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the RPO for a disaster recovery event for this data classification is 24 hours. Based on RPO requirements, which of the following recommendations should the management team make?
A. Leave the current backup schedule intact and pay the ransom to decrypt the data
B. Leave the current backup schedule intact and make the human resources fileshare read-only
C. Increase the frequency of backups and create SIEM alerts for IOCs
D. Decrease the frequency of backups and pay the ransom to decrypt the data
View answer
Correct Answer: AE
Question #28
An organization is deploying a new, online digital bank and needs to ensure availability and performance. The cloud-based architecture is deployed using PaaS and SaaS solutions, and it was designed with the following considerations: - Protection from DoS attacks against its infrastructure and web applications is in place. - Highly available and distributed DNS is implemented. - Static content is cached in the CDN. - A WAF is deployed inline and is in block mode. - Multiple public clouds are utilized in an a
A. The public cloud provider is applying QoS to the inbound customer traffic
B. The API gateway endpoints are being directly targeted
C. The site is experiencing a brute-force credential attack
D. A DDoS attack is targeted at the CDN
View answer
Correct Answer: C
Question #29
A recent data breach revealed that a company has a number of files containing customer data across its storage environment. These files are individualized for each employee and are used in tracking various customer orders, inquiries, and issues. The files are not encrypted and can be accessed by anyone. The senior management team would like to address these issues without interrupting existing processes. Which of the following should a security architect recommend?
A. A DLP program to identify which files have customer data and delete them
B. An ERP program to identify which processes need to be tracked
C. A CMDB to report on systems that are not configured to security baselines
D. A CRM application to consolidate the data and provision access based on the process and need
View answer
Correct Answer: C
Question #30
A systems administrator is preparing to run a vulnerability scan on a set of information systems in the organization. The systems administrator wants to ensure that the targeted systems produce accurate information especially regarding configuration settings. Which of the following scan types will provide the systems administrator with the MOST accurate information?
A. A passive, credentialed scan
B. A passive, non-credentialed scan
C. An active, non-credentialed scan
D. An active, credentialed scan
View answer
Correct Answer: A
Question #31
A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information. Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?
A. Hybrid IaaS solution in a single-tenancy cloud
B. Pass solution in a multinency cloud
C. SaaS solution in a community cloud
D. Private SaaS solution in a single tenancy cloud
View answer
Correct Answer: B
Question #32
The Chief information Officer (CIO) wants to establish a non-banding agreement with a third party that outlines the objectives of the mutual arrangement dealing with data transfers between both organizations before establishing a format partnership. Which of the follow would MOST likely be used?
A. MOU
B. OLA
C. NDA
D. SLA
View answer
Correct Answer: D

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: