1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Online Practice Questions and Exam Preparation

CAS-004 Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :792 Q&As
  • Last Updated
    :May 28, 2026

CompTIA CAS-004 Online Questions & Answers

  • Question 271:

    A server in a manufacturing environment is running an end-of-life operating system. The vulnerability management team is recommending that the server be upgraded to a supported operating system, but the ICS software running on the server is not compatible with modem operating systems. Which of the following compensating controls should be implemented to BEST protect the server?

    A. Application allow list
    B. Antivirus
    C. HIPS
    D. Host-based firewall

  • Question 272:

    A company recently acquired a SaaS provider and needs to integrate its platform into the company's existing infrastructure without impact to the customer's experience. The SaaS provider does not have a mature security program A recent vulnerability scan of the SaaS provider's systems shows multiple critical vulnerabilities attributed to very old and outdated Oss.

    Which of the following solutions would prevent these vulnerabilities from being introduced into the company's existing infrastructure?

    A. Segment the systems to reduce the attack surface if an attack occurs
    B. Migrate the services to new systems with a supported and patched OS.
    C. Patch the systems to the latest versions of the existing OSs
    D. Install anti-malware. HIPS, and host-based firewalls on each of the systems

  • Question 273:

    Which of the following represents the MOST significant benefit of implementing a passwordless authentication solution?

    A. Biometric authenticators are immutable.
    B. The likelihood of account compromise is reduced.
    C. Zero trust is achieved.
    D. Privacy risks are minimized.

  • Question 274:

    A company's finance department acquired a new payment system that exports data to an unencrypted file on the system. The company implemented controls on the file so only appropriate personnel are allowed access. Which of the following risk techniques did the department use in this situation?

    A. Accept
    B. Avoid
    C. Transfer
    D. Mitigate

  • Question 275:

    A company wants to protect its intellectual property from theft. The company has already applied ACLs and DACs.

    Which of the following should the company use to prevent data theft?

    A. Watermarking
    B. DRM
    C. NDA
    D. Access logging

  • Question 276:

    A forensic expert working on a fraud investigation for a US-based company collected a few disk images as evidence. Which of the following offers an authoritative decision about whether the evidence was obtained legally?

    A. Lawyers
    B. Court
    C. Upper management team
    D. Police

  • Question 277:

    A Chief Information Security Officer (CISO) has launched an initiative to create a robust BCP/DR plan for the entire company. As part of the initiative, the secunty team must gather data supporting operational importance for the applications used by the business and determine the order in which the applications must be brought back online.

    Which of the following should be the FIRST step taken by the team?

    A. Perform a review of all policies and procedures related to BCP and DR and create an educational module that can be assigned to all employees to provide training on BCP/DR events.
    B. Create an SLA for each application that states when the application will come back online and distribute this information to the business units.
    C. Have each business unit conduct a BIA and categorize the applications according to the cumulative data gathered.
    D. Implement replication of all servers and application data to back up datacenters that are geographically dispersed from the central datacenter and release an updated BPA to all clients.

  • Question 278:

    Two companies that recently merged would like to unify application access between the companies, without initially merging internal authentication stores. Which of the following technical strategies would best meet this objective?

    A. Federation
    B. RADIUS
    C. TACACS+
    D. MFA
    E. ABAC

  • Question 279:

    An organization's hunt team thinks a persistent threats exists and already has a foothold in the enterprise network.

    Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?

    A. Deploy a SOAR tool.
    B. Modify user password history and length requirements.
    C. Apply new isolation and segmentation schemes.
    D. Implement decoy files on adjacent hosts.

  • Question 280:

    A software house is developing a new application. The application has the following requirements:

    1.Reduce the number of credential requests as much as possible

    2.Integrate with social networks

    3.Authenticate users

    Which of the following is the BEST federation method to use for the application?

    A. WS-Federation
    B. OpenID
    C. OAuth
    D. SAML

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.