1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Online Practice Questions and Exam Preparation

CAS-004 Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :792 Q&As
  • Last Updated
    :May 28, 2026

CompTIA CAS-004 Online Questions & Answers

  • Question 571:

    An organization is working to secure its development process to ensure developers cannot deploy artifacts directly into the production environment. Which of the following security practice recommendations would be the best to accomplish this objective?

    A. Implement least privilege access to all systems.
    B. Roll out security awareness training for all users.
    C. Set up policies and systems with separation of duties.
    D. Enforce job rotations for all developers and administrators.
    E. Utilize mandatory vacations for all developers.
    F. Review all access to production systems on a quarterly basis.

  • Question 572:

    A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks.

    Which of the following sources could the architect consult to address this security concern?

    A. SDLC
    B. OVAL
    C. IEEE
    D. OWASP

  • Question 573:

    An organization developed an incident response plan. Which of the following would be BEST to assess the effectiveness of the plan?

    A. Requesting a third-party review
    B. Generating a checklist by organizational unit
    C. Establishing role succession and call lists
    D. Creating a playbook
    E. Performing a tabletop exercise

  • Question 574:

    A security engineer needs to implement a CASB to secure employee user web traffic. A key requirement is that the relevant event data must be collected from existing on-premises infrastructure components and consumed by the CASB to

    expand traffic visibility. The solution must be highly resilient to network outages.

    Which of the following architectural components would BEST meet these requirements?

    A. Log collection
    B. Reverse proxy
    C. AWAF
    D. API mode

  • Question 575:

    A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server. To further investigate, the analyst pulls the event logs directly from /var/log/auth.log: graphic.ssh_auth_log. Which of the following actions would BEST address the potential risks by the activity in the logs?

    A. Alerting the misconfigured service account password
    B. Modifying the AllowUsers configuration directive
    C. Restricting external port 22 access
    D. Implementing host-key preferences

  • Question 576:

    SIMULATION

    As a security administrator, you are asked to harden a server running Red Hat Enterprise Server 5.5 64-bit.

    This server is being used as a DNS and time server. It is not used as a database, web server, or print server. There are no wireless connections to the server, and it does not need to print.

    The command window will be provided along with root access. You are connected via a secure shell with root access.

    You may query help for a list of commands.

    Instructions:

    You need to disable and turn off unrelated services and processes.

    It is possible to simulate a crash of your server session. The simulation can be reset, but the server cannot be rebooted.

    If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

    A. See the explanation below.
    B. PlaceHoder
    C. PlaceHoder
    D. PlaceHoder

  • Question 577:

    A software development company wants to ensure that users can confirm the software is legitimate when installing it. Which of the following is the best way for the company to achieve this security objective?

    A. Code signing
    B. Non-repudiation
    C. Key escrow
    D. Private keys

  • Question 578:

    A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:

    1.Unauthorized insertions into application development environments

    2.Authorized insiders making unauthorized changes to environment configurations

    Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)

    A. Perform static code analysis of committed code and generate summary reports.
    B. Implement an XML gateway and monitor for policy violations.
    C. Monitor dependency management tools and report on susceptible third-party libraries.
    D. Install an IDS on the development subnet and passively monitor for vulnerable services.
    E. Model user behavior and monitor for deviations from normal.
    F. Continuously monitor code commits to repositories and generate summary logs.

  • Question 579:

    A company has integrated source code from a subcontractor into its security product. The subcontractor is located in an adversarial country and has informed the company of a requirement to escrow the source code with the subcontractor's government.

    Which of the following is a potential security risk arising from this situation?

    A. Development of zero-day exploits based on the source code
    B. Legal action to force disclosure of the source code
    C. Sale of source code to competitors during a buyout
    D. Publication of the source code on the internet

  • Question 580:

    In order to authenticate employees who, call in remotely, a company's help desk staff must be able to view partial information about employees because the full information may be considered sensitive. Which of the following solutions should be implemented to authenticate employees?

    A. Data scrubbing
    B. Field masking
    C. Encryption in transit
    D. Metadata

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.