1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Online Practice Questions and Exam Preparation

CAS-004 Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :792 Q&As
  • Last Updated
    :May 28, 2026

CompTIA CAS-004 Online Questions & Answers

  • Question 431:

    A SIEM generated an alert after a third-party database administrator, who had recently been granted temporary access to the repository, accessed business-sensitive content in the database. The SIEM had generated similar alerts before this incident.

    Which of the following best explains the cause of the alert?

    A. Database field tokenization
    B. Database decoy
    C. Database activity monitoring
    D. Database integrity enforcement

  • Question 432:

    An organization is establishing a new software assurance program to vet applications before they are introduced into the production environment, Unfortunately. many Of the applications are provided only as compiled binaries. Which Of the following should the organization use to analyze these applications? (Select TWO).

    A. Regression testing
    B. SAST
    C. Third-party dependency management
    D. IDE SAST
    E. Fuzz testing
    F. IAST

  • Question 433:

    DRAG DROP

    A vulnerability scan with the latest definitions was performed across Sites A and B.

    INSTRUCTIONS

    Match each relevant finding to the affected host.

    After associating the finding with the appropriate host(s), click the host to select the appropriate corrective action for that finding.

    Each finding may be used more than once.

    If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

    Select and Place:

  • Question 434:

    A security analyst reviews network logs and notices a large number of domain name queries originating from an internal server for an unknown domain, similar to the following:

    1.2736287327321782.hgQ43jsi23-y.com

    2.0357320932922C91.hgQ43jsu23Ty.com

    3.4042301801399103.hgQ43jsu23Ly.com

    Which of the following should the analyst do next?

    A. Check for data exfiltration.
    B. Reconfigure the server's DNS settings.
    C. Browse for a website on the requested domain.
    D. Add the host names to a block list.

  • Question 435:

    A commercial OSINT provider utilizes and reviews data from various sources of publicly available information. The provider is transitioning the subscription service to a model that limit's the scope of available data based on subscription tier. Which of the following approaches would best ensure subscribers are only granted access to data associated with their tier? (Choose two.)

    A. Storing collected data on separate physical media per tier
    B. Controlling access to data based on the role of users
    C. Employing attribute-based access control
    D. Implementing a behavior-based IDS positioned at the storage network gateway
    E. Establishing a classification and labeling scheme
    F. Implementing a mandatory access control scheme

  • Question 436:

    Due to budget constraints, an organization created a policy that only permits vulnerabilities rated high and critical according to CVSS to be fixed or mitigated. A security analyst notices that many vulnerabilities that were previously scored as medium are now breaching higher thresholds. Upon further investigation, the analyst notices certain ratings are not aligned with the approved system categorization.

    Which of the following can the analyst do to get a better picture of the risk while adhering to the organization's policy?

    A. Align the exploitability metrics to the predetermined system categorization.
    B. Align the remediation levels to the predetermined system categorization.
    C. Align the impact subscore requirements to the predetermined system categorization.
    D. Align the attack vectors to the predetermined system categorization.

  • Question 437:

    A company recently deployed an agent-based DLP solution to all laptop in the environment. The DLP solution is configured to restrict the following:

    1.USB ports

    2.FTP connections

    3.Access to cloud-based storage sites

    4.Outgoing email attachments

    5.Saving data on the local C: drive

    6.Despite these restrictions, highly confidential data was from a secure fileshare in the research department.

    Which of the following should the security team implement FIRST?

    A. Application whitelisting for all company-owned devices
    B. A secure VDI environment for research department employees
    C. NIDS/NIPS on the network segment used by the research department
    D. Bluetooth restriction on all laptops

  • Question 438:

    A local university that has a global footprint is undertaking a complete overhaul of its website and associated systems Some of the requirements are:

    1.Handle an increase in customer demand of resources

    2.Provide quick and easy access to information

    3.Provide high-quality streaming media

    4.Create a user-friendly interface

    Which of the following actions should be taken FIRST?

    A. Deploy high-availability web servers.
    B. Enhance network access controls.
    C. Implement a content delivery network.
    D. Migrate to a virtualized environment.

  • Question 439:

    Which of the following should be established when configuring a mobile device to protect user internet privacy, to ensure the connection is encrypted, and to keep user activity hidden? (Choose two.)

    A. Proxy
    B. Tunneling
    C. VDI
    D. MDM
    E. RDP
    F. MAC address randomization

  • Question 440:

    A small company is implementing a new technology that promises greater performance but does not abide by accepted RFCs.

    Which of the following should the company do to ensure the risks associated with implementing the standard-violating technology are addressed?

    A. Document the technology's differences in a system security plan.
    B. Require the vendor to provide justification for the product's deviation.
    C. Increase the frequency of vulnerability scanning of all systems using the technology.
    D. Block the use of non-standard ports or protocols to and from the system.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.