1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Online Practice Questions and Exam Preparation

CAS-004 Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :792 Q&As
  • Last Updated
    :May 28, 2026

CompTIA CAS-004 Online Questions & Answers

  • Question 161:

    A developer wants to develop a secure external-facing web application. The developer is looking for an online community that produces tools, methodologies, articles, and documentation in the field of web-application security

    Which of the following is the BEST option?

    A. ICANN
    B. PCI DSS
    C. OWASP
    D. CSA
    E. NIST

  • Question 162:

    A security officer at an organization that makes and sells digital artwork must ensure the integrity of the artwork can be maintained. Which of the following are the best ways for the security officer to accomplish this task? (Choose two.)

    A. Hashing
    B. ECC
    C. IPSec
    D. Tokenization
    E. Watermarking
    F. Print blocking

  • Question 163:

    An organization recently started processing, transmitting, and storing its customers' credit card information. Within a week of doing so, the organization suffered a massive breach that resulted in the exposure of the customers' information. Which of the following provides the BEST guidance for protecting such information while it is at rest and in transit?

    A. NIST
    B. GDPR
    C. PCI DSS
    D. ISO

  • Question 164:

    Technicians have determined that the current server hardware is outdated, so they have decided to throw it out. Prior to disposal, which of the following is the BEST method to use to ensure no data remnants can be recovered?

    A. Drive wiping
    B. Degaussing
    C. Purging
    D. Physical destruction

  • Question 165:

    An organization performed a risk assessment and discovered that less than 50% of its employees have been completing security awareness training.

    Which of the following should the Chief Information Security Officer highlight as an area of Increased vulnerability in a report to the management team?

    A. Social engineering
    B. Third-party compromise
    C. APT targeting
    D. Pivoting

  • Question 166:

    A company recently migrated all its workloads to the cloud and implemented a transit VPC with a managed firewall. The cloud infrastructure implements a 10.0.0.0/16 network, and the firewall implements the following ACLs:

    The Chief Information Security Officer wants to monitor relevant traffic for signs of data exfiltration. Which of the following should the organization place in its monitoring tool to BEST detect data exfiltration while reducing log size and the time to search logs?

    A. FROM UDP 10.0.0.0/16 ANY TO 0.0.0.0/0 ANY
    B. FROM TCP 10.0.0.0/16 80,443 TO 0.0.0.0/0 ANY
    C. FROM TCP 0.0.0.0/0 ANY TO 10.0.0.0/16 80,443,22
    D. FROM IP 10.0.0.0/16 ANY TO 0.0.0.0/0 ANY
    E. FROM IP 0.0.0.0/0 ANY TO TCP 0.0.0.0/0 ANY
    F. FROM UDP 0.0.0.0/0 ANY TO 0.0.0.0/0 ANY

  • Question 167:

    A company hired a third-party consultant to run a cybersecurity incident simu-lation in order to identify security gaps and prepare stakeholders for a potential incident.

    Which of the following best describes this activity?

    A. Tabletop exercise
    B. Walk-through review
    C. Lessons learned
    D. Business impact analysis

  • Question 168:

    An engineering team has deployed a new VPN service that requires client certificates to be used in order to successfully connect. On iOS devices, however, the following error occurs after importing the .p12 certificate file:

    mbedTLS: ca certificate is undefined

    Which of the following is the root cause of this issue?

    A. iOS devices have an empty root certificate chain by default.
    B. OpenSSL is not configured to support PKCS#12 certificate files.
    C. The VPN client configuration is missing the CA private key.
    D. The iOS keychain imported only the client public and private keys.

  • Question 169:

    A hospitality company experienced a data breach that included customer PII. The hacker used social engineering to convince an employee to grant a third-party application access to some company documents within a cloud file storage service Which of the following is the BEST solution to help prevent this type of attack in the future?

    A. NGFW for web traffic inspection and activity monitoring
    B. CSPM for application configuration control
    C. Targeted employee training and awareness exercises
    D. CASB for OAuth application permission control

  • Question 170:

    A compliance officer is responsible for selecting the right governance framework to protect individuals' data. Which of the following is the appropriate framework for the company to consult when collecting international user data for the purpose of processing credit cards?

    A. ISO 27001
    B. COPPA
    C. NIST 800-53
    D. PCI DSS

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.