CompTIA CAS-004 Online Practice
Questions and Exam Preparation
CAS-004 Exam Details
Exam Code
:CAS-004
Exam Name
:CompTIA Advanced Security Practitioner (CASP+)
Certification
:CompTIA Certifications
Vendor
:CompTIA
Total Questions
:792 Q&As
Last Updated
:Jul 09, 2026
CompTIA CAS-004 Online Questions &
Answers
Question 91:
An employee decides to log into an authorized system The system does not prompt the employee for authentication prior to granting access to the console, and it cannot authenticate the network resources. Which of the following attack types can this lead to if it is not mitigated?
A. Memory leak B. Race condition C. Smurf D. Deadlock
In a cloud environment, the provider offers relief to an organization's teams by sharing in many of the operational duties. In a shared responsibility model, which of the following responsibilities belongs to the provider in a PaaS implementation?
A. Application-specific data assets B. Application user access management C. Application-specific logic and code D. Application/platform software
D. Application/platform software
Explanation
Question 93:
A security engineer is investigating a phishing campaign in which employees are directed to an unauthorized application store with instructions for installing malicious applications targeted at smartphones. The security engineer wants to implement a solution that would help reduce the risk even if the user does click on the malicious link.
Which of the following would best reduce the risk?
A. Implement controls in the mobile device management solution to prevent side loading. B. Set up a profile and proxy that will prevent employees from accessing malicious websites. C. Provide security awareness training to all users with directed scenarios about the dangers of side loading. D. Configure containerization on the device to separate corporate information from being accessed by side# loaded applications. E. Utilize token#based access for mobile devices to authenticate to company assets. F. Leverage a patch repository to be used for mobile devices and applications.
A. Implement controls in the mobile device management solution to prevent side loading.
Explanation
A robust Mobile Device Management (MDM) solution must include application whitelisting and installation controls to prevent unauthorized or side-loaded applications. By blocking the side-loading of apps at the OS level, the organization ensures that even if a user attempts to install a malicious package from an untrusted store, the device will reject it. This control is more effective than user training alone or network-based filtering because it enforces policy directly on the endpoint and operates independently of user behavior or connectivity."
CompTIA CASP+ Official Study Guide, Third Edition, p. 346. Additionally, the CompTIA CASP+ CAS-004 Exam Objectives state: Implement endpoint/mobile security solutions, including MDM controls such as application whitelisting and side-loading prevention (Objective 4.2) (CompTIA CASP+ Exam Objectives, v7.1, p. 8).
The risk of malicious mobile apps is mitigated even if users are successfully phished into clicking harmful links. By enforcing a policy at the device level that outright prevents installations from unauthorized sources, the control reduces exposure to malicious applications.
References:
CompTIA CASP+ Official Study Guide, Third Edition, p. 346
CompTIA CASP+ CAS-004 Exam Objectives, v7.1, p. 8
Question 94:
A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away.
Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?
A. Scan the code with a static code analyzer, change privileged user passwords, and provide security training. B. Change privileged usernames, review the OS logs, and deploy hardware tokens. C. Implement MFA, review the application logs, and deploy a WAF. D. Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.
C. Implement MFA, review the application logs, and deploy a WAF.
Explanation
https://www.microfocus.com/en-us/what-is/sast
Question 95:
PKI can be used to support security requirements in the change management process. Which of the following capabilities does PKI provide for messages?
A. Non-repudiation B. Confidentiality C. Delivery receipts D. Attestation
A. Non-repudiation
Explanation
Non-repudiation ensures that a sender cannot deny having sent a message, achieved through digital signatures provided by PKI. This aligns with CASP+ objective 3.2, emphasizing cryptographic assurance in communication.
Question 96:
The OS on several servers crashed around the same time for an unknown reason. The servers were restored to working conditions, and all file integrity was verified
Which of the following should the incident response team perform to understand the crash and prevent it in the future?
A. Root cause analysis B. Continuity of operations plan C. After-action report D. Lessons learned
A. Root cause analysis
Explanation
Question 97:
A company processes data subject to NDAs with partners that define the processing and storage constraints for the covered data. The agreements currently do not permit moving the covered data to the cloud, and the company would like to renegotiate the terms of the agreements.
Which of the following would MOST likely help the company gain consensus to move the data to the cloud?
A. Designing data protection schemes to mitigate the risk of loss due to multitenancy B. Implementing redundant stores and services across diverse CSPs for high availability C. Emulating OS and hardware architectures to blur operations from CSP view D. Purchasing managed FIM services to alert on detected modifications to covered data
A. Designing data protection schemes to mitigate the risk of loss due to multitenancy
Explanation
Question 98:
An organization recently completed a security controls assessment. The results highlighted the following vulnerabilities:
1.Out-of-date definitions
2.Misconfigured operating systems
3.An inability to detect active attacks
4.Unimpeded access to critical servers' USB ports
Which of the following will most likely reduce the risks that were identified by the assessment team?
A. Install EDR on endpoints, configure group policy, lock server room doors, and install a camera system with guards watching 24/7. B. Create an information security program that addresses user training, perform weekly audits of user workstations, and utilize a centralized configuration management program. C. Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly. D. Implement a vulnerability management program and a SIEM tool with alerting, install a badge system with zones, and restrict privileged access.
C. Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly.
Explanation
Question 99:
A security engineer is re-architecting a network environment that provides regional electric distribution services. During a pretransition baseline assessment, the engineer identified the following security-relevant characteristics of the environment:
1.Enterprise IT servers and supervisory industrial systems share the same subnet.
2.Supervisory controllers use the 750MHz band to direct a portion of fielded PLCs.
3.Command and telemetry messages from industrial control systems are unencrypted and unauthenticated.
Which of the following re-architecture approaches would be best to reduce the company's risk?
A. Implement a one-way guard between enterprise IT services and mission-critical systems, obfuscate legitimate RF signals by broadcasting noise, and implement modern protocols to authenticate ICS messages. B. Characterize safety-critical versus non-safety-critical systems, isolate safety-critical systems from other systems, and increase the directionality of RF links in the field. C. Create a new network segment for enterprise IT servers, configure NGFW to enforce a well-defined segmentation policy, and implement a WIDS to monitor the spectrum. D. Segment supervisory controllers from field PLCs, disconnect the entire network from the internet, and use only the 750MHz link for controlling energy distribution services.
C. Create a new network segment for enterprise IT servers, configure NGFW to enforce a well-defined segmentation policy, and implement a WIDS to monitor the spectrum.
Explanation
The best approach to reduce the company's risk is to segregate the enterprise IT servers and supervisory industrial systems. Creating a new network segment and using a Next- Generation Firewall (NGFW) to enforce a strict segmentation policy will help to isolate the systems and protect against potential attacks. Additionally, implementing a Wireless Intrusion Detection System (WIDS) can help monitor the spectrum for unauthorized devices or interference.
Question 100:
Ann. a user, brings her laptop to an analyst after noticing it has been operating very slowly. The security analyst examines the laptop and obtains the following output:
Which of the following will the analyst most likely use NEXT?
A. Process explorer B. Vulnerability scanner C. Antivirus D. Network enumerator
A. Process explorer
Explanation
Process explorer: This tool provides detailed information about running processes, including CPU and memory usage, network activity, and associated files. It would allow the analyst to identify the application or service using PID 3522 and assess whether it's consuming excessive resources or exhibiting suspicious behavior. This is the most direct way to investigate the cause of the slowness, given the network connections.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your CAS-004 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.