DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Master CompTIA CAS-004 Exams with Exam Questions & Study Materials, CompTIA CASP+ Certification | SPOTO

Achieve mastery in your CompTIA CASP+ certification exam with our comprehensive study materials and exam questions. Our resources are meticulously designed to cover all aspects of the CAS-004 exam, ensuring thorough preparation in risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security. Access our free test samples to evaluate your knowledge and readiness. Dive into our exam dumps for detailed explanations and insights into key concepts. Practice with our mock exams and online exam questions to simulate real testing conditions and boost your confidence. With SPOTO, you'll have access to top-quality exam materials and expert guidance to help you excel in your CASP+ certification journey.
Take other online exams
Question #1
A company is implementing SSL inspection. During the next six months, multiple web applications that will be separated out with subdomains will be deployed. Which of the following will allow the inspection of the data without multiple certificate deployments?
A. Include all available cipher suites
B. Create a wildcard certificate
View answer
Correct Answer: B
Question #2
An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items. Which of the following phases establishes the identification and prioritization of critical systems and functions?
A. Review a recent gap analysis
B. Perform a cost-benefit analysis
View answer
Correct Answer: A
Question #3
A systems engineer needs to develop a solution that uses digital certificates to allow authentication to laptops. Which of the following authenticator types would be most appropriate for the engineer to include in the design? Using digital certificates for authentication is a secure method to control access to laptops and other devices. A device certificate can serve as an authenticator by providing a means for the device to prove its identity in a cryptographic manner. This certificate-based authentication
A. OTP token
B. evice certificate
C. mart card
D. iometric
View answer
Correct Answer: B
Question #4
During a remodel, a company’s computer equipment was moved to a secure storage room with cameras positioned on both sides of the door. The door is locked using a card reader issued by the security team, and only the security team and department managers have access to the room. The company wants to be able to identify any unauthorized individuals who enter the storage room by following an authorized employee. Which of the following processes would BEST satisfy this requirement?
A. Monitor camera footage corresponding to a valid access request
View answer
Correct Answer: CD
Question #5
An organization is implementing a new identity and access management architecture with the following objectives: Supporting MFA against on-premises infrastructure Improving the user experience by integrating with SaaS applications Applying risk-based policies based on location Performing just-in-time provisioning Which of the following authentication protocols should the organization implement to support these requirements?
A. Kerberos and TACACS B
View answer
Correct Answer: B
Question #6
A disaster recovery team learned of several mistakes that were made during the last disaster recovery parallel test. Computational resources ran out at 70% of restoration of critical services. Which of the following should be modified to prevent the issue from reoccurring?
A. Recovery point objective
B. Recovery time objective C
View answer
Correct Answer: B
Question #7
A SaaS startup is maturing its DevSecOps program and wants to identify weaknesses earlier in the development process in order to reduce the average time to identify serverless application vulnerabilities and the costs associated with remediation The startup began its early security testing efforts with DAST to cover public-facing application components and recently implemented a bug bounty program Which of the following will BEST accomplish the company's objectives? Static application security testing (SAST
A. ASP
B. AST
C. AF
D. MS
View answer
Correct Answer: B
Question #8
A company recently deployed a SIEM and began importing logs from a firewall, a file server, a domain controller a web server, and a laptop. A security analyst receives a series of SIEM alerts and prepares to respond. The following is the alert information: Which of the following should the security analyst do FIRST? Based on the SIEM alerts, the security analyst should first disable the jdoe account, as it is likely compromised by an attacker. The alerts show that the jdoe account successfully logged on to
A. isable Administrator on abc-uaa-fsl, the local account is compromised
B. hut down the abc-usa-fsl server, a plaintext credential is being used
C. isable the jdoe account, it is likely compromised
D. hut down abc-usa-fw01; the remote access VPN vulnerability is exploited
View answer
Correct Answer: C
Question #9
A SOC analyst is reviewing malicious activity on an external, exposed web server. During the investigation, the analyst determines specific traffic is not being logged, and there is no visibility from the WAF for the web application. Which of the following is the MOST likely cause?
A. The user agent client is not compatible with the WAF
B. A certificate on the WAF is expired
View answer
Correct Answer: B
Question #10
A security engineer thinks the development team has been hard-coding sensitive environment variables in its code. Which of the following would BEST secure the company’s CI/CD pipeline?
