DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Pass Your CompTIA CAS-004 Exam with Practice Tests 2024 Updated, CompTIA CASP+ Certification | SPOTO

Get ready to pass your CompTIA CASP+ certification exam with our updated practice tests for 2024. Our comprehensive resources include exam questions and answers meticulously crafted to cover all aspects of the CAS-004 exam. Dive into our exam dumps for detailed insights into key concepts and topics such as risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security. Access our free test samples to assess your knowledge and readiness. Practice with our mock exams and online exam questions to simulate real testing conditions and boost your confidence. With SPOTO, you'll have access to top-quality exam materials and expert guidance to help you succeed in your CASP+ certification journey.
Take other online exams

Question #1
Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility. Which of the following would be the BEST option to implement?
A. Distributed connection allocation
B. Local caching C
View answer
Correct Answer: C
Question #2
A company's SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign. Which of the following should the company use to make this determination?
A. Threat hunting
B. A system penetration test C
View answer
Correct Answer: A
Question #3
An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access. Which of the following describes the administrator's discovery?
A. A vulnerability
B. A threat C
View answer
Correct Answer: A
Question #4
A security architect works for a manufacturing organization that has many different branch offices. The architect is looking for a way to reduce traffic and ensure the branch offices receive the latest copy of revoked certificates issued by the CA at the organization's headquarters location. The solution must also have the lowest power requirement on the CA. Which of the following is the BEST solution?
A. Deploy an RA on each branch office
B. Use Delta CRLs at the branches
View answer
Correct Answer: C
Question #5
A security analyst notices a number of SIEM events that show the following activity: Which of the following response actions should the analyst take FIRST?
A. Disable powershell
B. Restart Microsoft Windows Defender
View answer
Correct Answer: C
Question #6
An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports. Which of the following historian server locations will allow the business to get the required reports in an ?? and IT environment?
A. In the ?? environment, use a VPN from the IT environment into the ?? environment
B. In the ?? environment, allow IT traffic into the ?? environment
View answer
Correct Answer: C
Question #7
A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage. Which of the following is a security concern that will MOST likely need to be addressed during migration?
A. Latency
B. Data exposure C
View answer
Correct Answer: B
Question #8
A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away. Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?
A. Scan the code with a static code analyzer, change privileged user passwords, and provide security training
B. Change privileged usernames, review the OS logs, and deploy hardware tokens
View answer
Correct Answer: C
Question #9
A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote location. The main requirements are the following: 1. The network supports core applications that have 99.99% uptime. 2. Configuration updates to the SD-WAN routers
A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications
View answer
Correct Answer: C
Question #10
A security analyst discovered that the company's WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests: Which of the following would BEST mitigate this vulnerability?
A. CAPTCHA
B. Input validation C
View answer
Correct Answer: B
Question #11
A company hired a third party to develop software as part of its strategy to be quicker to market. The company's policy outlines the following requirements: The credentials used to publish production software to the container registry should be stored in a secure location. Access should be restricted to the pipeline service account, without the ability for the third-party developer to read the credentials directly. Which of the following would be the BEST recommendation for storing and monitoring access to
B. Local secure password file C
View answer
Correct Answer: D
Question #12
An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following: Unstructured data being exfiltrated after an employee leaves the organization Data being exfiltrated as a result of compromised credentials Sensitive information in emails being exfiltrated Which of the following solutions should
A. Mobile device management, remote wipe, and data loss detection
B. Conditional access, DoH, and full disk encryption C
View answer
Correct Answer: A
Question #13
During a system penetration test, a security engineer successfully gained access to a shell on a Linux host as a standard user and wants to elevate the privilege levels. Which of the following is a valid Linux post-exploitation method to use to accomplish this goal?
A. Spawn a shell using sudo and an escape string such as sudo vim -c '!sh'
B. Perform ASIC password cracking on the host
E. Use the UNION operator to extract the database schema
View answer
Correct Answer: A
Question #14
A small business requires a low-cost approach to theft detection for the audio recordings it produces and sells. Which of the following techniques will MOST likely meet the business's needs?
A. Performing deep-packet inspection of all digital audio files
B. Adding identifying filesystem metadata to the digital audio files C
View answer
Correct Answer: D
Question #15
