CAS-004 Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :792 Q&As
  • Last Updated
    :Jul 09, 2026

CompTIA CAS-004 Online Questions & Answers

  • Question 91:

    An employee decides to log into an authorized system The system does not prompt the employee for authentication prior to granting access to the console, and it cannot authenticate the network resources. Which of the following attack types can this lead to if it is not mitigated?

    A. Memory leak
    B. Race condition
    C. Smurf
    D. Deadlock

  • Question 92:

    In a cloud environment, the provider offers relief to an organization's teams by sharing in many of the operational duties. In a shared responsibility model, which of the following responsibilities belongs to the provider in a PaaS implementation?

    A. Application-specific data assets
    B. Application user access management
    C. Application-specific logic and code
    D. Application/platform software

  • Question 93:

    A security engineer is investigating a phishing campaign in which employees are directed to an unauthorized application store with instructions for installing malicious applications targeted at smartphones. The security engineer wants to implement a solution that would help reduce the risk even if the user does click on the malicious link.

    Which of the following would best reduce the risk?

    A. Implement controls in the mobile device management solution to prevent side loading.
    B. Set up a profile and proxy that will prevent employees from accessing malicious websites.
    C. Provide security awareness training to all users with directed scenarios about the dangers of side loading.
    D. Configure containerization on the device to separate corporate information from being accessed by side# loaded applications.
    E. Utilize token#based access for mobile devices to authenticate to company assets.
    F. Leverage a patch repository to be used for mobile devices and applications.

  • Question 94:

    A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away.

    Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

    A. Scan the code with a static code analyzer, change privileged user passwords, and provide security training.
    B. Change privileged usernames, review the OS logs, and deploy hardware tokens.
    C. Implement MFA, review the application logs, and deploy a WAF.
    D. Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.

  • Question 95:

    PKI can be used to support security requirements in the change management process. Which of the following capabilities does PKI provide for messages?

    A. Non-repudiation
    B. Confidentiality
    C. Delivery receipts
    D. Attestation

  • Question 96:

    The OS on several servers crashed around the same time for an unknown reason. The servers were restored to working conditions, and all file integrity was verified

    Which of the following should the incident response team perform to understand the crash and prevent it in the future?

    A. Root cause analysis
    B. Continuity of operations plan
    C. After-action report
    D. Lessons learned

  • Question 97:

    A company processes data subject to NDAs with partners that define the processing and storage constraints for the covered data. The agreements currently do not permit moving the covered data to the cloud, and the company would like to renegotiate the terms of the agreements.

    Which of the following would MOST likely help the company gain consensus to move the data to the cloud?

    A. Designing data protection schemes to mitigate the risk of loss due to multitenancy
    B. Implementing redundant stores and services across diverse CSPs for high availability
    C. Emulating OS and hardware architectures to blur operations from CSP view
    D. Purchasing managed FIM services to alert on detected modifications to covered data

  • Question 98:

    An organization recently completed a security controls assessment. The results highlighted the following vulnerabilities:

    1.Out-of-date definitions

    2.Misconfigured operating systems

    3.An inability to detect active attacks

    4.Unimpeded access to critical servers' USB ports

    Which of the following will most likely reduce the risks that were identified by the assessment team?

    A. Install EDR on endpoints, configure group policy, lock server room doors, and install a camera system with guards watching 24/7.
    B. Create an information security program that addresses user training, perform weekly audits of user workstations, and utilize a centralized configuration management program.
    C. Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly.
    D. Implement a vulnerability management program and a SIEM tool with alerting, install a badge system with zones, and restrict privileged access.

  • Question 99:

    A security engineer is re-architecting a network environment that provides regional electric distribution services. During a pretransition baseline assessment, the engineer identified the following security-relevant characteristics of the environment:

    1.Enterprise IT servers and supervisory industrial systems share the same subnet.

    2.Supervisory controllers use the 750MHz band to direct a portion of fielded PLCs.

    3.Command and telemetry messages from industrial control systems are unencrypted and unauthenticated.

    Which of the following re-architecture approaches would be best to reduce the company's risk?

    A. Implement a one-way guard between enterprise IT services and mission-critical systems, obfuscate legitimate RF signals by broadcasting noise, and implement modern protocols to authenticate ICS messages.
    B. Characterize safety-critical versus non-safety-critical systems, isolate safety-critical systems from other systems, and increase the directionality of RF links in the field.
    C. Create a new network segment for enterprise IT servers, configure NGFW to enforce a well-defined segmentation policy, and implement a WIDS to monitor the spectrum.
    D. Segment supervisory controllers from field PLCs, disconnect the entire network from the internet, and use only the 750MHz link for controlling energy distribution services.

  • Question 100:

    Ann. a user, brings her laptop to an analyst after noticing it has been operating very slowly. The security analyst examines the laptop and obtains the following output:

    Which of the following will the analyst most likely use NEXT?

    A. Process explorer
    B. Vulnerability scanner
    C. Antivirus
    D. Network enumerator

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.