A. Utilizing a trusted secrets manager
B. Performing DAST on a weekly basis C
View answer
Correct Answer: A
Question #11
An organization is in frequent litigation and has a large number of legal holds. Which of the following types of functionality should the organization's new email system provide?
A. DLP
B. Encryption
C. E-discovery
D. Privacy-level agreements
View answer
Correct Answer: C
Question #12
A security engineer performed an assessment on a recently deployed web application. The engineer was able to exfiltration a company report by visiting the following URL: www.intranet.abc.com/get-files.jsp?file=report.pdf Which of the following mitigation techniques would be BEST for the security engineer to recommend? Input validation is a technique that checks the user input for any errors, malicious data, or unexpected values before processing it by the application. Input validation can prevent many commo
A. nput validation
B. irewall
C. AF
D. LP
View answer
Correct Answer: A
Question #13
Due to locality and budget constraints, an organization’s satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
A. Distributed connection allocation
B. Local caching C
View answer
Correct Answer: B
Question #14
An organization recently started processing, transmitting, and storing its customers’ credit card information. Within a week of doing so, the organization suffered a massive breach that resulted in the exposure of the customers’ information. Which of the following provides the BEST guidance for protecting such information while it is at rest and in transit? A.NIST B.GDPR C.PCI DSS D.ISO
An organization recently started processing, transmitting, and storing its customers’ credit card information. Within a week of doing so, the organization suffered a massive breach that resulted in the exposure of the customers’ information
View answer
Correct Answer: B
Question #15
A company is in the process of refreshing its entire infrastructure The company has a business-critical process running on an old 2008 Windows server If this server fails, the company would lose millions of dollars in revenue. Which of the following actions should the company should take? Calculating the Annual Loss Expectancy (ALE) and conducting a cost-benefit analysis is a critical part of risk management. The ALE will help the company understand the potential losses associated with the server failure pe
A. ccept the risk as the cost of doing business
B. reate an organizational risk register for project prioritization
C. alculate the ALE and conduct a cost-benefit analysis
D. urchase insurance to offset the cost if a failure occurred
View answer
Correct Answer: C
Question #16
Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity? A. Key sharing
B. Key distribution C
View answer
Correct Answer: A
Question #17
A company’s SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign. Which of the following should the company use to make this determination?
A. Threat hunting
B. A system penetration test C
View answer
Correct Answer: A
Question #18
A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were transferred via TLSprotected HTTP sessions from systems that do not send traffic to those sites. The technician will define this threat as:
A. a decrypting RSA using obsolete and weakened encryption attack
View answer
Correct Answer: A
Question #19
A company is moving most of its customer-facing production systems to the cloud-facing production systems to the cloud. IaaS is the service model being used. The Chief Executive Officer is concerned about the type of encryption available and requires the solution must have the highest level of security. Which of the following encryption methods should the cloud security engineer select during the implementation phase?
A. Instance-based
B. Storage-based C
View answer
Correct Answer: A
Question #20
A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks. Which of the following sources could the architect consult to address this security concern? A.SDLC B.OVAL C.IEEE D.OWASP
A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks
View answer
Correct Answer: A
Question #21
A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back- end server. Due to this configuration, the company is concerned about HTTPS interception attacks. Which of the following would be the BEST solution against this type of attack?
A. Cookies
B. Wildcard certificates C
View answer
Correct Answer: A
Question #22
A shipping company that is trying to eliminate entire classes of threats is developing an SELinux policy to ensure its custom Android devices are used exclusively for package tracking. After compiling and implementing the policy, in which of the following modes must the company ensure the devices are configured to run? A.Protecting B.Permissive C.Enforcing D.Mandatory
A shipping company that is trying to eliminate entire classes of threats is developing an SELinux policy to ensure its custom Android devices are used exclusively for package tracking. After compiling and implementing the policy, in which of the following modes must the company ensure the devices are configured to run? A
View answer
Correct Answer: C
Question #23
A company has decided to purchase a license for software that is used to operate a mission-critical process. The third-party developer is new to the industry but is delivering what the company needs at this time. Which of the following BEST describes the reason why utilizing a source code escrow will reduce the operational risk to the company if the third party stops supporting the application?