A security engineer needs to recommend a solution that will meet the following requirements: Identify sensitive data in the provider's network Maintain compliance with company and regulatory guidelines Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements? A.WAF B.CASB C.SWG D.DLP
A security engineer needs to recommend a solution that will meet the following requirements: Identify sensitive data in the provider's network Maintain compliance with company and regulatory guidelines Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements? A. AF B
View answer
Correct Answer: B
Question #16
A systems administrator is in the process of hardening the host systems before connecting to the network. The administrator wants to add protection to the boot loader to ensure the hosts are secure before the OS fully boots. Which of the following would provide the BEST boot loader protection? A.TPM B.HSM C.PKI D.UEFI/BIOS
A systems administrator is in the process of hardening the host systems before connecting to the network. The administrator wants to add protection to the boot loader to ensure the hosts are secure before the OS fully boots
View answer
Correct Answer: D
Question #17
Device event logs sources from MDM software as follows: Which of the following security concerns and response actions would BEST address the risks posed by the device in the logs?
A. Malicious installation of an application; change the MDM configuration to remove application ID 1220
B. Resource leak; recover the device for analysis and clean up the local storage
View answer
Correct Answer: A
Question #18
A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization. Which of the following should be the analyst's FIRST action?
A. Create a full inventory of information and data assets
B. Ascertain the impact of an attack on the availability of crucial resources
View answer
Correct Answer: A
Question #19
Clients are reporting slowness when attempting to access a series of load-balanced APIs that do not require authentication. The servers that host the APIs are showing heavy CPU utilization. No alerts are found on the WAFs sitting in front of the APIs. Which of the following should a security engineer recommend to BEST remedy the performance issues in a timely manner?
A. Implement rate limiting on the API
B. Implement geoblocking on the WAF
View answer
Correct Answer: A
Question #20
A business stores personal client data of individuals residing in the EU in order to process requests for mortgage loan approvals. Which of the following does the business's IT manager need to consider?
A. The availability of personal data
B. The right to personal data erasure C
View answer
Correct Answer: B
Question #21
A customer reports being unable to connect to a website at www.test.com to consume services. The customer notices the web application has the following published cipher suite: Which of the following is the MOST likely cause of the customer's inability to connect?
A. Weak ciphers are being used
B. The public key should be using ECDSA
View answer
Correct Answer: A
Question #22
A security engineer needs to implement a solution to increase the security posture of user endpoints by providing more visibility and control over local administrator accounts. The endpoint security team is overwhelmed with alerts and wants a solution that has minimal operational burdens. Additionally, the solution must maintain a positive user experience after implementation. Which of the following is the BEST solution to meet these objectives?
A. Implement Privileged Access Management (PAM), keep users in the local administrators group, and enable local administrator account monitoring
B. Implement PAM, remove users from the local administrators group, and prompt users for explicit approval when elevated privileges are required
View answer
Correct Answer: B
Question #23
A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive. Based on the output above, from which of the following process IDs can the analyst begin an investigation?
A. 65
B. 77 C
View answer
Correct Answer: C
Question #24
A security engineer estimates the company's popular web application experiences 100 attempted breaches per day. In the past four years, the company's data has been breached two times. Which of the following should the engineer report as the ARO for successful breaches? A.0.5 B.8 C.50 D.36,500
View answer
Correct Answer: A
Question #25
A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the company is concerned about HTTPS interception attacks. Which of the following would be the BEST solution against this type of attack?
A. Cookies
B. Wildcard certificates C
View answer
Correct Answer: D
Question #26
A small business requires a low-cost approach to theft detection for the audio recordings it produces and sells. Which of the following techniques will MOST likely meet the business’s needs? A. Performing deep-packet inspection of all digital audio files
B. Adding identifying filesystem metadata to the digital audio files C
View answer
Correct Answer: B
Question #27
After a security incident, a network security engineer discovers that a portion of the company's sensitive external traffic has been redirected through a secondary ISP that is not normally used. Which of the following would BEST secure the routes while allowing the network to function in the event of a single provider failure?
A. Disable BGP and implement a single static route for each internal network
B. Implement a BGP route reflector
View answer
Correct Answer: C
Question #28
An organization's hunt team thinks a persistent threats exists and already has a foothold in the enterprise network. Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?
A. Deploy a SOAR tool
B. Modify user password history and length requirements
View answer
Correct Answer: C

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: