CAS-004 Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :792 Q&As
  • Last Updated
    :Jul 09, 2026

CompTIA CAS-004 Online Questions & Answers

  • Question 1:

    Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote

    site. The Telco router interface uses the 192.10.5.0/30 IP range.

    Instructions: Click on the simulation button to refer to the Network Diagram for Company A.

    Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.

    Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.

    Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.

  • Question 2:

    A small bank is evaluating different methods to address and resolve the following requirements

    1.Must be able to store credit card data using the smallest amount of data possible

    2.Must be compliant with PCI DSS

    3.Must maintain confidentiality if one piece of the layer is compromised Which of the following is the best solution for the bank?

    A. Scrubbing
    B. Tokenization
    C. Masking
    D. Homomorphic encryption

  • Question 3:

    A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information. Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

    A. Hybrid IaaS solution in a single-tenancy cloud
    B. Pass solution in a multinency cloud
    C. SaaS solution in a community cloud
    D. Private SaaS solution in a single tenancy cloud.

  • Question 4:

    An organization has deployed a cloud-based application that provides virtual event services globally to clients. During a typical event, thousands of users access various entry pages within a short period of time. The entry pages include sponsor-related content that is relatively static and is pulled from a database. When the first major event occurs, users report poor response time on the entry pages. Which of the following features is the most appropriate for the company to implement?

    A. Horizontal scalability
    B. Vertical scalability
    C. Containerization
    D. Static code analysis
    E. Caching

  • Question 5:

    A large organization is planning to migrate from on premises to the cloud. The Chief Information Security Officer (CISO) is concerned about security responsibilities. If the company decides to migrate to the cloud, which of the following describes who is responsible for the security of the new physical datacenter?

    A. Third-party assessor
    B. CSP
    C. Organization
    D. Shared responsibility

  • Question 6:

    A web service provider has just taken on a very large contract that comes with requirements that are currently not being implemented. In order to meet contractual requirements, the company must achieve the following thresholds:

    1.99.99% uptime

    2.Load time in 3 seconds

    3.Response time = <1.0 seconds

    Starting with the computing environment, which of the following should a security engineer recommend to BEST meet the requirements? (Choose three.)

    A. Installing a firewall at corporate headquarters
    B. Deploying a content delivery network
    C. Implementing server clusters
    D. Employing bare-metal loading of applications
    E. Lowering storage input/output
    F. Implementing RAID on the backup servers
    G. Utilizing redundant power for all developer workstations
    H. Ensuring technological diversity on critical servers

  • Question 7:

    The IT team suggests the company would save money by using self-signed certificates, but the security team indicates the company must use digitally signed third-party certificates. Which of the following is a valid reason to pursue the security team's recommendation?

    A. PKCS #10 is still preferred over PKCS #12.
    B. Private-key CSR signage prevents on-path interception.
    C. There is more control in using a local certificate over a third-party certificate.
    D. There is minimal benefit in using a certificate revocation list.

  • Question 8:

    A company purchased Burp Suite licenses this year for each application security engineer. The engineers have used Burp Suite to identify several issues with the company's SaaS application. In the upcoming year, the Chief Information Security Officer would like to purchase additional tools to protect the SaaS product. Which of the following is the best option?

    A. DAST
    B. SAST
    C. IAST
    D. ZAP

  • Question 9:

    A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field and leaves the institution vulnerable.

    Which of the following should the security team recommend FIRST?

    A. Investigating a potential threat identified in logs related to the identity management system
    B. Updating the identity management system to use discretionary access control
    C. Beginning research on two-factor authentication to later introduce into the identity management system
    D. Working with procurement and creating a requirements document to select a new IAM system/vendor

  • Question 10:

    A security administrator is assessing the risk associated with using a software tool built by a small start-up company to provide product pricing updates.

    Which of the following risks would most likely be a factor?

    A. Privacy concerns
    B. Vendor viability
    C. Regulatory compliance
    D. Geographic location

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.