A. The company will have access to the latest version to continue development
B. The company will be able to force the third-party developer to continue support
View answer
Correct Answer: B
Question #24
A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident. Which of the following would be BEST to proceed with the transformation?
A. An on-premises solution as a backup
B. A load balancer with a round-robin configuration C
View answer
Correct Answer: D
Question #25
An e-commerce company is running a web server on premises, and the resource utilization is usually less than 30%. During the last two holiday seasons, the server experienced performance issues because of too many connections, and several customers were not able to finalize purchase orders. The company is looking to change the server configuration to avoid this kind of performance issue. Which of the following is the MOST cost-effective solution?
A. Move the server to a cloud provider
View answer
Correct Answer: A
Question #26
In preparation for the holiday season, a company redesigned the system that manages retail sales and moved it to a cloud service provider. The new infrastructure did not meet the company’s availability requirements. During a postmortem analysis, the following issues were highlighted: 1. International users reported latency when images on the web page were initially loading. 2. During times of report processing, users reported issues with inventory when attempting to place orders.3. Despite the fact that ten
A. Serve static content via distributed CDNs, create a read replica of the central database and pull reports from there, and auto-scale API servers based on performance
B. Increase the bandwidth for the server that delivers images, use a CDN, change the database to a non-relational database, and split the ten API servers across two load balancers
View answer
Correct Answer: D
Question #27
A threat hunting team receives a report about possible APT activity in the network. Which of the following threat management frameworks should the team implement? A.NIST SP 800-53 B.MITRE ATT&CK C.The Cyber Kill Chain D.The Diamond Model of Intrusion Analysis
A threat hunting team receives a report about possible APT activity in the network. Which of the following threat management frameworks should the team implement? A
View answer
Correct Answer: A
Question #28
During a system penetration test, a security engineer successfully gained access to a shell on a Linux host as a standard user and wants to elevate the privilege levels. Which of the following is a valid Linux post-exploitation method to use to accomplish this goal?
A. Spawn a shell using sudo and an escape string such as sudo vim -c ‘!sh’
B. Perform ASIC password cracking on the host
E. Use the UNION operator to extract the database schema
View answer
Correct Answer: C
Question #29
An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access. Which of the following describes the administrator’s discovery?
A. A vulnerability
B. A threat C
View answer
Correct Answer: C
Question #30
A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server. To further investigate, the analyst pulls the event logs directly from /var/log/ auth.log: graphic.ssh_auth_log. Which of the following actions would BEST address the potential risks by the activity in the logs?
A. Alerting the misconfigured service account password
B. Modifying the AllowUsers configuration directive C
View answer
Correct Answer: C
Question #31
A vulnerability analyst identified a zero-day vulnerability in a company’s internally developed software. Since the current vulnerability management system does not have any checks for this vulnerability, an engineer has been asked to create one. Which of the following would be BEST suited to meet these requirements? A.ARF B.ISACs C.Node.js D.OVAL
A vulnerability analyst identified a zero-day vulnerability in a company’s internally developed software. Since the current vulnerability management system does not have any checks for this vulnerability, an engineer has been asked to create one
View answer
Correct Answer: C
Question #32
A company processes data subject to NDAs with partners that define the processing and storage constraints for the covered data. The agreements currently do not permit moving the covered data to the cloud, and the company would like to renegotiate the terms of the agreements. Which of the following would MOST likely help the company gain consensus to move the data to the cloud?
A. Designing data protection schemes to mitigate the risk of loss due to multitenancy
B. Implementing redundant stores and services across diverse CSPs for high availability C
View answer
Correct Answer: A
Question #33
A security engineer estimates the company’s popular web application experiences 100 attempted breaches per day. In the past four years, the company’s data has been breached two times. Which of the following should the engineer report as the ARO for successful breaches? A.0.5 B.8 C.50 D.36,500
View answer
Correct Answer: C
Question #34
A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process memory location. Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?
A. Execute never
B. No-execute C
View answer
Correct Answer: D
Question #35
An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key. Which of the following would BEST secure the REST API connection to the database while preventing the use of a hardcoded string in the request string? A.Implement a VPN for all APIs. B.Sign the key with DSA. C.Deploy MFA for the service accounts. D.Utilize HMAC for the keys.
An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key
View answer
Correct Answer: D

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.